Skip to content

Commit

Permalink
fix: refresh checks the cookies over request body (#853)
Browse files Browse the repository at this point in the history
  • Loading branch information
DOOduneye authored May 19, 2024
1 parent 61f1d8a commit d27d776
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 4 deletions.
8 changes: 4 additions & 4 deletions backend/entities/auth/base/controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -88,8 +88,8 @@ func (a *AuthController) Register(c *fiber.Ctx) error {

// Refresh godoc
//
// @Summary Refreshes a user's access token
// @Description Refreshes a user's access token
// @Summary Refreshes a user's access token and returns a new pair of tokens
// @Description Refreshes a user's access token and returns a new pair of tokens
// @ID refresh-user
// @Tags auth
// @Accept json
Expand All @@ -100,9 +100,9 @@ func (a *AuthController) Register(c *fiber.Ctx) error {
// @Failure 500 {object} error
// @Router /auth/refresh [post]
func (a *AuthController) Refresh(c *fiber.Ctx) error {
var refreshBody authEntities.RefreshTokenRequestBody
var refreshBody RefreshTokenCookieBody

if err := c.BodyParser(&refreshBody); err != nil {
if err := c.CookieParser(&refreshBody); err != nil {
return utilities.InvalidJSON()
}

Expand Down
4 changes: 4 additions & 0 deletions backend/entities/auth/base/models.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,3 +14,7 @@ type VerifyPasswordResetTokenRequestBody struct {
type EmailRequestBody struct {
Email string `json:"email" validate:"required,email"`
}

type RefreshTokenCookieBody struct {
RefreshToken string `cookie:"refresh_token" validate:"required"`
}

0 comments on commit d27d776

Please sign in to comment.