Auth-module: How to access the user information from the `/api/auth/refresh` endpoint to create the new token?

Created on 14 Apr 2021 · 2Comments · Source: nuxt-community/auth-module

Hello everyone, I am trying to implement the localRefresh scheme but at the moment of refreshing the token when the POST is made to /api/auth/refresh asking to refresh the token it is supposed that the backend needs to know in some way what was the previous token or the user who is logged in to create the new token, but I do not know what is the way to obtain that information because in the body only the refreshToken is sent and it is not in the headers either.
I actually looked in the documentation for something similar but I didn't find anything.
Please if someone knows help me!

auth config

  auth: {
    strategies: {
      localRefresh: {
        scheme: 'refresh',
        token: {
          property: 'accessToken',
          maxAge: 60
        },
        refreshToken: {
          property: 'refreshToken',
          data: 'refreshToken',
          maxAge: 120
        },
        endpoints: {
          logout: false
        }
      }
    },
  },

controller refreshToken in nodejs, but there is no way to access the information of the user who is logged in

const refreshTokenUser = async (req, res) => {
    try {
        const { refreshToken } = req.body

        console.log(refreshToken)

        return res.json({//token...})
    } catch (error) {
        console.log(error)
        return res.status(500).json({ ok: false, message: 'An error occurred' })
    }
}

question

Source

GuasaPlay

All 2 comments

Hi @GuasaPlay! You can get the token from Authorization header. All you need to do is add tokenRequired: true to refreshToken option in your auth config :)