summaryrefslogtreecommitdiff
path: root/server/controllers/refresh_tokens.controller.ts
diff options
context:
space:
mode:
Diffstat (limited to 'server/controllers/refresh_tokens.controller.ts')
-rw-r--r--server/controllers/refresh_tokens.controller.ts12
1 files changed, 9 insertions, 3 deletions
diff --git a/server/controllers/refresh_tokens.controller.ts b/server/controllers/refresh_tokens.controller.ts
index 2a24abe..6aa696f 100644
--- a/server/controllers/refresh_tokens.controller.ts
+++ b/server/controllers/refresh_tokens.controller.ts
@@ -4,14 +4,18 @@ import { UsersService } from 'server/providers/services/users.service';
import { SignInDto } from 'server/dto/sign_in.dto';
import { RefreshTokenBody } from 'server/dto/refresh_token_body.dto';
import { JwtService } from 'server/providers/services/jwt.service';
+import { Skip } from 'server/decorators/skip.decorator';
+import { AuthGuard } from 'server/providers/guards/auth.guard';
+import { RolesService } from 'server/providers/services/roles.service';
// this is kind of a misnomer because we are doing token based auth
// instead of session based auth
@Controller()
export class RefreshTokensController {
- constructor(private usersService: UsersService, private jwtService: JwtService) {}
+ constructor(private usersService: UsersService, private rolesService: RolesService, private jwtService: JwtService) {}
@Get('/refresh_token')
+ @Skip(AuthGuard)
async get(@Body() body: SignInDto, @Req() req: Request) {
const refreshToken: string = req.cookies['_refresh_token'];
if (!refreshToken) {
@@ -20,13 +24,15 @@ export class RefreshTokensController {
const tokenBody = this.jwtService.parseRefreshToken(refreshToken) as RefreshTokenBody;
- const user = await this.usersService.find(tokenBody.userId, ['refreshTokens']);
+ const user = await this.usersService.find(tokenBody.userId, ['refreshTokens', 'userRoles']);
+ const userRoles = await this.rolesService.findByIds(user.userRoles.map((ur) => ur.roleId));
+
const userRefreshToken = user.refreshTokens.find((t) => t.id === tokenBody.id);
if (!userRefreshToken) {
throw new HttpException('User refresh token not found', 401);
}
- const token = this.jwtService.issueToken({ userId: user.id });
+ const token = this.jwtService.issueToken({ userId: user.id, roles: userRoles.map((r) => r.key) });
return { token };
}
}
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2025-09-22 19:09:18 +0000