{"id":18559,"date":"2023-04-20T09:22:40","date_gmt":"2023-04-20T05:52:40","guid":{"rendered":"https:\/\/nabfollower.com\/blog\/authenticate-and-protect-rest-api-routes-with-jwt-and-refersh-token-rotation-1lg5\/"},"modified":"2023-04-20T09:22:40","modified_gmt":"2023-04-20T05:52:40","slug":"authenticate-and-protect-rest-api-routes-with-jwt-and-refersh-token-rotation-1lg5","status":"publish","type":"post","link":"https:\/\/nabfollower.com\/blog\/authenticate-and-protect-rest-api-routes-with-jwt-and-refersh-token-rotation-1lg5\/","title":{"rendered":"\u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0648 \u0645\u062d\u0627\u0641\u0638\u062a \u0627\u0632 \u0645\u0633\u06cc\u0631\u0647\u0627\u06cc REST API \u0628\u0627 JWT \u0648 \u0686\u0631\u062e\u0634 \u062a\u0648\u06a9\u0646 refersh"},"content":{"rendered":"<div data-article-id=\"1441461\" id=\"article-body\">\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter-rtl ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">\u0641\u0647\u0631\u0633\u062a \u0645\u0637\u0627\u0644\u0628<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"\u062a\u063a\u06cc\u06cc\u0631 \u0648\u0636\u0639\u06cc\u062a \u0641\u0647\u0631\u0633\u062a \u0645\u0637\u0627\u0644\u0628\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/nabfollower.com\/blog\/authenticate-and-protect-rest-api-routes-with-jwt-and-refersh-token-rotation-1lg5\/#%D8%A8%D8%B1%D8%B1%D8%B3%DB%8C_%D8%A7%D8%AC%D9%85%D8%A7%D9%84%DB%8C\" >\u0628\u0631\u0631\u0633\u06cc \u0627\u062c\u0645\u0627\u0644\u06cc<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/nabfollower.com\/blog\/authenticate-and-protect-rest-api-routes-with-jwt-and-refersh-token-rotation-1lg5\/#%D8%B7%D8%B1%D8%AD%D9%88%D8%A7%D8%B1%D9%87_%D9%BE%D8%A7%DB%8C%DA%AF%D8%A7%D9%87_%D8%AF%D8%A7%D8%AF%D9%87\" >\u0637\u0631\u062d\u0648\u0627\u0631\u0647 \u067e\u0627\u06cc\u06af\u0627\u0647 \u062f\u0627\u062f\u0647<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/nabfollower.com\/blog\/authenticate-and-protect-rest-api-routes-with-jwt-and-refersh-token-rotation-1lg5\/#%D9%85%D8%B1%D9%88%D8%B1%DB%8C_%D8%A8%D8%B1_%D9%85%D8%B3%DB%8C%D8%B1%D9%87%D8%A7%DB%8C_auth\" >\u0645\u0631\u0648\u0631\u06cc \u0628\u0631 \u0645\u0633\u06cc\u0631\u0647\u0627\u06cc auth<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/nabfollower.com\/blog\/authenticate-and-protect-rest-api-routes-with-jwt-and-refersh-token-rotation-1lg5\/#%D8%AB%D8%A8%D8%AA\" >\u062b\u0628\u062a<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/nabfollower.com\/blog\/authenticate-and-protect-rest-api-routes-with-jwt-and-refersh-token-rotation-1lg5\/#%D9%88%D8%A7%D8%B1%D8%AF_%D8%B4%D8%AF%D9%86\" >\u0648\u0627\u0631\u062f \u0634\u062f\u0646<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/nabfollower.com\/blog\/authenticate-and-protect-rest-api-routes-with-jwt-and-refersh-token-rotation-1lg5\/#Refresh_Access_Token\" >Refresh