01d60336a6
* feat: refreshToken * chore: store refreshToken * chore: generate token using jsonwebtoken * chore: set refreshToken in httpOnly cookie * perf: authHeader verify * chore: add add response interceptor * chore: test refresh * chore: handle logout * chore: type * chore: update pnpm-lock.yaml * chore: remove test code * chore: add todo comment * chore: update pnpm-lock.yaml * chore: remove default interceptors * chore: copy codes * chore: handle refreshToken invalid * chore: add refreshToken preference * chore: typo * chore: refresh token逻辑调整 * refactor: interceptor presets * chore: copy codes * fix: ci errors * chore: add missing await * feat: 完善refresh-token逻辑及文档 * fix: ci error * chore: filename --------- Co-authored-by: vince <vince292007@gmail.com>
37 lines
957 B
TypeScript
37 lines
957 B
TypeScript
import {
|
|
clearRefreshTokenCookie,
|
|
setRefreshTokenCookie,
|
|
} from '~/utils/cookie-utils';
|
|
import { generateAccessToken, generateRefreshToken } from '~/utils/jwt-utils';
|
|
import { forbiddenResponse } from '~/utils/response';
|
|
|
|
export default defineEventHandler(async (event) => {
|
|
const { password, username } = await readBody(event);
|
|
if (!password || !username) {
|
|
setResponseStatus(event, 400);
|
|
return useResponseError(
|
|
'BadRequestException',
|
|
'Username and password are required',
|
|
);
|
|
}
|
|
|
|
const findUser = MOCK_USERS.find(
|
|
(item) => item.username === username && item.password === password,
|
|
);
|
|
|
|
if (!findUser) {
|
|
clearRefreshTokenCookie(event);
|
|
return forbiddenResponse(event);
|
|
}
|
|
|
|
const accessToken = generateAccessToken(findUser);
|
|
const refreshToken = generateRefreshToken(findUser);
|
|
|
|
setRefreshTokenCookie(event, refreshToken);
|
|
|
|
return useResponseSuccess({
|
|
...findUser,
|
|
accessToken,
|
|
});
|
|
});
|