refactor: change cookie names from hardcoded values to a single sourc…

…e of truth
Tarhche · Nov 23, 2024 · bd5ab10 · bd5ab10
1 parent 17f8548
commit bd5ab10
Show file tree

Hide file tree

Showing 5 changed files with 50 additions and 23 deletions.
diff --git a/frontend/src/constants/strings.ts b/frontend/src/constants/strings.ts
@@ -1 +1,4 @@
 export const BRAND_NAME = "طرحچه";
+export const ACCESS_TOKEN_COOKIE_NAME = "access_token";
+export const REFRESH_TOKEN_COOKIE_NAME = "refresh_token";
+export const USER_ROLES_COOKIE_NAME = "roles";
diff --git a/frontend/src/dal/api-client.ts b/frontend/src/dal/api-client.ts
@@ -5,6 +5,10 @@ import axios, {AxiosError} from "axios";
 import {REFRESH_TOKEN_URL} from "./auth";
 import {INTERNAL_BACKEND_URL} from "@/constants/envs";
 import {ACCESS_TOKEN_EXP, REFRESH_TOKEN_EXP} from "@/constants/numbers";
+import {
+  ACCESS_TOKEN_COOKIE_NAME,
+  REFRESH_TOKEN_COOKIE_NAME,
+} from "@/constants/strings";
 
 const BASE_URL = `${INTERNAL_BACKEND_URL}/api`;
 
@@ -17,7 +21,7 @@ export const apiClient = axios.create({
 
 apiClient.interceptors.request.use(
   async (config) => {
-    const accessToken = cookies().get("access_token")?.value;
+    const accessToken = cookies().get(ACCESS_TOKEN_COOKIE_NAME)?.value;
     if (accessToken !== undefined) {
       config.headers.Authorization = `Bearer ${accessToken}`;
     }
@@ -35,7 +39,7 @@ apiClient.interceptors.response.use(
     const isFromApiRoutes = Boolean(headersStore.get("client-to-proxy"));
     const isFromServerAction = Boolean(headersStore.get("next-action"));
     if (error instanceof AxiosError && error.status === 401) {
-      const refreshToken = cookiesStore.get("refresh_token")?.value;
+      const refreshToken = cookiesStore.get(REFRESH_TOKEN_COOKIE_NAME)?.value;
       if (refreshToken === undefined || originalRequest._retry) {
         return error;
       }
@@ -53,12 +57,12 @@ apiClient.interceptors.response.use(
         });
         if (isFromApiRoutes) {
           originalRequestResponse.headers["set-cookie"] = [
-            serialize("access_token", access_token, {
+            serialize(ACCESS_TOKEN_COOKIE_NAME, access_token, {
               httpOnly: true,
               maxAge: ACCESS_TOKEN_EXP,
               path: "/",
             }),
-            serialize("refresh_token", refresh_token, {
+            serialize(REFRESH_TOKEN_COOKIE_NAME, refresh_token, {
               httpOnly: true,
               maxAge: REFRESH_TOKEN_EXP,
               path: "/",
@@ -67,12 +71,12 @@ apiClient.interceptors.response.use(
           return originalRequestResponse;
         }
         if (isFromServerAction) {
-          cookies().set("access_token", access_token, {
+          cookies().set(ACCESS_TOKEN_COOKIE_NAME, access_token, {
             httpOnly: true,
             maxAge: ACCESS_TOKEN_EXP,
             path: "/",
           });
-          cookies().set("refresh_token", refresh_token, {
+          cookies().set(REFRESH_TOKEN_COOKIE_NAME, refresh_token, {
             httpOnly: true,
             maxAge: REFRESH_TOKEN_EXP,
             path: "/",

diff --git a/frontend/src/features/auth/actions/login.ts b/frontend/src/features/auth/actions/login.ts
@@ -2,6 +2,10 @@
 import {redirect} from "next/navigation";
 import {cookies} from "next/headers";
 import {loginUser} from "@/dal/auth";
+import {
+  ACCESS_TOKEN_COOKIE_NAME,
+  REFRESH_TOKEN_COOKIE_NAME,
+} from "@/constants/strings";
 import {ACCESS_TOKEN_EXP, REFRESH_TOKEN_EXP} from "@/constants/numbers";
 
