Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(api): Implement refresh token strategy #235

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from
Open

feat(api): Implement refresh token strategy #235

wants to merge 1 commit into from

Conversation

alepefe
Copy link
Collaborator

@alepefe alepefe commented Jan 16, 2025
edited
Loading

Remember to add the following code in shared/config/.env and .env.test

REFRESH_TOKEN_SECRET=refresh_token_secret
REFRESH_TOKEN_EXPIRES_IN=30d

This pull request introduces a refresh token mechanism to the authentication system, enhancing the security and usability of the token-based authentication. The most important changes include the addition of new methods for handling refresh tokens, updates to existing services and DTOs, and the implementation of integration tests for the new functionality.

Authentication Enhancements:

  • Added refreshToken method to AuthenticationController to handle refresh token requests.
  • Implemented refreshAuthTokens method in AuthenticationService to refresh authentication tokens using the refresh token.
  • Updated logIn method in AuthenticationService to return both access and refresh tokens.

JWT Management:

  • Added refreshAuthTokens and createAuthTokenPair methods to JwtManager to handle token creation and refreshing.
  • Updated signAccessToken and createRefreshToken methods in JwtManager to generate tokens with expiration times.

Configuration and Utilities:

  • Added refresh token configuration to auth-config.handler.ts and .env.test file. [1] [2]
  • Introduced TimeUtils utility for parsing duration strings into seconds.

Integration Tests:

  • Added integration tests for the refresh token functionality in refresh-token.spec.ts.
  • Updated existing tests to accommodate changes in token handling. [1] [2]

DTO and Contract Updates:

  • Updated UserWithAuthTokens DTO to include refresh token information. [1] [2]
  • Added AuthTokenPair type and RefreshTokenSchema for handling refresh token responses and requests. [1] [2]
  • Updated auth.contract.ts to include the new refreshToken endpoint.

@vercel Vercel
Copy link

vercel bot commented Jan 16, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
tnc-blue-carbon-cost-tool-ghps ❌ Failed (Inspect) Jan 16, 2025 0:50am

@alepefe
Copy link
Collaborator Author

alepefe commented Jan 16, 2025

Waiting to validate this so the frontend guys can later adapt their code.

@alepefe alepefe requested a review from alexeh January 16, 2025 12:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alexeh alexeh Awaiting requested review from alexeh

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@alepefe