( req: Request, res: Response, next: NextFunction )
| 4 | import { reIssueAccessToken } from "../service/session.service"; |
| 5 | |
| 6 | const deserializeUser = async ( |
| 7 | req: Request, |
| 8 | res: Response, |
| 9 | next: NextFunction |
| 10 | ) => { |
| 11 | const accessToken = get(req, "headers.authorization", "").replace( |
| 12 | /^Bearer\s/, |
| 13 | "" |
| 14 | ); |
| 15 | |
| 16 | const refreshToken = get(req, "headers.x-refresh"); |
| 17 | |
| 18 | if (!accessToken) return next(); |
| 19 | |
| 20 | const { decoded, expired } = decode(accessToken); |
| 21 | |
| 22 | if (decoded) { |
| 23 | // @ts-ignore |
| 24 | req.user = decoded; |
| 25 | |
| 26 | return next(); |
| 27 | } |
| 28 | |
| 29 | if (expired && refreshToken) { |
| 30 | const newAccessToken = await reIssueAccessToken({ refreshToken }); |
| 31 | |
| 32 | if (newAccessToken) { |
| 33 | // Add the new access token to the response header |
| 34 | res.setHeader("x-access-token", newAccessToken); |
| 35 | |
| 36 | const { decoded } = decode(newAccessToken); |
| 37 | |
| 38 | // @ts-ignore |
| 39 | req.user = decoded; |
| 40 | } |
| 41 | |
| 42 | return next(); |
| 43 | } |
| 44 | |
| 45 | return next(); |
| 46 | }; |
| 47 | |
| 48 | export default deserializeUser; |
nothing calls this directly
no test coverage detected