 type FormState = {
@@ -29,12 +33,12 @@ export async function login(
   if (isDataValid) {
     try {
       const response = await loginUser(identity, password);
-      cookies().set("access_token", response.access_token, {
+      cookies().set(ACCESS_TOKEN_COOKIE_NAME, response.access_token, {
         maxAge: ACCESS_TOKEN_EXP,
         httpOnly: true,
         secure: true,
       });
-      cookies().set("refresh_token", response.refresh_token, {
+      cookies().set(REFRESH_TOKEN_COOKIE_NAME, response.refresh_token, {
         maxAge: REFRESH_TOKEN_EXP,
         httpOnly: true,
         secure: true,

diff --git a/frontend/src/lib/http.ts b/frontend/src/lib/http.ts
@@ -1,4 +1,8 @@
 import {cookies, headers} from "next/headers";
+import {
+  ACCESS_TOKEN_COOKIE_NAME,
+  REFRESH_TOKEN_COOKIE_NAME,
+} from "@/constants/strings";
 
 export function getRootUrl() {
   const host = headers().get("host");
@@ -9,7 +13,7 @@ export function getRootUrl() {
 export function getCredentialsFromCookies() {
   const cookiesStore = cookies();
   return {
-    accessToken: cookiesStore.get("access_token")?.value,
-    refreshToken: cookiesStore.get("refresh_token")?.value,
+    accessToken: cookiesStore.get(ACCESS_TOKEN_COOKIE_NAME)?.value,
+    refreshToken: cookiesStore.get(REFRESH_TOKEN_COOKIE_NAME)?.value,
   };
 }
diff --git a/frontend/src/middleware.ts b/frontend/src/middleware.ts
@@ -1,11 +1,15 @@
 import {NextRequest, NextResponse} from "next/server";
+import jwt from "jsonwebtoken";
 import {refreshToken as getNewTokens} from "./dal/auth";
+import {
+  ACCESS_TOKEN_COOKIE_NAME,
+  REFRESH_TOKEN_COOKIE_NAME,
+} from "@/constants/strings";
 import {ACCESS_TOKEN_EXP, REFRESH_TOKEN_EXP} from "./constants/numbers";
-import jwt from "jsonwebtoken";
 
 export async function middleware(request: NextRequest) {
-  const accessToken = request.cookies.get("access_token")?.value;
-  const refreshToken = request.cookies.get("refresh_token")?.value;
+  const accessToken = request.cookies.get(ACCESS_TOKEN_COOKIE_NAME)?.value;
+  const refreshToken = request.cookies.get(REFRESH_TOKEN_COOKIE_NAME)?.value;
 
   try {
     const decodedAccessToken = jwt.decode(accessToken ?? "", {
@@ -25,16 +29,24 @@ export async function middleware(request: NextRequest) {
       try {
         const newTokens = (await getNewTokens(refreshToken!)).data;
         const nextResponse = NextResponse.next();
-        nextResponse.cookies.set("access_token", newTokens.access_token, {
-          httpOnly: true,
-          maxAge: ACCESS_TOKEN_EXP,
-          path: "/",
-        });
-        nextResponse.cookies.set("refresh_token", newTokens.refresh_token, {
-          httpOnly: true,
-          maxAge: REFRESH_TOKEN_EXP,
-          path: "/",
-        });
+        nextResponse.cookies.set(
+          ACCESS_TOKEN_COOKIE_NAME,
+          newTokens.access_token,
+          {
+            httpOnly: true,
+            maxAge: ACCESS_TOKEN_EXP,
+            path: "/",
+          },
+        );
+        nextResponse.cookies.set(
+          REFRESH_TOKEN_COOKIE_NAME,
+          newTokens.refresh_token,
+          {
+            httpOnly: true,
+            maxAge: REFRESH_TOKEN_EXP,
+            path: "/",
+          },
+        );
         return nextResponse;
       } catch {
         throw new Error();