diff --git a/backend/Api/BusinessLogic/UserLogic.cs b/backend/Api/BusinessLogic/UserLogic.cs index d17d16a..b3c7183 100644 --- a/backend/Api/BusinessLogic/UserLogic.cs +++ b/backend/Api/BusinessLogic/UserLogic.cs @@ -197,7 +197,9 @@ namespace Api.BusinessLogic { User user = await _dbAccess.ReadUserByRefreshToken(refreshToken); if (user == null) { return new ConflictObjectResult(new { message = "Could not match refreshtoken" }); } - return new OkObjectResult(GenerateJwtToken(user)); + user = await UpdateRefreshToken(user); + string jwtToken = GenerateJwtToken(user); + return new OkObjectResult(new { token = jwtToken, refreshToken = user.RefreshToken }); } /// @@ -265,7 +267,7 @@ namespace Api.BusinessLogic private async Task UpdateRefreshToken(User user) { user.RefreshToken = Guid.NewGuid().ToString(); - user.RefreshTokenExpiresAt = DateTime.Now.AddDays(7); + user.RefreshTokenExpiresAt = DateTime.Now.AddDays(30); await _dbAccess.UpdateUser(user); return user; } diff --git a/backend/Api/Controllers/UserController.cs b/backend/Api/Controllers/UserController.cs index e5a6a72..16dfb3f 100644 --- a/backend/Api/Controllers/UserController.cs +++ b/backend/Api/Controllers/UserController.cs @@ -74,5 +74,11 @@ namespace Api.Controllers return await _userLogic.DeleteUser(userId); } + [HttpPost("RefreshToken/{refreshToken}")] + public async Task RefreshToken(string refreshToken) + { + return await _userLogic.RefreshToken(refreshToken); + } + } } diff --git a/frontend/scripts/home.js b/frontend/scripts/home.js index e615b9c..fb2b3ae 100644 --- a/frontend/scripts/home.js +++ b/frontend/scripts/home.js @@ -1,5 +1,4 @@ import { logout } from "../shared/utils.js"; -import { getUser } from "../shared/utils.js"; import { getDevices, getLogsOnDeviceId } from "./services/devices.service.js"; let chart; diff --git a/frontend/scripts/login.js b/frontend/scripts/login.js index 6c9b54b..0323fc6 100644 --- a/frontend/scripts/login.js +++ b/frontend/scripts/login.js @@ -11,7 +11,7 @@ document.getElementById("loginForm").addEventListener("submit", function(event) login(emailOrUsername, password) .then(response => { document.cookie = `auth-token=${response.token}; Path=/`; - + document.cookie = `refresh-token=${response.refreshToken}; Path=/`; localStorage.setItem("user", JSON.stringify({ id: response.id, username: response.userName, diff --git a/frontend/scripts/services/users.service.js b/frontend/scripts/services/users.service.js index fb49213..c228c2c 100644 --- a/frontend/scripts/services/users.service.js +++ b/frontend/scripts/services/users.service.js @@ -1,4 +1,5 @@ import { request } from "../../shared/utils.js"; +import { address } from "../../shared/constants.js"; export function get() { @@ -6,9 +7,18 @@ export function get() { } export function login(usernameOrEmail, password) { - return request("POST", "/user/login", { - EmailOrUsrn: usernameOrEmail, - Password: password, + return fetch(`${address}/user/login`, { + method: "POST", + headers: { + "Content-Type": "application/json" + }, + body: JSON.stringify({ password: password, EmailOrUsrn: usernameOrEmail }) + }) + .then(response => { + if (!response.ok) { + return("Request failed with HTTP code " + response.status); + } + return response.json(); }); } @@ -35,3 +45,5 @@ export function updatePassword(oldPassword, newPassword){ }); } + + diff --git a/frontend/shared/utils.js b/frontend/shared/utils.js index 2493d3a..e04c46d 100644 --- a/frontend/shared/utils.js +++ b/frontend/shared/utils.js @@ -1,13 +1,12 @@ import { address } from "./constants.js"; export async function request(method, path, body = null) { - const token = document.cookie.match(/\bauth-token=([^;\s]+)/); - + const token = await checkTokens() const headers = {}; + headers["Authorization"] = `Bearer ${token}`; + if (body) headers["Content-Type"] = "application/json"; - if (token?.length > 1) - headers["Authorization"] = `Bearer ${token[1]}`; return new Promise((resolve, reject) => { fetch(address + path, { @@ -16,9 +15,9 @@ export async function request(method, path, body = null) { body: body ? JSON.stringify(body) : undefined, }) .then(async response => { - if (response.status === 401) { - location.href = "/login"; - } + // if (response.status === 401) { + // location.href = "/login"; + // } try { const json = await response.json(); @@ -40,9 +39,44 @@ export async function request(method, path, body = null) { }); } +export function checkTokens() { + var token = document.cookie.match(/\bauth-token=([^;\s]+)/); + if(token != null){ + return token[1] + } + const match = document.cookie.match(/\brefresh-token=([^;\s]+)/); + token = match ? match[1] : null; + console.log("refresh "+token); + if(token != null){ + return fetch(`${address}/user/refreshtoken/${token}`, { + method: "POST", + headers: { + "Content-Type": "application/json" + }, + }) + .then(async response => { + if (!response.ok) { + window.location.href = "/login"; + return; + } + + const json = await response.json() + + document.cookie = `auth-token=${json.token}; Path=/`; + document.cookie = `refresh-token=${json.refreshToken}; Path=/`; + + return json.token; + }); + } + else{ + window.location.href = "/login"; + } +} + export function logout() { localStorage.removeItem("user"); document.cookie = "auth-token="; + document.cookie = "refresh-token="; window.location.href = "/"; } @@ -51,6 +85,6 @@ export function getUser() { } export function isLoggedIn() { - return document.cookie.match(/\bauth-token=/) && localStorage.getItem("user"); + return (document.cookie.match(/\bauth-token=/) && localStorage.getItem("user")); }