@jpbs/common 1.2.0 → 1.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/build/middlewares/authProtect.d.ts +1 -1
  2. package/build/middlewares/authProtect.js +4 -2
  3. package/build/redisClient.js +14 -4
  4. package/package.json +1 -1
package/build/middlewares/authProtect.d.ts CHANGED
@@ -12,5 +12,5 @@ interface IDecodedUser {
12
12
  username: string;
13
13
  role: Role;
14
14
  }
15
- export declare const authenticationGuard: (jwtSecret: string) => (req: AuthenticatedRequest, res: Response, next: NextFunction) => Promise<Response<any, Record<string, any>> | undefined>;
15
+ export declare const authenticationGuard: (jwtSecret: string) => (req: AuthenticatedRequest, res: Response, next: NextFunction) => Promise<void>;
16
16
  export {};
package/build/middlewares/authProtect.js CHANGED
@@ -25,11 +25,13 @@ const authenticationGuard = (jwtSecret) => (req, res, next) => __awaiter(void 0,
25
25
  try {
26
26
  const token = req.cookies.auth_token;
27
27
  if (!token) {
28
- return res.status(http_status_codes_1.StatusCodes.UNAUTHORIZED).json({ error: "Unauthorized" });
28
+ res.status(http_status_codes_1.StatusCodes.UNAUTHORIZED).json({ error: "Unauthorized" });
29
+ return;
29
30
  }
30
31
  const isRevoked = yield (0, redisClient_1.isTokenRevoked)(token);
31
32
  if (isRevoked) {
32
- return res.status(http_status_codes_1.StatusCodes.UNAUTHORIZED).json({ error: "Token has been revoked" });
33
+ res.status(http_status_codes_1.StatusCodes.UNAUTHORIZED).json({ error: "Token has been revoked" });
34
+ return;
33
35
  }
34
36
  const decoded = jsonwebtoken_1.default.verify(token, jwtSecret);
35
37
  req.currentUser = decoded;
package/build/redisClient.js CHANGED
@@ -35,7 +35,7 @@ const getTokenTTL = (token) => {
35
35
  try {
36
36
  const decoded = jsonwebtoken_1.default.decode(token);
37
37
  if (!decoded || typeof decoded !== 'object' || !decoded.exp) {
38
- return 3600;
38
+ return 0;
39
39
  }
40
40
  const now = Math.floor(Date.now() / 1000);
41
41
  const ttl = decoded.exp - now;
@@ -48,10 +48,15 @@ const getTokenTTL = (token) => {
48
48
  };
49
49
  const revokeToken = (token) => __awaiter(void 0, void 0, void 0, function* () {
50
50
  try {
51
+ const decoded = jsonwebtoken_1.default.decode(token);
52
+ if (!decoded || !decoded.id) {
53
+ console.error('❌ Token does not contain user id');
54
+ return;
55
+ }
51
56
  const ttl = getTokenTTL(token);
52
57
  if (ttl > 0) {
53
- yield redisClient.set(`revokedToken:${token}`, 'revoked', { EX: ttl });
54
- console.log(`🚫 Token revoked: ${token}`);
58
+ yield redisClient.set(`revokedToken:${decoded.id}:${token}`, 'revoked', { EX: ttl });
59
+ console.log(`🚫 Token revoked for user ${decoded.id}: ${token}`);
55
60
  }
56
61
  else {
57
62
  console.log('⚠️ Token already expired, no need to revoke.');
@@ -64,7 +69,12 @@ const revokeToken = (token) => __awaiter(void 0, void 0, void 0, function* () {
64
69
  exports.revokeToken = revokeToken;
65
70
  const isTokenRevoked = (token) => __awaiter(void 0, void 0, void 0, function* () {
66
71
  try {
67
- const result = yield redisClient.get(`revokedToken:${token}`);
72
+ const decoded = jsonwebtoken_1.default.decode(token);
73
+ if (!decoded || !decoded.id) {
74
+ console.error('❌ Token does not contain user id');
75
+ return false;
76
+ }
77
+ const result = yield redisClient.get(`revokedToken:${decoded.id}:${token}`);
68
78
  return result !== null;
69
79
  }
70
80
  catch (error) {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@jpbs/common",
3
- "version": "1.2.0",
3
+ "version": "1.2.2",
4
4
  "main": "./build/index.js",
5
5
  "types": "./build/index.d.ts",
6
6
  "files": [