:construction: Got reissuing of token into jwt strategy...needs to switched again?

backend/lib/auth/strategies/jwt.js

@@ -11,28 +11,54 @@ const hashToken = async token => {
     }
 }
 
+const createToken = (data, expiration = 600) => {
+    const key = process.env.APP_SECRET
+    const obj = {}
+
+    Object.assign(obj, { ...data })
+    return JWT.sign(obj, key, { expiresIn: expiration })
+}
+
+const validateToken = token => {
+    const key = process.env.APP_SECRET
+    try {
+        return JWT.verify(token, key)
+    } catch (err) {
+        return { payload: null, message: err.message }
+    }
+}
+
 module.exports = options => {
     return {
         key: options.jwtKey,
         verifyOptions: {
             algorithms: ['HS256'],
         },
-        //  TODO: Always check rawAccessToken, if it fails, we check the session, if
-        // session is valid, then we reissue it if session is NOT valid, DELETE
-        // the session (and kick user back to login)
-        // TODO: set up cron job to occassionaly clean up activeSessions
+        // TODO: Naming conventions need to be reversed again??
         validate: async (decoded, request, h) => {
             const accessTokenFromHeaders = request.headers.authorization
             const hashedAccessTokenFromHeaders = await hashToken(
                 accessTokenFromHeaders,
             )
-            const accessToken =
-                request.server.app.activeSessions[hashedAccessTokenFromHeaders]
-                    .accessToken
-            const sessionToken =
+            const activeSession =
                 request.server.app.activeSessions[hashedAccessTokenFromHeaders]
-                    .sessionToken
-            console.log('sessionToken from jwt strategy :=>', sessionToken)
+            if (!activeSession)
+                throw new Error(
+                    `No session found for ${hashedAccessTokenFromHeaders}`,
+                )
+
+            const accessToken = activeSession.accessToken
+            const sessionToken = activeSession.sessionToken
+            const validatedAccessToken = validateToken(accessToken)
+            const validatedSessionToken = validateToken(sessionToken)
+            if (!validatedSessionToken.payload) {
+                console.log('sessionToken no longer valid, reissuing... ')
+                activeSession.sessionToken = createToken(
+                    { payload: validatedAccessToken.payload },
+                    // NOTE: Expiration of new sessionToken set for 200 seconds (testing)
+                    100,
+                )
+            }
             try {
                 const validatedJwt = JWT.verify(
                     accessToken,
@@ -40,7 +66,6 @@ module.exports = options => {
                 )
                 return { isValid: true, credentials: validatedJwt.email }
             } catch (err) {
-                console.error('ERROR :=>', err)
                 return { isValid: false, error: err.message }
             }
         },

backend/lib/routes/profile/insert.js

@@ -19,19 +19,6 @@ const responseSchemas = {
     error: errorSchema.single,
 }
 
-const validators = {
-    /** Validate the header (cookie check) */
-    // headers: true,
-
-    /** Validate the route params (/active/{thing}) */
-    params: params.profileId,
-
-    /** Validate the route query (/active/{thing}?limit=10&offset=10) */
-    // query: true,
-    /** Validate the incoming payload (POST method) */
-    payload: responseSchemas.responses,
-}
-
 module.exports = {
     method: 'POST',
     path: '/{profile_id}/insert/{response_key_id?}',
@@ -76,7 +63,6 @@ module.exports = {
 
         /** Validate based on validators object */
         validate: {
-            ...validators,
             failAction: 'log',
         },
 

backend/lib/routes/user/getaccess.js

@@ -26,7 +26,8 @@ module.exports = {
         handler: async function (request, h) {
             const { userService } = request.server.services()
             const res = request.payload
-            const accessToken = await userService.createToken(res)
+            // NOTE: Access Token set for 5 minutes expiration (default)
+            const accessToken = await userService.createToken(res, 600)
             try {
                 const response = h.response({
                     ok: true,

backend/lib/services/user.js

@@ -247,44 +247,6 @@ module.exports = class UserService extends Schmervice.Service {
             return { payload: null, message: err.message }
         }
     }
-    /*
-     * Grabs the sessionToken and accessToken from the
-     * this.activeSessions object based off of provided hashedToken
-     * @params {UserSession}
-     * @returns {grabTokensFromActiveSession}
-     */
-    _grabTokensFromActiveSessions(userSession) {
-        const rawSessionToken = userSession.sessionToken
-        const accessToken = userSession.accessToken
-        return { rawSessionToken: rawSessionToken, accessToken: accessToken }
-    }
-    /**
-     * Helper function to validate both tokens grabbed from this.activeSessions
-     * @params {Tokens}
-     * @returns {ValidatedTokens}
-     */
-    _validateTokens(tokens) {
-        const sessionTokenIsValid = this.validateToken(tokens.rawSessionToken)
-        const accessTokenIsValid = this.validateToken(tokens.accessToken)
-        return {
-            sessionTokenIsValid: sessionTokenIsValid,
-            accessTokenIsValid: accessTokenIsValid,
-        }
-    }
-    /**
-     * Checks to see if the activeSession accessToken is expired
-     * If it is, it creates a new one and stores it in activeSession
-     * @ params {UserSession} {ValidatedTokens}
-     * @returns Void
-     */
-    _createSessionTokenIfExpired(userSession, validatedTokens) {
-        if (!validatedTokens.sessionTokenIsValid.payload) {
-            const sessionToken = this.createToken({
-                payload: validatedTokens.accessTokenIsValid.payload,
-            })
-            userSession.sessionToken = sessionToken
-        }
-    }
     /**
      * Uses this.validateToken() to verify hashedSessionToken's
      * existence, expiry, and also valdiates accessToken
@@ -298,11 +260,10 @@ module.exports = class UserService extends Schmervice.Service {
                 'hashedSessionToken not in activeSessions registry!',
             )
         }
-        const tokens = this._grabTokensFromActiveSessions(userSession)
-        const validatedTokens = this._validateTokens(tokens)
-        this._createSessionTokenIfExpired(userSession, validatedTokens)
+        const accessToken = userSession.accessToken
+        const accessTokenIsValid = this.validateToken(accessToken)
         return {
-            ...validatedTokens.accessTokenIsValid.payload,
+            ...accessTokenIsValid.payload,
             accessToken: this.activeSessions[hashedAccessToken].accessToken,
         }
     }