github
/
nocodb
mirror of https://github.com/nocodb/nocodb
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

Merge pull request #8179 from nocodb/nc-fix/refresh-token-update 

Nc fix/refresh token update
pull/8180/head
Mert E 3 months ago committed by GitHub
parent
aeab8a367f 0346534831
commit
5c821bd354
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 25 additions and 12 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 21
      packages/nocodb/src/models/UserRefreshToken.ts
  2. 16
      packages/nocodb/src/services/users/users.service.ts

21
packages/nocodb/src/models/UserRefreshToken.ts
Unescape View File

@ -1,9 +1,18 @@
import process from 'process';
import dayjs from 'dayjs'; import dayjs from 'dayjs';
import Noco from '~/Noco'; import Noco from '~/Noco';
import { extractProps } from '~/helpers/extractProps'; import { extractProps } from '~/helpers/extractProps';
import { MetaTable } from '~/utils/globals'; import { MetaTable } from '~/utils/globals';
import { parseMetaProp, stringifyMetaProp } from '~/utils/modelUtils'; import { parseMetaProp, stringifyMetaProp } from '~/utils/modelUtils';
const NC_REFRESH_TOKEN_EXP_IN_DAYS =
parseInt(process.env.NC_REFRESH_TOKEN_EXP_IN_DAYS, 10) || 90;
// throw error if user provided invalid value
if (NC_REFRESH_TOKEN_EXP_IN_DAYS <= 0) {
throw new Error('NC_REFRESH_TOKEN_EXP_IN_DAYS must be a positive number');
}
export default class UserRefreshToken { export default class UserRefreshToken {
fk_user_id: string; fk_user_id: string;
token: string; token: string;
@ -39,9 +48,11 @@ export default class UserRefreshToken {
'meta', 'meta',
]); ]);
// set default expiry as 90 days if missing // set expiry based on the env or default value
if (!('expires_at' in insertObj)) { if (!('expires_at' in insertObj)) {
insertObj.expires_at = dayjs().add(90, 'day').toDate(); insertObj.expires_at = dayjs()
.add(NC_REFRESH_TOKEN_EXP_IN_DAYS, 'day')
.toDate();
} }
if ('meta' in insertObj) { if ('meta' in insertObj) {
@ -68,11 +79,11 @@ export default class UserRefreshToken {
null, null,
MetaTable.USER_REFRESH_TOKENS, MetaTable.USER_REFRESH_TOKENS,
{ {
token: oldToken, token: newToken,
expires_at: dayjs().add(90, 'day').toDate(), expires_at: dayjs().add(NC_REFRESH_TOKEN_EXP_IN_DAYS, 'day').toDate(),
}, },
{ {
token: newToken, token: oldToken,
}, },
); );
} }

16
packages/nocodb/src/services/users/users.service.ts
Unescape View File

@ -370,9 +370,9 @@ export class UsersService {
NcError.badRequest(`Missing refresh token`); NcError.badRequest(`Missing refresh token`);
} }
const user = await User.getByRefreshToken( const oldRefreshToken = param.req.cookies.refresh_token;
param.req.cookies.refresh_token,
); const user = await User.getByRefreshToken(oldRefreshToken);
if (!user) { if (!user) {
NcError.badRequest(`Invalid refresh token`); NcError.badRequest(`Invalid refresh token`);
@ -380,10 +380,12 @@ export class UsersService {
const refreshToken = randomTokenString(); const refreshToken = randomTokenString();
await UserRefreshToken.insert({ try {
token: refreshToken, await UserRefreshToken.updateOldToken(oldRefreshToken, refreshToken);
fk_user_id: user.id, } catch (error) {
}); console.error('Failed to update old refresh token:', error);
NcError.internalServerError('Failed to update refresh token');
}
setTokenCookie(param.res, refreshToken); setTokenCookie(param.res, refreshToken);

Write Preview
Loading…
Cancel
Save