Gestione Refresh Token Completata !

src/server/models/user.js

@@ -63,6 +63,7 @@ const UserSchema = new mongoose.Schema({
     type: String,
     required: true,
   },
+
   group: {
     type: Number,
   },
@@ -538,9 +539,11 @@ UserSchema.methods.generateAuthToken = function (req) {
 
   let token = null;
 
+  let numsec = process.env.TOKEN_LIFE;
+
   if (attiva_scadenza)
     token = jwt.sign({ _id: prova, smart: user._id.toHexString(), access, un: user.username },
-      process.env.SIGNCODE, { expiresIn: process.env.TOKEN_LIFE }).toString();
+      process.env.SIGNCODE, { expiresIn: numsec }).toString();
   else
     token = jwt.sign({ _id: prova, smart: user._id.toHexString(), access, un: user.username },
       process.env.SIGNCODE).toString();
@@ -560,6 +563,7 @@ UserSchema.methods.generateAuthToken = function (req) {
   user.lasttimeonline = new Date();
 
   return user.save().then(() => {
+    console.log('Salvato refreshToken su DB', refreshToken);
     // console.log("TOKEN CREATO IN LOGIN : " + token);
     return { token, refreshToken };
   }).catch(err => {
@@ -721,10 +725,9 @@ UserSchema.statics.findByToken = async function (token, typeaccess, con_auth) {
 
     if (e.expiredAt) {
 
+      code = server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED;
       if (con_auth) {
-        return { user: null, code: server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED };
-      } else {
-
+        return { user: null, code };
       }
     } else {
       console.error('Err findByToken:', e);
@@ -765,6 +768,7 @@ UserSchema.statics.findByTokenAnyAccess = function (token) {
   try {
     decoded = jwt.verify(token, process.env.SIGNCODE);
   } catch (e) {
+    console.error('Err findByTokenAnyAccess:', e);
     return Promise.resolve(null);
   }