From c1d4a402447bf2925ecb9b56907cf18a6e28ae54 Mon Sep 17 00:00:00 2001 From: Sergio Ramirez Date: Thu, 9 Oct 2025 11:25:46 -0400 Subject: [PATCH] refresh token esta vez si (espero) --- apps/api/src/features/auth/auth.controller.ts | 5 +++++ apps/api/src/features/auth/auth.service.ts | 13 ++++++++----- .../api/src/features/auth/dto/refresh-token.dto.ts | 2 +- apps/web/lib/auth.config.ts | 14 +++++--------- 4 files changed, 19 insertions(+), 15 deletions(-) diff --git a/apps/api/src/features/auth/auth.controller.ts b/apps/api/src/features/auth/auth.controller.ts index ab08810..875fd3c 100644 --- a/apps/api/src/features/auth/auth.controller.ts +++ b/apps/api/src/features/auth/auth.controller.ts @@ -59,8 +59,13 @@ export class AuthController { //@RequirePermissions('auth:refresh-token') async refreshToken(@Body() refreshTokenDto: any) { + console.log('refreshTokenDto', refreshTokenDto); + const data = await this.authService.refreshToken(refreshTokenDto); + // console.log('data', data); + + if (!data) return null; return {tokens: data} diff --git a/apps/api/src/features/auth/auth.service.ts b/apps/api/src/features/auth/auth.service.ts index 833166c..b116269 100644 --- a/apps/api/src/features/auth/auth.service.ts +++ b/apps/api/src/features/auth/auth.service.ts @@ -263,11 +263,14 @@ export class AuthService { //Refresh User Access Token async refreshToken(dto: RefreshTokenDto): Promise { - const { user_id, refresh_token } = dto; - // const user_id = 1; + const secret = envs.refresh_token_secret; + const { user_id, token } = dto; + + console.log('secret', secret); + console.log('refresh_token', token); - const validation = await this.jwtService.verifyAsync(refresh_token, { - secret: envs.refresh_token_secret, + const validation = await this.jwtService.verifyAsync(token, { + secret }); if (!validation) throw new UnauthorizedException('Invalid refresh token'); @@ -278,7 +281,7 @@ export class AuthService { .where( and( eq(sessions.userId, user_id) && - eq(sessions.sessionToken, dto.refresh_token), + eq(sessions.sessionToken, token), ), ); diff --git a/apps/api/src/features/auth/dto/refresh-token.dto.ts b/apps/api/src/features/auth/dto/refresh-token.dto.ts index d8d03f9..f3b72f9 100644 --- a/apps/api/src/features/auth/dto/refresh-token.dto.ts +++ b/apps/api/src/features/auth/dto/refresh-token.dto.ts @@ -7,7 +7,7 @@ export class RefreshTokenDto { @IsString({ message: 'Refresh token must be a string', }) - refresh_token: string; + token: string; @ApiProperty() @IsNumber() diff --git a/apps/web/lib/auth.config.ts b/apps/web/lib/auth.config.ts index c24484c..42fa1a6 100644 --- a/apps/web/lib/auth.config.ts +++ b/apps/web/lib/auth.config.ts @@ -145,22 +145,18 @@ const authConfig: NextAuthConfig = { // 4. Si el token de acceso ha expirado pero el refresh token es vĂ¡lido, renovar - // console.log("Renovando token de acceso..."); + console.log("Renovando token de acceso..."); try { const refresh_token = { token: token.refresh_token as string, user_id: Number(token.id) as number} - console.log(refresh_token); const res = await resfreshTokenAction(refresh_token); + // console.log('res', res); + + if (!res || !res.tokens) { throw new Error('Fallo en la respuesta de la API de refresco.'); - } - - // console.log("Old Access Expire:", token.access_expire_in); - // console.log("New Access Expire:", res.tokens.access_expire_in); - - // console.log("token:", token.refresh_token); - + } // Actualizar el token directamente con los nuevos valores token.access_token = res.tokens.access_token;