Fondemi/sistema_base
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f88ab2a97149860e120f0df50cc9b9a15fd54ff1
sistema_base/apps/web/lib/auth-token.ts

68 lines
2.0 KiB
TypeScript
Raw Blame History

import { resfreshTokenAction } from '@/feactures/auth/actions/refresh-token-action';
import { auth } from '@/lib/auth';
import { cookies } from 'next/headers';
import { cache } from 'react';
export const getValidAccessToken = cache(async () => {
const session = await auth();
if (!session?.access_token) {
// console.log('No hay Access Token');
return null
}
// console.log('Si hay Access Token');
const now = Math.floor(Date.now() / 1000);
// Restamos 10s para tener margen de seguridad
const isValid = (session.access_expire_in as number) - 10 > now;
// A. Si es válido, lo retornamos directo
if (isValid) return session.access_token;
// console.log('Access Token Expiró');
// B. Si expiró, buscamos la cookie
const cookieStore = cookies();
const refreshTokenCookie = await cookieStore
const refreshToken = refreshTokenCookie.get('refresh_token')?.value;
if (!refreshToken) {
// console.log('No hay Refresh Token');
return null
} // No hay refresh token, fin del juego
// console.log('Si hay Refresh Token');
// C. Intentamos refrescar
const newTokens = await resfreshTokenAction({ refreshToken });
if (!newTokens) {
// console.log('No hay token nuevo');
// Si falla el refresh (token revocado o expirado), borramos cookie
(await cookieStore).delete('refresh_token');
(await cookieStore).delete('authjs.session-token');
return null;
}
// console.log('Si hay token nuevo');
// D. Guardamos el nuevo refresh token en cookie y retornamos el access token
(await cookieStore).set('refresh_token', newTokens.refresh_token, {
httpOnly: true,
secure: process.env.NODE_ENV === 'production',
sameSite: 'lax',
path: '/',
maxAge: 7 * 24 * 60 * 60,
});
// (await cookieStore).set('authjs.session-token', newTokens.access_token, {
// httpOnly: true,
// secure: process.env.NODE_ENV === 'production',
// sameSite: 'lax',
// path: '/',
// maxAge: 7 * 24 * 60 * 60,
// });
return newTokens.access_token;
});
Reference in New Issue View Git Blame Copy Permalink