Access Token<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/nabfollower.com\/blog\/authenticate-and-protect-rest-api-routes-with-jwt-and-refersh-token-rotation-1lg5\/#%D8%AF%D8%B3%D8%AA%D8%B1%D8%B3%DB%8C_%D8%A8%D9%87_%D9%85%D9%86%D8%A7%D8%A8%D8%B9_%D9%85%D8%AD%D8%A7%D9%81%D8%B8%D8%AA_%D8%B4%D8%AF%D9%87\" >\u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0645\u0646\u0627\u0628\u0639 \u0645\u062d\u0627\u0641\u0638\u062a \u0634\u062f\u0647<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/nabfollower.com\/blog\/authenticate-and-protect-rest-api-routes-with-jwt-and-refersh-token-rotation-1lg5\/#%D8%AE%D8%B1%D9%88%D8%AC\" >\u062e\u0631\u0648\u062c<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/nabfollower.com\/blog\/authenticate-and-protect-rest-api-routes-with-jwt-and-refersh-token-rotation-1lg5\/#%D8%A7%D8%B2_%D8%AC%D9%84%D8%B3%D9%87_%D8%AC%D8%A7%D8%B1%DB%8C_%D8%AE%D8%A7%D8%B1%D8%AC_%D8%B4%D9%88%DB%8C%D8%AF\" >\u0627\u0632 \u062c\u0644\u0633\u0647 \u062c\u0627\u0631\u06cc \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/nabfollower.com\/blog\/authenticate-and-protect-rest-api-routes-with-jwt-and-refersh-token-rotation-1lg5\/#%D8%A7%D8%B2_%D9%87%D9%85%D9%87_%D8%AF%D8%B3%D8%AA%DA%AF%D8%A7%D9%87%E2%80%8C%D9%87%D8%A7_%D8%AE%D8%A7%D8%B1%D8%AC_%D8%B4%D9%88%DB%8C%D8%AF\" >\u0627\u0632 \u0647\u0645\u0647 \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/nabfollower.com\/blog\/authenticate-and-protect-rest-api-routes-with-jwt-and-refersh-token-rotation-1lg5\/#%D8%AA%D8%B3%D8%AA_api\" >\u062a\u0633\u062a api<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/nabfollower.com\/blog\/authenticate-and-protect-rest-api-routes-with-jwt-and-refersh-token-rotation-1lg5\/#%D8%AB%D8%A8%D8%AA_%D9%86%D8%A7%D9%85\" >\u062b\u0628\u062a \u0646\u0627\u0645<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/nabfollower.com\/blog\/authenticate-and-protect-rest-api-routes-with-jwt-and-refersh-token-rotation-1lg5\/#%D9%88%D8%A7%D8%B1%D8%AF_%D8%B4%D8%AF%D9%86-2\" >\u0648\u0627\u0631\u062f \u0634\u062f\u0646<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/nabfollower.com\/blog\/authenticate-and-protect-rest-api-routes-with-jwt-and-refersh-token-rotation-1lg5\/#%D8%AF%D8%B3%D8%AA%D8%B1%D8%B3%DB%8C_%D8%A8%D9%87_%D9%86%D9%82%D8%B7%D9%87_%D9%BE%D8%A7%DB%8C%D8%A7%D9%86%DB%8C_%D9%85%D8%AD%D8%A7%D9%81%D8%B8%D8%AA_%D8%B4%D8%AF%D9%87\" >\u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0646\u0642\u0637\u0647 \u067e\u0627\u06cc\u0627\u0646\u06cc \u0645\u062d\u0627\u0641\u0638\u062a \u0634\u062f\u0647<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-15\" href=\"https:\/\/nabfollower.com\/blog\/authenticate-and-protect-rest-api-routes-with-jwt-and-refersh-token-rotation-1lg5\/#Refresh_Access_Token-2\" >Refresh Access