fix: get token logic, add buffer time

fix typos

server/resolvers/forgotPassword.go

@@ -3,44 +3,47 @@ package resolvers
 import (
 	"context"
 	"fmt"
+	"log"
+	"strings"
+	"time"
 
 	"github.com/yauthdev/yauth/server/db"
+	"github.com/yauthdev/yauth/server/enum"
 	"github.com/yauthdev/yauth/server/graph/model"
 	"github.com/yauthdev/yauth/server/utils"
 )
 
 func ForgotPassword(ctx context.Context, params model.ForgotPasswordInput) (*model.Response, error) {
 	var res *model.Response
+	params.Email = strings.ToLower(params.Email)
 
-	if params.NewPassword != params.ConfirmPassword {
-		return res, fmt.Errorf(`passwords don't match`)
+	if !utils.IsValidEmail(params.Email) {
+		return res, fmt.Errorf("invalid email")
 	}
 
-	_, err := db.Mgr.GetVerificationByToken(params.Token)
+	_, err := db.Mgr.GetUserByEmail(params.Email)
 	if err != nil {
-		return res, fmt.Errorf(`invalid token`)
+		return res, fmt.Errorf(`user with this email not found`)
 	}
 
-	// verify if token exists in db
-	claim, err := utils.VerifyVerificationToken(params.Token)
+	token, err := utils.CreateVerificationToken(params.Email, enum.ForgotPassword.String())
 	if err != nil {
-		return res, fmt.Errorf(`invalid token`)
+		log.Println(`Error generating token`, err)
 	}
+	db.Mgr.AddVerification(db.VerificationRequest{
+		Token:      token,
+		Identifier: enum.ForgotPassword.String(),
+		ExpiresAt:  time.Now().Add(time.Minute * 30).Unix(),
+		Email:      params.Email,
+	})
 
-	user, err := db.Mgr.GetUserByEmail(claim.Email)
-	if err != nil {
-		return res, err
-	}
-
-	password, _ := utils.HashPassword(params.NewPassword)
-	user.Password = password
-
-	// delete from verification table
-	db.Mgr.DeleteToken(claim.Email)
-	db.Mgr.UpdateUser(user)
+	// exec it as go routin so that we can reduce the api latency
+	go func() {
+		utils.SendForgotPasswordMail(params.Email, token)
+	}()
 
 	res = &model.Response{
-		Message: `Password updated successfully.`,
+		Message: `Please check your inbox! We have sent a password reset link.`,
 	}
 
 	return res, nil

server/resolvers/forgotPasswordRequest.go

@@ -1,50 +0,0 @@
-package resolvers
-
-import (
-	"context"
-	"fmt"
-	"log"
-	"strings"
-	"time"
-
-	"github.com/yauthdev/yauth/server/db"
-	"github.com/yauthdev/yauth/server/enum"
-	"github.com/yauthdev/yauth/server/graph/model"
-	"github.com/yauthdev/yauth/server/utils"
-)
-
-func ForgotPasswordRequest(ctx context.Context, params model.ForgotPasswordRequestInput) (*model.Response, error) {
-	var res *model.Response
-	params.Email = strings.ToLower(params.Email)
-
-	if !utils.IsValidEmail(params.Email) {
-		return res, fmt.Errorf("invalid email")
-	}
-
-	_, err := db.Mgr.GetUserByEmail(params.Email)
-	if err != nil {
-		return res, fmt.Errorf(`user with this email not found`)
-	}
-
-	token, err := utils.CreateVerificationToken(params.Email, enum.ForgotPassword.String())
-	if err != nil {
-		log.Println(`Error generating token`, err)
-	}
-	db.Mgr.AddVerification(db.VerificationRequest{
-		Token:      token,
-		Identifier: enum.ForgotPassword.String(),
-		ExpiresAt:  time.Now().Add(time.Minute * 30).Unix(),
-		Email:      params.Email,
-	})
-
-	// exec it as go routin so that we can reduce the api latency
-	go func() {
-		utils.SendForgotPasswordMail(params.Email, token)
-	}()
-
-	res = &model.Response{
-		Message: `Please check your inbox! We have sent a password reset link.`,
-	}
-
-	return res, nil
-}

server/resolvers/resetPassword.go

@@ -0,0 +1,47 @@
+package resolvers
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/yauthdev/yauth/server/db"
+	"github.com/yauthdev/yauth/server/graph/model"
+	"github.com/yauthdev/yauth/server/utils"
+)
+
+func ResetPassword(ctx context.Context, params model.ResetPassowrdInput) (*model.Response, error) {
+	var res *model.Response
+
+	if params.Password != params.ConfirmPassword {
+		return res, fmt.Errorf(`passwords don't match`)
+	}
+
+	_, err := db.Mgr.GetVerificationByToken(params.Token)
+	if err != nil {
+		return res, fmt.Errorf(`invalid token`)
+	}
+
+	// verify if token exists in db
+	claim, err := utils.VerifyVerificationToken(params.Token)
+	if err != nil {
+		return res, fmt.Errorf(`invalid token`)
+	}
+
+	user, err := db.Mgr.GetUserByEmail(claim.Email)
+	if err != nil {
+		return res, err
+	}
+
+	password, _ := utils.HashPassword(params.Password)
+	user.Password = password
+
+	// delete from verification table
+	db.Mgr.DeleteToken(claim.Email)
+	db.Mgr.UpdateUser(user)
+
+	res = &model.Response{
+		Message: `Password updated successfully.`,
+	}
+
+	return res, nil
+}

server/resolvers/token.go

@@ -3,6 +3,7 @@ package resolvers
 import (
 	"context"
 	"fmt"
+	"time"
 
 	"github.com/yauthdev/yauth/server/db"
 	"github.com/yauthdev/yauth/server/enum"
@@ -37,9 +38,11 @@ func Token(ctx context.Context) (*model.LoginResponse, error) {
 	if sessionToken == "" {
 		return res, fmt.Errorf(`unauthorized`)
 	}
-	// TODO check if session token has expired
+	// TODO check if refresh/session token has expired
 
-	if accessTokenErr != nil {
+	expiresTimeObj := time.Unix(expiresAt, 0)
+	currentTimeObj := time.Now()
+	if accessTokenErr != nil || expiresTimeObj.Sub(currentTimeObj).Minutes() <= 5 {
 		// if access token has expired and refresh/session token is valid
 		// generate new accessToken
 		token, expiresAt, _ = utils.CreateAuthToken(utils.UserAuthInfo{

server/resolvers/users.go

@@ -32,7 +32,6 @@ func Users(ctx context.Context) ([]*model.User, error) {
 			SignupMethod:    user.SignupMethod,
 			FirstName:       &user.FirstName,
 			LastName:        &user.LastName,
-			Password:        &user.Password,
 			EmailVerifiedAt: &user.EmailVerifiedAt,
 			CreatedAt:       &user.CreatedAt,
 			UpdatedAt:       &user.UpdatedAt,