search

globe-and-citizen / cnc-portal

The Crypto Native Portal, an app that creates a mechanism to financially acknowledge the micro contributions of Open Source collaborators along with tools that promote effective governance.
3 stars 0 forks source link

[Bug] Auth token doesn't update #261

Closed aliassan closed 3 weeks ago

aliassan commented 1 month ago

Description

Describe the bug The auth token doesn't update and returns an old expired token so you're unable to login.

To Reproduce Steps to reproduce the behavior:

  1. Go to backend/src/controllers/authController.ts, ln 58
  2. Change or set expiresIn value to '5s'
  3. Logout of the app
  4. Login and wait for 6s
  5. Navigate to APP_URL/login without logging out
  6. Try to login again

Expected behavior It should reset the authToken and update to the new generated value

hermannleboss commented 1 month ago

I have this error when i try to login with the backend locally.

do you have the same error ? @aliassan image

aliassan commented 1 month ago

No, I have 401 Unauthorized error in the front-end and jwt-expired error in the back-end

hermannleboss commented 1 month ago

The problem i have is because i'm not authenticated but i still have the token in the localstorage image

And the old token is used for the next request.

So i recieve in the SIWE request : /api/auth/siwe

{
    "success": true,
    "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhZGRyZXNzIjoiMHg4MkZDMGQ4NGZBOUM2OTc0NTVjMkI5ZWE0MTZiYzAwYjkyOTNiZDZFIiwiaWF0IjoxNzIwODkxMzE3LCJleHAiOjE3MjA5Nzc3MTd9.ndC05KtXu3Nyfn5MU_6rvyyn9tWEnzobWdJwNxiTxy8"
}

But the token for authenticating the user fully is Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhZGRyZXNzIjoiMHg4MkZDMGQ4NGZBOUM2OTc0NTVjMkI5ZWE0MTZiYzAwYjkyOTNiZDZFIiwiaWF0IjoxNzIwODg3OTgwLCJleHAiOjE3MjA5NzQzODB9._Q4ZIbDRs3MMaw2R9eabFMMmynLQyN9SuUkLMztP0TQ

They are not simillar.

hermannleboss commented 1 month ago

But authentication need to be fully refactor to fix this issue.