Token<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"%D8%A8%D8%B1%D8%B1%D8%B3%DB%8C_%D8%A7%D8%AC%D9%85%D8%A7%D9%84%DB%8C\"><\/span>\n<p>  \u0628\u0631\u0631\u0633\u06cc \u0627\u062c\u0645\u0627\u0644\u06cc<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u067e\u0633 \u0627\u0632 \u062e\u0648\u0627\u0646\u062f\u0646 \u0627\u06cc\u0646 \u0645\u0642\u0627\u0644\u0647\u060c \u0634\u0645\u0627 \u0642\u0627\u062f\u0631 \u062e\u0648\u0627\u0647\u06cc\u062f \u0628\u0648\u062f<\/p>\n<ol>\n<li>\u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0628\u0627 \u0646\u0627\u0645 \u06a9\u0627\u0631\u0628\u0631\u06cc\/\u0627\u06cc\u0645\u06cc\u0644 \u0648 \u0631\u0645\u0632 \u0639\u0628\u0648\u0631 \u0622\u0646\u0647\u0627<\/li>\n<li>\u06a9\u0627\u0631\u0628\u0631\u062f\u0647\u0627\u06cc accessToken \u0648 refreshToken \u0631\u0627 \u062f\u0631\u06a9 \u06a9\u0646\u06cc\u062f<\/li>\n<li>\u0628\u0627 \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc accessToken\u060c \u0627\u0632 \u0646\u0642\u0627\u0637 \u067e\u0627\u06cc\u0627\u0646\u06cc api \u062f\u0631 \u0628\u0631\u0627\u0628\u0631 \u0645\u0634\u062a\u0631\u06cc\u0627\u0646 \u063a\u06cc\u0631\u0645\u062c\u0627\u0632 \u0645\u062d\u0627\u0641\u0638\u062a \u06a9\u0646\u06cc\u062f<\/li>\n<li>\u0627\u062c\u0627\u0632\u0647 \u0648\u0631\u0648\u062f \u0686\u0646\u062f\u06af\u0627\u0646\u0647 \u0628\u0627 \u0642\u0627\u0628\u0644\u06cc\u062a \u0644\u063a\u0648 \u062a\u0645\u0627\u0645 \u062c\u0644\u0633\u0647<\/li>\n<li>\u06cc\u06a9 \u0627\u0644\u06af\u0648 \u0628\u0627 \u0645\u062d\u0627\u0641\u0638\u062a \u0627\u0632 \u062b\u0628\u062a \u0646\u0627\u0645\u060c \u0648\u0631\u0648\u062f \u0628\u0647 \u0633\u06cc\u0633\u062a\u0645 \u0648 \u0646\u0642\u0637\u0647 \u067e\u0627\u06cc\u0627\u0646\u06cc \u0628\u0631\u0627\u06cc \u0634\u0631\u0648\u0639 api \u0627\u0633\u062a\u0631\u0627\u062d\u062a \u0628\u0639\u062f\u06cc \u062e\u0648\u062f \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u06cc\u062f<\/li>\n<\/ol>\n<p>\u06a9\u062f \u062f\u0631 github \u0645\u0648\u062c\u0648\u062f \u0627\u0633\u062a<\/p>\n<p>\u067e\u06cc\u0634\u0646\u0647\u0627\u062f \u0645\u06cc \u06a9\u0646\u0645 \u0627\u0628\u062a\u062f\u0627 \u0645\u0642\u0627\u0644\u0647 \u0631\u0627 \u06a9\u0627\u0645\u0644 \u0628\u062e\u0648\u0627\u0646\u06cc\u062f \u0648 \u0633\u067e\u0633 \u0634\u0631\u0648\u0639 \u0628\u0647 \u06a9\u062f\u0646\u0648\u06cc\u0633\u06cc \u06a9\u0646\u06cc\u062f<\/p>\n<p>\u0633\u0627\u062e\u062a\u0627\u0631 \u06a9\u062f \u0645\u0646\u0628\u0639 \u0628\u0647 \u0634\u0631\u062d \u0632\u06cc\u0631 \u0627\u0633\u062a<\/p>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight plaintext\"><code>.