I’m facing an issue with refreshing an expired JWT token in my application. The problem is that when a token expires, I can no longer retrieve the user’s ID because the token is invalid, and I need the user’s ID to generate a new token.
Here’s a brief overview of the situation:
-
Problem Description: When a user’s JWT token expires, I cannot
extract the user’s ID from the expired token because the
verification process fails due to the token’s expiration. Without
the user ID, I can’t issue a new JWT token. -
Current Approach: I’m using the following approach to verify the
token and issue a new token:
plugin.controllers.auth.refreshToken = async (ctx) => {
const params = _.assign(ctx.request.body);
try {
const { id } = await strapi.plugins[
"users-permissions"
].services.jwt.verify(params.jwt); // Problem retrieving user id, if token expires.
const RAW_SQL = `SELECT id FROM up_users WHERE id = ${id}`;
const entriesResult = await strapi.db.connection.raw(RAW_SQL);
const rows = entriesResult.rows;
if (_.size(rows) === 1) {
const user = _.first(rows);
ctx.send({
jwt: strapi.plugins["users-permissions"].services.jwt.issue({
id: user.id,
}),
});
}
} catch (e) {
return ctx.badRequest(null, "Invalid token");
}
};