Merge pull request #15 from fullstack-development/sign-out

hersveit · web-flow · commit a673bc551b05 · 2022-09-15T10:34:56.000+03:00
SignOut
diff --git a/src/services/auth/__tests__/auth.service.spec.ts b/src/services/auth/__tests__/auth.service.spec.ts
@@ -372,4 +372,29 @@ describe('AuthService', () => {
             expect(confirmResult).toBeInstanceOf(CannotFindEmailConfirm);
         });
     });
+
+    describe('signOut', () => {
+        it('should delete refresh token from database on signOut', async () => {
+            userService.findUser.mockResolvedValueOnce(user);
+
+            await authService.signOut(user.email);
+
+            expect(userService.findUser).toBeCalledTimes(1);
+            expect(userService.findUser).toBeCalledWith({ email: user.email });
+            expect(refreshTokensRepository.Dao.delete).toBeCalledTimes(1);
+            expect(refreshTokensRepository.Dao.delete).toBeCalledWith({
+                where: { userId: user.id },
+            });
+        });
+
+        it('should not call delete on error when findUser function is called', async () => {
+            userService.findUser.mockResolvedValueOnce(new CannotFindUser());
+
+            await authService.signOut(user.email);
+
+            expect(userService.findUser).toBeCalledTimes(1);
+            expect(userService.findUser).toBeCalledWith({ email: user.email });
+            expect(refreshTokensRepository.Dao.delete).toBeCalledTimes(0);
+        });
+    });
 });
diff --git a/src/services/auth/auth.service.ts b/src/services/auth/auth.service.ts
@@ -64,6 +64,13 @@ export class AuthServiceProvider {
         return this.generateTokensWithCookie(userResult.id, userResult.email);
     }
 
+    async signOut(email: string) {
+        const user = await this.userService.findUser({ email });
+        if (!isError(user)) {
+            await this.refreshTokens.Dao.delete({ where: { userId: user.id } });
+        }
+    }
+
     async confirmEmail(confirmUuid: string) {
         const confirmEntityResult = await this.emailConfirms.Dao.findFirst({
             where: { confirmUuid },
@@ -115,7 +122,7 @@ export class AuthServiceProvider {
 
     async generateTokens(id: number, email: string) {
         const refreshToken = this.jwtService.sign(
-            { email },
+            { email, date: Date.now() },
             {
                 expiresIn: this.configService.JWT_REFRESH_TOKEN_EXPIRATION_TIME,
                 secret: this.configService.JWT_REFRESH_TOKEN_SECRET,
@@ -146,7 +153,7 @@ export class AuthServiceProvider {
         }
 
         return {
-            accessToken: this.jwtService.sign({ email }),
+            accessToken: this.jwtService.sign({ email, date: Date.now() }),
             refreshToken,
         };
     }
@@ -160,8 +167,9 @@ export class AuthServiceProvider {
 
         return {
             accessToken: tokens.accessToken,
-            // eslint-disable-next-line max-len
-            refreshCookie: `Refresh=${tokens.refreshToken}; HttpOnly; Path=/; Max-Age=${this.configService.JWT_REFRESH_TOKEN_EXPIRATION_TIME}`,
+            refreshCookie:
+                `Refresh=${tokens.refreshToken}; HttpOnly; ` +
+                `Path=/; Max-Age=${this.configService.JWT_REFRESH_TOKEN_EXPIRATION_TIME}`,
         };
     }
 }
diff --git a/src/services/auth/strategies/jwt-refresh.strategy.ts b/src/services/auth/strategies/jwt-refresh.strategy.ts
@@ -31,7 +31,6 @@ export class JwtRefreshTokenStrategy extends PassportStrategy(Strategy, 'jwt-ref
         });
 
         const refreshToken = user?.refreshToken?.hash;
-
         const token: string | undefined = request.cookies?.Refresh;
 
         if (user && refreshToken && token && sha256(token) === refreshToken) {
