Jackie/rentall-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

csrf token handling, two jwt tokens

Browse Source
This commit is contained in:
jackiettran
2025-11-26 14:25:49 -05:00
parent f3a356d64b
commit 8b10103ae4
8 changed files with 114 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
backend/middleware/auth.js
View File

@@ -14,7 +14,7 @@ const authenticateToken = async (req, res, next) => {
}
try {
const decoded = jwt.verify(token, process.env.JWT_SECRET);
const decoded = jwt.verify(token, process.env.JWT_ACCESS_SECRET);
const userId = decoded.id;
if (!userId) {
@@ -78,7 +78,7 @@ const optionalAuth = async (req, res, next) => {
}
try {
const decoded = jwt.verify(token, process.env.JWT_SECRET);
const decoded = jwt.verify(token, process.env.JWT_ACCESS_SECRET);
const userId = decoded.id;
if (!userId) {

3
backend/middleware/csrf.js
View File

@@ -72,7 +72,8 @@ const getCSRFToken = (req, res) => {
maxAge: 60 * 60 * 1000,
});
res.json({ csrfToken: token });
res.set("X-CSRF-Token", token);
res.status(204).send();
};
module.exports = {