/authentication-refresh-token

A Feathers Refresh Token Strategy

Primary LanguageTypeScript

Refresh Tokens Strategy for Feathers Authentication

This strategy adds refresh tokens to feathersjs authentication.

[UNMAINTAINED] - Please note, I'm not maintaining this as I don't use FeathersJS in my daily work anymore. Now, it still might work, but there are no guarantees

Requirements

Currently it only supports when it's used in conjunction with "Local Strategy" and "JWT"

What it does

When a user authenticates with local authentication, the receive a "Refresh Token" which the user can use to create new JWT access tokens.

Installation

To install and use the strategy, first run npm install. npm install @thesinding/authentication-refresh-token

Now add the strategy to your authentication.(ts|js) like so:

... // other imports
const { RefreshTokenStrategy } =  require('@thesinding/authentication-refresh-token');

module.exports  =  app  => {
	... // Other authentications strategies
	authentication.register('refresh-token', new  RefreshTokenStrategy()); // add the strategy
	... // Rest of the file
};

Then add the authentication hook like so:

const { RefreshTokenStrategy, addRefreshToken } =  require('@thesinding/authentication-refresh-token');

module.exports  =  app  => {
	... // Other authentications strategies
	authentication.register('refresh-token', new  RefreshTokenStrategy()); // add the strategy

	app.service('authentication').hooks({ // you might have to add this
		... // before hooks
		after: {
			create: [addRefreshToken()] // add the hook
		},
		// error hooks
	});
	... // Rest of the file
};

Create a service, this is where your app will store the refresh tokens. Use what every database adapter you want, depending on your setup. feathers generate service

Now it all need to be added in the configuration:

{
  "host": "localhost",
  "port": 3030,
  "public": "../public/",
  "paginate": {
    "default": 10,
    "max": 50
  },
  "authentication": {
	 // other settings
    "authStrategies": [
      "jwt",
      "local",
      "refresh-token" // Add the refresh token as a strategy
    ],
    "jwtOptions": {  // Your JWT options  },
    // other strategies,
    "refresh-token": {
	  "entity": "refresh-token", // this needs to be the same as in your model (if you have one)
	  "service": "refresh-tokens", // The service which you have created
	  "clientIdField": "clientId" // the name of the client id field
    }
   }
}

Done.

Try to authenticate as normal eg.

curl -H "Content-Type: application/json" -X POST -d '{ "strategy": "local", "email":"example@example.com","password":"X2y6" }' http://localhost:3030/authenticate

The response should look something like this:

{
    "authentication": {
        "strategy": "local"
    },
    "accessToken": "TOKEN DATA", // The access token
    "user": { // User data },
    "refreshToken": "9683fe86-aef1-4b3d-a0eb-da57624c62cf" // Store this token
}

The refreshToken can now be used to refresh the accessToken like so:

curl -H "Content-Type: application/json" -X POST -d '{ "strategy": "refresh-token", "clientId": "The ID of the user", "refreshToken": "The clients refresh token" }' http://localhost:3030/authenticate

It's respond should look similar to this, if the refreshToken and the clientId matches:

{
  "authentication": {
    "strategy": "refresh-token"
  },
  "accessToken": "TOKEN DATA", // The refreshed access token
  "user": { // User data }
}

Changelog:

0.0.1 - initial release