From 75979bce3def6e5635d91e80bd2d77b43c3d0ac8 Mon Sep 17 00:00:00 2001
From: Ben Elferink <ben.elferink@icloud.com>
Date: Wed, 27 Oct 2021 19:06:47 +0300
Subject: [PATCH] fix: login with token returns new token

---
 client/package-lock.json                    |  1 +
 client/src/contexts/AuthContext.js          | 45 +++++++++++++++------
 server/controllers/auth/get-account.js      | 20 ---------
 server/controllers/auth/login-with-token.js | 25 ++++++++++++
 server/package-lock.json                    |  1 +
 server/routes/auth.js                       |  6 +--
 6 files changed, 62 insertions(+), 36 deletions(-)
 delete mode 100644 server/controllers/auth/get-account.js
 create mode 100644 server/controllers/auth/login-with-token.js

diff --git a/client/package-lock.json b/client/package-lock.json
index b298cdd..a9a976b 100644
--- a/client/package-lock.json
+++ b/client/package-lock.json
@@ -5,6 +5,7 @@
   "requires": true,
   "packages": {
     "": {
+      "name": "client",
       "version": "0.1.0",
       "license": "ISC",
       "dependencies": {
diff --git a/client/src/contexts/AuthContext.js b/client/src/contexts/AuthContext.js
index 33b0caa..ba48721 100644
--- a/client/src/contexts/AuthContext.js
+++ b/client/src/contexts/AuthContext.js
@@ -1,4 +1,4 @@
-import {createContext, useContext, useState, useEffect} from 'react'
+import { createContext, useContext, useState, useEffect } from 'react'
 import axios from '../api'
 
 // init context
@@ -10,7 +10,7 @@ export function useAuth() {
 }
 
 // export the provider (handle all the logic here)
-export function AuthProvider({children}) {
+export function AuthProvider({ children }) {
   const [isLoggedIn, setIsLoggedIn] = useState(false)
   const [account, setAccount] = useState(null)
   const [token, setToken] = useState(localStorage.getItem('token') || null)
@@ -19,9 +19,14 @@ export function AuthProvider({children}) {
     new Promise((resolve, reject) => {
       axios
         .post('/auth/register', formData)
-        .then(({data: {data, token}}) => {
-          setAccount(data)
-          setToken(token)
+        .then(({
+          data: {
+            data: accountData,
+            token: accessToken,
+          },
+        }) => {
+          setAccount(accountData)
+          setToken(accessToken)
           setIsLoggedIn(true)
           resolve(true)
         })
@@ -35,9 +40,14 @@ export function AuthProvider({children}) {
     new Promise((resolve, reject) => {
       axios
         .post('/auth/login', formData)
-        .then(({data: {data, token}}) => {
-          setAccount(data)
-          setToken(token)
+        .then(({
+          data: {
+            data: accountData,
+            token: accessToken,
+          },
+        }) => {
+          setAccount(accountData)
+          setToken(accessToken)
           setIsLoggedIn(true)
           resolve(true)
         })
@@ -53,12 +63,21 @@ export function AuthProvider({children}) {
     setToken(null)
   }
 
-  const getAccount = async () => {
+  const loginWithToken = async () => {
     try {
-      const headers = {headers: {authorization: `Bearer ${token}`}}
-      const response = await axios.get('/auth/account', headers)
+      const {
+        data: {
+          data: accountData,
+          token: accessToken,
+        },
+      } = await axios.get('/auth/login', {
+        headers: {
+          authorization: `Bearer ${token}`,
+        },
+      })
 
-      setAccount(response.data.data)
+      setAccount(accountData)
+      setToken(accessToken)
       setIsLoggedIn(true)
     } catch (error) {
       console.error(error)
@@ -80,7 +99,7 @@ export function AuthProvider({children}) {
   // This "if" statement is "true" only when refreshed, or re-opened the browser,
   // if true, it will then ask the backend for the account information (and will get them if the token hasn't expired)
   useEffect(() => {
-    if (!isLoggedIn && !account && token) getAccount()
+    if (!isLoggedIn && !account && token) loginWithToken()
   }, [isLoggedIn, account, token]) // eslint-disable-line react-hooks/exhaustive-deps
 
   return (
diff --git a/server/controllers/auth/get-account.js b/server/controllers/auth/get-account.js
deleted file mode 100644
index 125b340..0000000
--- a/server/controllers/auth/get-account.js
+++ /dev/null
@@ -1,20 +0,0 @@
-const Account = require('../../models/Account')
-
-async function getAccount(request, response, next) {
-  try {
-    const {uid} = request.auth
-
-    // Get account from DB, existance not verified because we are already authorized at this point
-    const foundAccount = await Account.findOne({_id: uid}).select('-password')
-
-    response.status(200).json({
-      message: 'Account fetched',
-      data: foundAccount,
-    })
-  } catch (error) {
-    console.error(error)
-    response.status(500).send()
-  }
-}
-
-module.exports = getAccount
diff --git a/server/controllers/auth/login-with-token.js b/server/controllers/auth/login-with-token.js
new file mode 100644
index 0000000..825c6c2
--- /dev/null
+++ b/server/controllers/auth/login-with-token.js
@@ -0,0 +1,25 @@
+const Account = require('../../models/Account')
+const { signToken } = require('../../middlewares/jsonwebtoken')
+
+async function loginWithToken(request, response, next) {
+  try {
+    const { uid } = request.auth
+
+    // Get account from DB, existance not verified because we are already authorized at this point
+    const foundAccount = await Account.findOne({ _id: uid }).select('-password')
+
+    // Generate access token
+    const token = signToken({ uid: foundAccount._id, role: foundAccount.role })
+
+    response.status(200).json({
+      message: 'Account fetched',
+      data: foundAccount,
+      token,
+    })
+  } catch (error) {
+    console.error(error)
+    response.status(500).send()
+  }
+}
+
+module.exports = loginWithToken
diff --git a/server/package-lock.json b/server/package-lock.json
index 246c394..173c111 100644
--- a/server/package-lock.json
+++ b/server/package-lock.json
@@ -5,6 +5,7 @@
   "requires": true,
   "packages": {
     "": {
+      "name": "server",
       "version": "0.1.0",
       "license": "ISC",
       "dependencies": {
diff --git a/server/routes/auth.js b/server/routes/auth.js
index 034d043..d38d8da 100644
--- a/server/routes/auth.js
+++ b/server/routes/auth.js
@@ -1,8 +1,8 @@
 const express = require('express')
-const {authorizeBearerToken} = require('../middlewares/jsonwebtoken')
+const { authorizeBearerToken } = require('../middlewares/jsonwebtoken')
 const register = require('../controllers/auth/register')
 const login = require('../controllers/auth/login')
-const getAccount = require('../controllers/auth/get-account')
+const loginWithToken = require('../controllers/auth/login-with-token')
 
 // initialize router
 const router = express.Router()
@@ -14,6 +14,6 @@ router.post('/register', [], register)
 router.post('/login', [], login)
 
 // GET at path: http://localhost:8080/auth/account
-router.get('/account', [authorizeBearerToken], getAccount)
+router.get('/login', [authorizeBearerToken], loginWithToken)
 
 module.exports = router