\n\u251c\u2500\u2500 controllers\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 auth\n\u2502\u00a0\u00a0 \u2502\u00a0\u00a0 \u251c\u2500\u2500 login.ts\n\u2502\u00a0\u00a0 \u2502\u00a0\u00a0 \u251c\u2500\u2500 logout.ts\n\u2502\u00a0\u00a0 \u2502\u00a0\u00a0 \u251c\u2500\u2500 refreshAccessToken.ts\n\u2502\u00a0\u00a0 \u2502\u00a0\u00a0 \u2514\u2500\u2500 register.js\n\u2502\u00a0\u00a0 \u2514\u2500\u2500 users.ts\n\u251c\u2500\u2500 db # functions to make calls to the database\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 connect.ts\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 tokens.ts\n\u2502\u00a0\u00a0 \u2514\u2500\u2500 users.ts\n\u251c\u2500\u2500 index.ts\n\u251c\u2500\u2500 middlewares\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 validateRegistrationData.ts\n\u2502\u00a0\u00a0 \u2514\u2500\u2500 verifyTokens.ts\n\u251c\u2500\u2500 routes\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 auth.ts\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 index.ts\n\u2502\u00a0\u00a0 \u2514\u2500\u2500 users.ts\n\u2514\u2500\u2500 utils\n    \u251c\u2500\u2500 genToken.ts\n    \u251c\u2500\u2500 hashString.ts\n    \u2514\u2500\u2500 verifyToken.ts\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<p>\u0641\u0647\u0631\u0633\u062a \u0645\u0637\u0627\u0644\u0628<\/p>\n<h2><span class=\"ez-toc-section\" id=\"%D8%B7%D8%B1%D8%AD%D9%88%D8%A7%D8%B1%D9%87_%D9%BE%D8%A7%DB%8C%DA%AF%D8%A7%D9%87_%D8%AF%D8%A7%D8%AF%D9%87\"><\/span>\n<p>  \u0637\u0631\u062d\u0648\u0627\u0631\u0647 \u067e\u0627\u06cc\u06af\u0627\u0647 \u062f\u0627\u062f\u0647<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<ul>\n<li>\u067e\u0627\u06cc\u06af\u0627\u0647 \u062f\u0627\u062f\u0647 \u0627\u0632 sqlite \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u062f\u060c \u0628\u0646\u0627\u0628\u0631\u0627\u06cc\u0646 \u0634\u0645\u0627 \u0646\u06cc\u0627\u0632\u06cc \u0628\u0647 \u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc \u0647\u06cc\u0686 \u067e\u0627\u06cc\u06af\u0627\u0647 \u062f\u0627\u062f\u0647 \u062f\u0631 \u0633\u06cc\u0633\u062a\u0645 \u062e\u0648\u062f \u0646\u062f\u0627\u0631\u06cc\u062f<\/li>\n<li>\u0627\u06cc\u0646 \u067e\u0631\u0648\u0698\u0647 \u0627\u0632 Prisma ORM \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u062f \u06a9\u0647 \u0628\u0647 \u0634\u0645\u0627 \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc \u0627\u0632 \u062a\u0627\u06cc\u067e \u0627\u0633\u06a9\u0631\u06cc\u067e\u062a \u0631\u0627 \u0628\u0627 \u062a\u062c\u0631\u0628\u0647 \u062a\u06a9\u0645\u06cc\u0644 \u062e\u0648\u062f\u06a9\u0627\u0631 \u0639\u0627\u0644\u06cc \u0645\u06cc \u062f\u0647\u062f<\/li>\n<\/ul>\n<p>prisma\/schema.prisma:<\/p>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight plaintext\"><code>model User {\n    id            String         @id @default(uuid())\n    email         String         @unique\n    username      String         @unique\n    password      String\n    refreshTokens RefreshToken[]\n}\n\nmodel RefreshToken {\n    id          String   @id\n    hashedToken String\n    user        User     @relation(fields: [userId], references: [id], onDelete: Cascade)\n    userId      String\n    createdAt   DateTime @default(now())\n}\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<ul>\n<li>\u06a9\u0627\u0631\u0628\u0631 \u0648 RefreshToken \u06cc\u06a9 \u062a\u0627 \u0686\u0646\u062f\u06cc\u0646 \u0631\u0627\u0628\u0637\u0647 \u062f\u0627\u0631\u0646\u062f<\/li>\n<li>\u06cc\u06a9 \u06a9\u0627\u0631\u0628\u0631 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0686\u0646\u062f\u06cc\u0646 refreshToken \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f \u062a\u0627 \u0648\u0631\u0648\u062f \u0627\u0632 \u0686\u0646\u062f\u06cc\u0646 \u062f\u0633\u062a\u06af\u0627\u0647 \u0627\u062f\u0627\u0645\u0647 \u06cc\u0627\u0628\u062f<\/li>\n<li>\u0627\u062c\u0631\u0627 \u06a9\u0646 <code>npx prisma generate<\/code> \u0628\u0631\u0627\u06cc \u062a\u0648\u0644\u06cc\u062f \u06a9\u062f \u0645\u0634\u062a\u0631\u06cc \u067e\u0631\u06cc\u0633\u0645\u0627  \u0633\u067e\u0633 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f <code>npx prisma migrate dev<\/code> \u0628\u0631\u0627\u06cc \u0627\u06cc\u062c\u0627\u062f \u062c\u062f\u0627\u0648\u0644 \u0644\u0627\u0632\u0645 \u0645\u0637\u0627\u0628\u0642 \u0637\u0631\u062d<\/li>\n<li>\u0646\u06a9\u062a\u0647: \u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f <code>npx prisma studio<\/code> \u0628\u0631\u0627\u06cc \u0627\u0631\u062a\u0628\u0627\u0637 \u0628\u0627 \u067e\u0627\u06cc\u06af\u0627\u0647 \u062f\u0627\u062f\u0647 \u062f\u0631 \u06cc\u06a9 \u0631\u0627\u0628\u0637 \u06a9\u0627\u0631\u0628\u0631\u06cc \u06af\u0631\u0627\u0641\u06cc\u06a9\u06cc \u0648\u0628<\/li>\n<\/ul>\n<h2><span class=\"ez-toc-section\" id=\"%D9%85%D8%B1%D9%88%D8%B1%DB%8C_%D8%A8%D8%B1_%D9%85%D8%B3%DB%8C%D8%B1%D9%87%D8%A7%DB%8C_auth\"><\/span>\n<p>  \u0645\u0631\u0648\u0631\u06cc \u0628\u0631 \u0645\u0633\u06cc\u0631\u0647\u0627\u06cc auth<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>routes\/auth.ts:<\/p>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight typescript\"><code><span class=\"kd\">const<\/span> <span class=\"nx\">router<\/span> <span class=\"o\">=<\/span> <span class=\"nx\">express<\/span><span class=\"p\">.<\/span><span class=\"nx\">Router<\/span><span class=\"p\">();<\/span>\n\n<span class=\"nx\">router<\/span><span class=\"p\">.<\/span><span class=\"nx\">post<\/span><span class=\"p\">(<\/span><span class=\"dl\">\"<\/span><span class=\"s2\">\/auth\/login<\/span><span class=\"dl\">\"<\/span><span class=\"p\">,<\/span> <span class=\"nx\">login<\/span><span class=\"p\">);<\/span>\n<span class=\"nx\">router<\/span><span class=\"p\">.<\/span><span class=\"nx\">post<\/span><span class=\"p\">(<\/span><span class=\"dl\">\"<\/span><span class=\"s2\">\/auth\/register<\/span><span class=\"dl\">\"<\/span><span class=\"p\">,<\/span> <span class=\"nx\">validateRegistrationData<\/span><span class=\"p\">,<\/span> <span class=\"nx\">register<\/span><span class=\"p\">);<\/span>\n<span class=\"nx\">router<\/span><span class=\"p\">.