propro-utils 1.3.23 → 1.3.25

package/middlewares/access_token.js

@@ -1,24 +1,27 @@
-require("dotenv").config()
+require("dotenv").config();
 const axios =  require("axios");
+const {getOrSetCache} = require("../utils/redis");
 
-const authValidation = (requiredPermissions = []) => {
+const authValidation = (redisClient, requiredPermissions = []) => {
     return async (req, res, next) => {
         try {
             const accessToken = req.cookies['x-access-token'] || req.headers.authorization?.split(" ")[1];
 
             if (!accessToken) {
-                throw new Error('Access token is missing');
+                return res.status(403).json({ error: "Access token is required" });
             }
 
-            const response = await axios.post(`${process.env.AUTH_URL}/api/v1/auth/validateToken`, {
-                accessToken: accessToken,
-                requiredPermissions: requiredPermissions
+            const response = await getOrSetCache(redisClient, accessToken, async () => {
+                return await axios.post(`${process.env.AUTH_URL}/api/v1/auth/validateToken`, {
+                    accessToken: accessToken,
+                    requiredPermissions: requiredPermissions
+                });
             });
-            const { accountId, validPermissions } = response.data;
 
+            const { accountId, validPermissions } = response.data;
 
             if (!validPermissions) {
-                throw new Error('Insufficient permissions');
+                return res.status(403).json({ error: "Invalid permissions" });
             }
 
             req.account = accountId;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "propro-utils",
-  "version": "1.3.23",
+  "version": "1.3.25",
   "description": "Auth middleware for propro-auth",
   "main": "src/index.js",
   "scripts": {
@@ -59,11 +59,12 @@
     "@react-email/tailwind": "^0.0.12",
     "@react-email/text": "0.0.5",
     "axios": "^1.6.1",
-    "dotenv": "^16.3.1",
+    "dotenv": "^16.4.1",
     "express-rate-limit": "^7.1.4",
     "nodemailer": "^6.9.7",
     "nodemailer-mailgun-transport": "^2.1.5",
     "querystring": "^0.2.1",
-    "react-email": "^1.9.5"
+    "react-email": "^1.9.5",
+    "redis": "^4.6.12"
   }
 }

package/src/server/index.js

@@ -57,14 +57,22 @@ function proproAuthMiddleware(options = {}) {
           redirectUri
         );
 
+        const currentDateTime = new Date();
+
+        const refreshMaxAge = tokenData.tokens.refresh.expires.getTime() - currentDateTime.getTime();
+
         res.cookie("x-refresh-token", tokenData.tokens.refresh.token, {
           httpOnly: true,
           secure: process.env.NODE_ENV === "production",
+          maxAge: refreshMaxAge
         });
 
+        const accessMaxAge = tokenData.tokens.access.expires.getTime() - currentDateTime.getTime();
+
         res.cookie("x-access-token", tokenData.tokens.access.token, {
           httpOnly: true,
           secure: process.env.NODE_ENV === "production",
+          maxAge: accessMaxAge
         });
 
         const redirectUrl = `http://${tokenData.redirectUrl}/`;

package/utils/redis.js

@@ -0,0 +1,18 @@
+const getOrSetCache = async (redisClient, key, service, time = 1800) => {
+    try {
+        const cachedValue = await redisClient.get(key);
+        if (cachedValue) {
+            console.log(`Cache hit for key: ${key}`);
+            return JSON.parse(cachedValue);
+        }
+        console.log(`Cache miss for key: ${key}. Fetching and caching value.`);
+        const value = await service();
+        await redisClient.setEx(key, time, JSON.stringify(value));
+        return value;
+    } catch (error) {
+        console.error(`Error in getOrSetCache for key ${key}:`, error);
+        throw error;
+    }
+};
+
+module.exports = { getOrSetCache };