barbercollie/ReadMeABook
1
0
Fork 1
mirror of https://github.com/kikootwo/ReadMeABook.git synced 2026-06-02 20:30:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
95917715b175bc97281c73de8d7af48cae167430
ReadMeABook/src/app/api/auth/refresh/route.ts
T
kikootwo 95917715b1 Remove redundant id field from JWT payloads 
Drop the duplicated `id` alias from JWT payloads and related token generation across auth providers and endpoints. The TokenPayload interface no longer includes `id`; middleware now derives `user.id` from `sub` when attaching the authenticated user to requests. Update tests accordingly. This reduces redundancy and ensures the canonical user identifier is `sub`.
2026-03-04 15:36:28 -05:00

84 lines
1.9 KiB
TypeScript
Raw Blame History

/**
* Component: Token Refresh Route
* Documentation: documentation/backend/services/auth.md
*/
import { NextRequest, NextResponse } from 'next/server';
import { verifyRefreshToken, generateAccessToken } from '@/lib/utils/jwt';
import { prisma } from '@/lib/db';
import { RMABLogger } from '@/lib/utils/logger';
const logger = RMABLogger.create('API.Auth.Refresh');
/**
* POST /api/auth/refresh
* Refresh access token using refresh token
*/
export async function POST(request: NextRequest) {
try {
const body = await request.json();
const { refreshToken } = body;
if (!refreshToken) {
return NextResponse.json(
{
error: 'ValidationError',
message: 'Refresh token is required',
},
{ status: 400 }
);
}
// Verify refresh token
const payload = verifyRefreshToken(refreshToken);
if (!payload) {
return NextResponse.json(
{
error: 'Unauthorized',
message: 'Invalid or expired refresh token',
},
{ status: 401 }
);
}
// Get user from database
const user = await prisma.user.findUnique({
where: { id: payload.sub },
});
if (!user) {
return NextResponse.json(
{
error: 'Unauthorized',
message: 'User not found',
},
{ status: 401 }
);
}
// Generate new access token
const accessToken = generateAccessToken({
sub: user.id,
plexId: user.plexId,
username: user.plexUsername,
role: user.role,
});
return NextResponse.json({
success: true,
accessToken,
expiresIn: 3600, // 1 hour in seconds
});
} catch (error) {
logger.error('Failed to refresh token', { error: error instanceof Error ? error.message : String(error) });
return NextResponse.json(
{
error: 'RefreshError',
message: 'Failed to refresh access token',
},
{ status: 500 }
);
}
}
Reference in New Issue View Git Blame Copy Permalink