remove AccessToken object type

acces token expiration can be calculated from the payload
5 years ago · a3d44751f6
parent 02ec7d31a8
commit a3d44751f6
5 changed files with 8 additions and 31 deletions
--- a/src/server.spec.ts
+++ b/src/server.spec.ts
@ -5,7 +5,6 @@ import { createConnection } from "typeorm"
 import { createServer } from "./server"
 import { gqlToString } from "./server/schema"
 import { testingConnectionOptions } from "./server/testing"
-import { AccessToken } from "./server/userResolver/AccessToken"
 import { verifiedRefreshTokenPayload } from "./server/userResolver/auth"
 import { User } from "./server/userResolver/User"
 import cookie = require("cookie")
@ -22,7 +21,7 @@ describe("server should", () => {
 		const userId = createUserResponse.data.createUser.id

 		const accessTokenReponse = await rawRequest(gqlUri, gqlToString(accessTokenQuery))
-		const accessToken: AccessToken = accessTokenReponse.data.accessToken
+		const accessToken: string = accessTokenReponse.data.accessToken
 		const headers: Headers = accessTokenReponse.headers
 		const cookieHeader = headers.get("set-cookie") as string
 		const parsedCookie = cookie.parse(cookieHeader)
@ -33,7 +32,7 @@ describe("server should", () => {

 		const client = new GraphQLClient(gqlUri, {
 			headers: {
-				Authorization: "Bearer " + accessToken.jwt,
+				Authorization: "Bearer " + accessToken,
 			},
 		})
 		const meResponse = await client.rawRequest(gqlToString(meQuery))
@ -91,9 +90,7 @@ const createUserMutation = gql`

 const accessTokenQuery = gql`
 	query {
-		accessToken(email: "auth@server.com", password: "password") {
-			jwt
-		}
+		accessToken(email: "auth@server.com", password: "password")
 	}
 `

--- a/src/server/UserResolver.spec.ts
+++ b/src/server/UserResolver.spec.ts
@ -7,7 +7,6 @@ import {
 	runInRollbackTransaction,
 	testingConnectionOptions,
 } from "./testing"
-import { AccessToken } from "./userResolver/AccessToken"
 import { Context, signAccessToken, verifiedAccessTokenPayload } from "./userResolver/auth"
 import { User } from "./userResolver/User"

@ -72,13 +71,12 @@ describe("resolver of user", () => {
 				}).save()

 				const response = await callSchema(accessTokenQuery, contextWithCookie())
-				const accessToken: AccessToken = response.data!.accessToken
-				const jwtPayload = verifiedAccessTokenPayload(accessToken.jwt)
+				const accessToken: string = response.data!.accessToken
+				const jwtPayload = verifiedAccessTokenPayload(accessToken)
 				const jwtLifetime = jwtPayload.exp! - jwtPayload.iat!

 				expect(jwtLifetime).toBeGreaterThanOrEqual(oneMinute)
 				expect(jwtLifetime).not.toBeGreaterThan(sixteenMinutes)
-				expect(jwtLifetime).toBe(accessToken.jwtExpiry)
 				expect(jwtPayload.userId).toBe(user.id)
 				expect(response.errors).toBeUndefined()
 			})
@ -145,10 +143,7 @@ const usersQuery = gql`
 `
 const accessTokenQuery = gql`
 	query {
-		accessToken(email: "access-token@user-resolver.com", password: "password") {
-			jwt
-			jwtExpiry
-		}
+		accessToken(email: "access-token@user-resolver.com", password: "password")
 	}
 `
 const meQuery = gql`
--- a/src/server/UserResolver.ts
+++ b/src/server/UserResolver.ts
@ -1,6 +1,5 @@
 import "reflect-metadata"
 import { Arg, Authorized, Ctx, Mutation, Query } from "type-graphql"
-import { AccessToken } from "./userResolver/AccessToken"
 import { comparePasswords, Context, accessTokenWithRefreshCookie } from "./userResolver/auth"
 import { User } from "./userResolver/User"

@ -10,7 +9,7 @@ export class UserResolver {
 		return await User.find()
 	}

-	@Query(() => AccessToken)
+	@Query(() => String)
 	async accessToken(
 		@Arg("email") email: string,
 		@Arg("password") password: string,
--- a/src/server/userResolver/AccessToken.ts
+++ b/src/server/userResolver/AccessToken.ts
@ -1,11 +0,0 @@
-import "reflect-metadata"
-import { Field, ObjectType } from "type-graphql"
-
-@ObjectType()
-export class AccessToken {
-	@Field()
-	jwt: string = ""
-
-	@Field()
-	jwtExpiry: number = 0
-}
--- a/src/server/userResolver/auth.ts
+++ b/src/server/userResolver/auth.ts
@ -2,7 +2,6 @@ import { argon2id, hash as argonHash, verify as argonVerify } from "argon2"
 import { Request, Response } from "express"
 import { sign as jwtSign, verify as jwtVerify } from "jsonwebtoken"
 import { AuthChecker } from "type-graphql"
-import { AccessToken } from "./AccessToken"

 export const hashPassword = async (password: string) =>
 	await argonHash(password, { type: argon2id })
@ -44,9 +43,7 @@ export const verifiedRefreshTokenPayload = (token: string) => {
 }

 export const accessTokenWithRefreshCookie = (userId: number, res: Response) => {
-	const accessToken = new AccessToken()
-	accessToken.jwt = signAccessToken({ userId })
-	accessToken.jwtExpiry = parseInt(process.env.ACCESS_EXPIRY as string)
+	const accessToken = signAccessToken({ userId })

 	const refreshExpiryMs = parseInt(process.env.REFRESH_EXPIRY as string) * 1000
 	res.cookie("rt", signRefreshToken({ userId }), {