
* feat: refreshToken * chore: store refreshToken * chore: generate token using jsonwebtoken * chore: set refreshToken in httpOnly cookie * perf: authHeader verify * chore: add add response interceptor * chore: test refresh * chore: handle logout * chore: type * chore: update pnpm-lock.yaml * chore: remove test code * chore: add todo comment * chore: update pnpm-lock.yaml * chore: remove default interceptors * chore: copy codes * chore: handle refreshToken invalid * chore: add refreshToken preference * chore: typo * chore: refresh token逻辑调整 * refactor: interceptor presets * chore: copy codes * fix: ci errors * chore: add missing await * feat: 完善refresh-token逻辑及文档 * fix: ci error * chore: filename --------- Co-authored-by: vince <vince292007@gmail.com>
62 lines
1.5 KiB
TypeScript
62 lines
1.5 KiB
TypeScript
import type { EventHandlerRequest, H3Event } from 'h3';
|
|
|
|
import jwt from 'jsonwebtoken';
|
|
|
|
import { UserInfo } from './mock-data';
|
|
|
|
export interface UserPayload extends UserInfo {
|
|
iat: number;
|
|
exp: number;
|
|
}
|
|
|
|
export function generateAccessToken(user: UserInfo) {
|
|
return jwt.sign(user, process.env.ACCESS_TOKEN_SECRET, { expiresIn: '2h' });
|
|
}
|
|
|
|
export function generateRefreshToken(user: UserInfo) {
|
|
return jwt.sign(user, process.env.REFRESH_TOKEN_SECRET, {
|
|
expiresIn: '30d',
|
|
});
|
|
}
|
|
|
|
export function verifyAccessToken(
|
|
event: H3Event<EventHandlerRequest>,
|
|
): null | Omit<UserInfo, 'password'> {
|
|
const authHeader = getHeader(event, 'Authorization');
|
|
if (!authHeader?.startsWith('Bearer')) {
|
|
return null;
|
|
}
|
|
|
|
const token = authHeader.split(' ')[1];
|
|
try {
|
|
const decoded = jwt.verify(
|
|
token,
|
|
process.env.ACCESS_TOKEN_SECRET,
|
|
) as UserPayload;
|
|
|
|
const username = decoded.username;
|
|
const user = MOCK_USERS.find((item) => item.username === username);
|
|
const { password: _pwd, ...userinfo } = user;
|
|
return userinfo;
|
|
} catch {
|
|
return null;
|
|
}
|
|
}
|
|
|
|
export function verifyRefreshToken(
|
|
token: string,
|
|
): null | Omit<UserInfo, 'password'> {
|
|
try {
|
|
const decoded = jwt.verify(
|
|
token,
|
|
process.env.REFRESH_TOKEN_SECRET,
|
|
) as UserPayload;
|
|
const username = decoded.username;
|
|
const user = MOCK_USERS.find((item) => item.username === username);
|
|
const { password: _pwd, ...userinfo } = user;
|
|
return userinfo;
|
|
} catch {
|
|
return null;
|
|
}
|
|
}
|