bullpen/backend/controllers/auth.controller.js

const db = require("../models/index");
const config = require("../config/auth.config");
const { Auth: Auth, User: User, RefreshToken: RefreshToken } = db;

const jwt = require("jsonwebtoken");
const {registerUser} = require("../helper/user.helper");

exports.register = (req, res) => {
    // Ensure at least one role ist set
    req.body.roles = req.body.roles?.length ? req.body.roles : ['player'];

    try {
        registerUser(req.body);
        res.send({ message: "User registered successfully!" });
    } catch (err) {
        res.status(500).send({ message: err.message });
    }
};

exports.login = async (req, res) => {
    try {
        const auth = await Auth.findOne({
            where: {
                email: req.body.email
            }
        });
        if (!auth) {
            return res.status(404).send({message: "User Not found."});
        }
        const passwordIsValid = auth.validPassword(req.body.password);

        if (!passwordIsValid) {
            return res.status(401).send({
                accessToken: null,
                message: "Invalid Password!"
            });
        }

        const refreshToken = await RefreshToken.createToken(auth);
        const accessToken = jwt.sign({id: auth.id},
            config.secret,
            {
                algorithm: 'HS256',
                allowInsecureKeySizes: true,
                expiresIn: config.jwtExpiration
            });

        const user = await User.findOne({
            where: {
                authId: auth.id
            }
        });

        const authorities = [];
        const roles = await user.getRoles();
        for (let i = 0; i < roles.length; i++) {
            authorities.push("ROLE_" + roles[i].name.toUpperCase());
        }

        return res.status(200).send({
            id: user.id,
            email: auth.email,
            roles: authorities,
            accessToken: accessToken,
            refreshToken: refreshToken
        });
    } catch (err) {
        res.status(500).send({ message: err.message });
    }
};

exports.refreshToken = async (req, res) => {
    const { refreshToken: requestToken } = req.body;

    if (requestToken == null) {
        return res.status(403).json({ message: "Refresh Token is required!" });
    }

    try {
        let refreshToken = await RefreshToken.findOne({ where: { token: requestToken } });

        if (!refreshToken) {
            res.status(403).json({ message: "Refresh token is not in database!" });
            return;
        }

        if (RefreshToken.verifyExpiration(refreshToken)) {
            RefreshToken.destroy({ where: { id: refreshToken.id } });

            res.status(403).json({
                message: "Refresh token was expired. Please make a new login request",
            });
            return;
        }

        let newAccessToken = jwt.sign({ id: refreshToken.authId }, config.secret, {
            expiresIn: config.jwtExpiration,
        });

        return res.status(200).json({
            accessToken: newAccessToken,
            refreshToken: refreshToken.token,
        });
    } catch (err) {
        return res.status(500).send({ message: err });
    }
};