refactor: add a function to generate cookies for reply (#20)

authcompanion · Nov 25, 2023 · 8ff1528 · 8ff1528
1 parent 767c490
commit 8ff1528
Show file tree

Hide file tree

Showing 5 changed files with 23 additions and 41 deletions.
diff --git a/services/auth/login.js b/services/auth/login.js
@@ -1,5 +1,6 @@
-import { verifyValueWithHash, secureCookie } from "../../utils/credential.js";
+import { verifyValueWithHash } from "../../utils/credential.js";
 import { makeAccesstoken, makeRefreshtoken } from "../../utils/jwt.js";
+import { refreshCookie, fgpCookie } from "../../utils/cookies.js";
 import config from "../../config.js";
 
 export const loginHandler = async function (request, reply) {
@@ -47,18 +48,9 @@ export const loginHandler = async function (request, reply) {
       access_token: userAccessToken.token,
       access_token_expiry: userAccessToken.expiration,
     };
-    const expireDate = new Date();
-    expireDate.setTime(expireDate.getTime() + 7 * 24 * 60 * 60 * 1000); // TODO: Make configurable now, set to 7 days
 
     reply.headers({
-      "set-cookie": [
-        `userRefreshToken=${userRefreshToken.token}; Path=/; Expires=${expireDate}; SameSite=${
-          config.SAMESITE
-        }; HttpOnly; ${secureCookie()}`,
-        `Fgp=${userAccessToken.userFingerprint}; Path=/; Max-Age=3600; SameSite=${
-          config.SAMESITE
-        }; HttpOnly; ${secureCookie()}`,
-      ],
+      "set-cookie": [refreshCookie(userRefreshToken.token), fgpCookie(userAccessToken.userFingerprint)],
       "x-authc-app-origin": config.APPLICATIONORIGIN,
     });
 

diff --git a/services/auth/profile.js b/services/auth/profile.js
@@ -1,6 +1,7 @@
-import { createHash, secureCookie } from "../../utils/credential.js";
+import { createHash } from "../../utils/credential.js";
 import { makeAccesstoken, makeRefreshtoken } from "../../utils/jwt.js";
 import config from "../../config.js";
+import { refreshCookie, fgpCookie } from "../../utils/cookies.js";
 
 export const userProfileHandler = async function (request, reply) {
   try {
@@ -50,18 +51,9 @@ export const userProfileHandler = async function (request, reply) {
       access_token: userAccessToken.token,
       access_token_expiry: userAccessToken.expiration,
     };
-    const expireDate = new Date();
-    expireDate.setTime(expireDate.getTime() + 7 * 24 * 60 * 60 * 1000); // TODO: Make configurable now, set to 7 days
 
     reply.headers({
-      "set-cookie": [
-        `userRefreshToken=${userRefreshToken.token}; Path=/; Expires=${expireDate}; SameSite=${
-          config.SAMESITE
-        }; HttpOnly; ${secureCookie()}`,
-        `Fgp=${userAccessToken.userFingerprint}; Path=/; Max-Age=3600; SameSite=${
-          config.SAMESITE
-        }; HttpOnly; ${secureCookie()}`,
-      ],
+      "set-cookie": [refreshCookie(userRefreshToken.token), fgpCookie(userAccessToken.userFingerprint)],
       "x-authc-app-origin": config.APPLICATIONORIGIN,
     });
 

diff --git a/services/auth/refresh.js b/services/auth/refresh.js
@@ -1,7 +1,7 @@
 import { makeAccesstoken, makeRefreshtoken, validateJWT } from "../../utils/jwt.js";
 import config from "../../config.js";
 import { parse } from "cookie";
-import { secureCookie } from "../../utils/credential.js";
+import { refreshCookie, fgpCookie } from "../../utils/cookies.js";
 
 export const tokenRefreshHandler = async function (request, reply) {
   try {
@@ -37,18 +37,9 @@ export const tokenRefreshHandler = async function (request, reply) {
       access_token: userAccessToken.token,
       access_token_expiry: userAccessToken.expiration,
     };
-    const expireDate = new Date();
-    expireDate.setTime(expireDate.getTime() + 7 * 24 * 60 * 60 * 1000); // TODO: Make configurable now, set to 7 days
 
     reply.headers({
-      "set-cookie": [
-        `userRefreshToken=${userRefreshToken.token}; Path=/; Expires=${expireDate}; SameSite=${
-          config.SAMESITE
-        }; HttpOnly; ${secureCookie()}`,
-        `Fgp=${userAccessToken.userFingerprint}; Path=/; Max-Age=3600; SameSite=${
-          config.SAMESITE
-        }; HttpOnly; ${secureCookie()}`,
-      ],
+      "set-cookie": [refreshCookie(userRefreshToken.token), fgpCookie(userAccessToken.userFingerprint)],
       "x-authc-app-origin": config.APPLICATIONORIGIN,
     });
 

diff --git a/services/auth/registration.js b/services/auth/registration.js
@@ -3,6 +3,7 @@ import { randomUUID } from "crypto";
 import { createId } from "@paralleldrive/cuid2";
 import { makeAccesstoken, makeRefreshtoken } from "../../utils/jwt.js";
 import config from "../../config.js";
+import { refreshCookie, fgpCookie } from "../../utils/cookies.js";
 
 export const registrationHandler = async function (request, reply) {
   try {
@@ -53,14 +54,7 @@ export const registrationHandler = async function (request, reply) {
     expireDate.setTime(expireDate.getTime() + 7 * 24 * 60 * 60 * 1000); // TODO: Make configurable now, set to 7 days
 
     reply.headers({
-      "set-cookie": [
-        `userRefreshToken=${
-          userRefreshToken.token
-        }; Path=/; Expires=${expireDate}; SameSite=None; HttpOnly; ${secureCookie()}`,
-        `Fgp=${userAccessToken.userFingerprint}; Path=/; Max-Age=3600; SameSite=${
-          config.SAMESITE
-        }; HttpOnly; ${secureCookie()}`,
-      ],
+      "set-cookie": [refreshCookie(userRefreshToken.token), fgpCookie(userAccessToken.userFingerprint)],
       "x-authc-app-origin": config.REGISTRATIONORIGIN,
     });
 

diff --git a/utils/cookies.js b/utils/cookies.js
@@ -0,0 +1,13 @@
+import { secureCookie } from "./credential.js";
+import config from "../config.js";
+
+export function refreshCookie(token) {
+  const expireDate = new Date();
+  expireDate.setTime(expireDate.getTime() + 7 * 24 * 60 * 60 * 1000); // TODO: Make configurable now, set to 7 days
+  return `userRefreshToken=${token}; Path=/; Expires=${expireDate}; SameSite=${
+    config.SAMESITE
+  }; HttpOnly; ${secureCookie()}`;
+}
+export function fgpCookie(fingerprint) {
+  return `Fgp=${fingerprint}; Path=/; Max-Age=3600; SameSite=${config.SAMESITE}; HttpOnly; ${secureCookie()}`;
+}