github/directus
1
0
Fork 0
mirror of https://github.com/directus/directus.git synced 2026-02-15 13:25:04 -05:00
Code Issues Packages Projects Releases Wiki Activity

enable custom name for refresh token (#6890)

Browse Source
This commit is contained in:
j3n57h0m45
2021-07-20 15:29:11 +02:00
committed by GitHub
parent 7a7bee367a
commit 79c91ed50d
7 changed files with 17 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
api/src/controllers/auth.ts
View File

@@ -59,7 +59,7 @@ router.post(
}
if (mode === 'cookie') {
res.cookie('directus_refresh_token', refreshToken, {
res.cookie(env.REFRESH_TOKEN_COOKIE_NAME, refreshToken, {
httpOnly: true,
domain: env.REFRESH_TOKEN_COOKIE_DOMAIN,
maxAge: ms(env.REFRESH_TOKEN_TTL as string),
@@ -88,7 +88,7 @@ router.post(
schema: req.schema,
});
const currentRefreshToken = req.body.refresh_token || req.cookies.directus_refresh_token;
const currentRefreshToken = req.body.refresh_token || req.cookies[env.REFRESH_TOKEN_COOKIE_NAME];
if (!currentRefreshToken) {
throw new InvalidPayloadException(`"refresh_token" is required in either the JSON payload or Cookie`);
@@ -107,7 +107,7 @@ router.post(
}
if (mode === 'cookie') {
res.cookie('directus_refresh_token', refreshToken, {
res.cookie(env.REFRESH_TOKEN_COOKIE_NAME, refreshToken, {
httpOnly: true,
domain: env.REFRESH_TOKEN_COOKIE_DOMAIN,
maxAge: ms(env.REFRESH_TOKEN_TTL as string),
@@ -136,7 +136,7 @@ router.post(
schema: req.schema,
});
const currentRefreshToken = req.body.refresh_token || req.cookies.directus_refresh_token;
const currentRefreshToken = req.body.refresh_token || req.cookies[env.REFRESH_TOKEN_COOKIE_NAME];
if (!currentRefreshToken) {
throw new InvalidPayloadException(`"refresh_token" is required in either the JSON payload or Cookie`);
@@ -144,8 +144,8 @@ router.post(
await authenticationService.logout(currentRefreshToken);
if (req.cookies.directus_refresh_token) {
res.clearCookie('directus_refresh_token', {
if (req.cookies[env.REFRESH_TOKEN_COOKIE_NAME]) {
res.clearCookie(env.REFRESH_TOKEN_COOKIE_NAME, {
httpOnly: true,
domain: env.REFRESH_TOKEN_COOKIE_DOMAIN,
secure: env.REFRESH_TOKEN_COOKIE_SECURE ?? false,
@@ -340,7 +340,7 @@ router.get(
emitStatus('success');
if (redirect) {
res.cookie('directus_refresh_token', refreshToken, {
res.cookie(env.REFRESH_TOKEN_COOKIE_NAME, refreshToken, {
httpOnly: true,
domain: env.REFRESH_TOKEN_COOKIE_DOMAIN,
maxAge: ms(env.REFRESH_TOKEN_TTL as string),