Skip to content

Commit

Permalink
Refactor token refresh logic in authOptions
Browse files Browse the repository at this point in the history
  • Loading branch information
walnuts1018 committed Nov 7, 2023
1 parent fce9b19 commit 4415dc4
Showing 1 changed file with 26 additions and 27 deletions.
53 changes: 26 additions & 27 deletions front/src/app/api/auth/[...nextauth]/options.ts
Original file line number Diff line number Diff line change
Expand Up @@ -44,14 +44,14 @@ export const authOptions: NextAuthOptions = {
if (user) {
token.role = user.role;
}
if (account) {
token.refreshToken = account.refresh_token;
token.idToken = account.id_token;
token.expiresAt = account.expires_at;
}
else if (new Date() > new Date(token.expiresAt as number * 1000)) {
lock.acquire("refreshToken", async function (done) {
try {
lock.acquire("refreshToken" + user.sub, async function (done) {
try {
if (account) {
token.refreshToken = account.refresh_token;
token.idToken = account.id_token;
token.expiresAt = account.expires_at;
}
else if (new Date() > new Date(token.expiresAt as number * 1000)) {
const cachedJsonData = await redis.get("openchokin-" + token.sub as string);
if (cachedJsonData) {
const cachedData = JSON.parse(cachedJsonData);
Expand All @@ -74,26 +74,25 @@ export const authOptions: NextAuthOptions = {
token.expiresAt = cachedExpiresAt;
}
}

const iv = crypto.randomBytes(16);
const cipher = crypto.createCipheriv('aes-256-cbc', cacheKey, iv);
const encryptedRefreshToken = Buffer.concat([cipher.update(token.refreshToken as string), cipher.final()]);
const newCachedData = JSON.stringify({
refreshToken: encryptedRefreshToken.toString('hex'),
idToken: token.idToken,
expiresAt: token.expiresAt,
iv: iv.toString('hex'),
})
await redis.set("openchokin-" + token.sub as string, newCachedData, "EX", 60 * 60 * 24 * 30);
token.error = undefined;
} catch (e) {
console.error("Error refreshing token", e);
return { ...token, error: "RefreshAccessTokenError" as const }
} finally {
done();
}
});
}
const iv = crypto.randomBytes(16);
const cipher = crypto.createCipheriv('aes-256-cbc', cacheKey, iv);
const encryptedRefreshToken = Buffer.concat([cipher.update(token.refreshToken as string), cipher.final()]);
const newCachedData = JSON.stringify({
refreshToken: encryptedRefreshToken.toString('hex'),
idToken: token.idToken,
expiresAt: token.expiresAt,
iv: iv.toString('hex'),
})
await redis.set("openchokin-" + token.sub as string, newCachedData, "EX", 60 * 60 * 24 * 30);
token.error = undefined;
} catch (e) {
console.error("Error refreshing token", e);
return { ...token, error: "RefreshAccessTokenError" as const }
} finally {
done();
}
});
return token;
},
session: ({ session, token }: { token: JWT; session?: any }) => {
Expand Down

0 comments on commit 4415dc4

Please sign in to comment.