From 20e615f4ed07818de3680f64f0f162150879a901 Mon Sep 17 00:00:00 2001 From: "Justin Lam, juslam19" Date: Tue, 14 Nov 2023 19:11:32 +0800 Subject: [PATCH] fix: update user profile updates access and refresh tokens --- .../src/controllers/authController.ts | 44 ++++++++++++++++--- 1 file changed, 37 insertions(+), 7 deletions(-) diff --git a/backend/user-service/src/controllers/authController.ts b/backend/user-service/src/controllers/authController.ts index fae0cd75..64bf5af5 100644 --- a/backend/user-service/src/controllers/authController.ts +++ b/backend/user-service/src/controllers/authController.ts @@ -438,6 +438,7 @@ export async function getCurrentUser(req: Request, res: Response) { username: true, password: true, email: true, + languages: true, role: true, token: true, }, @@ -576,6 +577,7 @@ export async function updateAccessToken(req: Request, res: Response) { password: true, email: true, role: true, + languages: true, token: true, }, }); @@ -677,24 +679,52 @@ export const updateUserProfile: RequestHandler[] = [ }, }); - res.json({ - message: "User profile updated successfully", - user: updatedUser, + // UPDATING BOTH TOKENS + // Fetch the latest user data from the database + const user = await prisma.user.findFirst({ + where: { + id: userId + }, + include: { + languages: true, + }, + }); + + if (!user) { + return res.status(401).json({ message: "Had issues retrieving user while updating tokens" }); + } + + // + const userWithoutPassword = { + id: user.id, + role: user.role, + email: user.email, + languages: user.languages, + username: user.username, + } as UserWithoutPassword; + const updatedAccessToken = await generateAccessToken(userWithoutPassword); + const updatedRefreshToken = await generateRefreshToken(userWithoutPassword); + + await prisma.user.update({ + where: { id: userId }, + data: { token: updatedRefreshToken }, }); - // Log the user out - res.clearCookie("accessToken", { + res.cookie("accessToken", updatedAccessToken, { httpOnly: true, secure: true, sameSite: "none", }); - res.clearCookie("refreshToken", { + res.cookie("refreshToken", updatedRefreshToken, { httpOnly: true, secure: true, sameSite: "none", }); - res.end(); + res.json({ + message: "User profile updated successfully", + user: updatedUser, + }); } catch (error) { if (