<\/span><span class=\"kd\">get<\/span><span class=\"p\">(<\/span><span class=\"dl\">\"<\/span><span class=\"s2\">\/auth\/refresh<\/span><span class=\"dl\">\"<\/span><span class=\"p\">,<\/span> <span class=\"nx\">verifyRefreshToken<\/span><span class=\"p\">,<\/span> <span class=\"nx\">refreshAccessToken<\/span><span class=\"p\">);<\/span>\n<span class=\"nx\">router<\/span><span class=\"p\">.<\/span><span class=\"k\">delete<\/span><span class=\"p\">(<\/span><span class=\"dl\">\"<\/span><span class=\"s2\">\/auth\/logout<\/span><span class=\"dl\">\"<\/span><span class=\"p\">,<\/span> <span class=\"nx\">logout<\/span><span class=\"p\">);<\/span>\n<span class=\"nx\">router<\/span><span class=\"p\">.<\/span><span class=\"k\">delete<\/span><span class=\"p\">(<\/span><span class=\"dl\">\"<\/span><span class=\"s2\">\/auth\/logout_all<\/span><span class=\"dl\">\"<\/span><span class=\"p\">,<\/span> <span class=\"nx\">logout_all<\/span><span class=\"p\">);<\/span>\n\n<span class=\"k\">export<\/span> <span class=\"p\">{<\/span> <span class=\"nx\">router<\/span> <span class=\"k\">as<\/span> <span class=\"nx\">authRouter<\/span> <span class=\"p\">};<\/span>\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<p><strong><em>\u0647\u0645\u0647 \u0645\u0633\u06cc\u0631\u0647\u0627 \u0628\u0627 &#8220;\/api&#8221; \u067e\u06cc\u0634\u0648\u0646\u062f \u0647\u0633\u062a\u0646\u062f<\/em><\/strong><\/p>\n<h2><span class=\"ez-toc-section\" id=\"%D8%AB%D8%A8%D8%AA\"><\/span>\n<p>  \u062b\u0628\u062a<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u0645\u0633\u06cc\u0631: <code>router.post(\"\/auth\/register\", validateRegistrationData, register)<\/code><\/p>\n<ul>\n<li>\u0628\u062f\u0646\u0647 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0628\u0627\u06cc\u062f \u0634\u0627\u0645\u0644 \u0646\u0627\u0645 \u06a9\u0627\u0631\u0628\u0631\u06cc\u060c \u0627\u06cc\u0645\u06cc\u0644 \u0648 \u0631\u0645\u0632 \u0639\u0628\u0648\u0631 \u0628\u0627\u0634\u062f<\/li>\n<li>\u0645\u0627 \u06cc\u06a9 \u0645\u06cc\u0627\u0646 \u0627\u0641\u0632\u0627\u0631 \u0628\u0631\u0627\u06cc \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u062f\u0627\u062f\u0647 \u0647\u0627\u06cc \u062b\u0628\u062a \u0646\u0627\u0645 \u0627\u06cc\u062c\u0627\u062f \u062e\u0648\u0627\u0647\u06cc\u0645 \u06a9\u0631\u062f<\/li>\n<\/ul>\n<p>Middlewares\/validateRegistrationData.ts:<\/p>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight typescript\"><code><span class=\"k\">export<\/span> <span class=\"kd\">const<\/span> <span class=\"nx\">validateRegistrationData<\/span> <span class=\"o\">=<\/span> <span class=\"k\">async<\/span> <span class=\"p\">(<\/span><span class=\"nx\">req<\/span><span class=\"p\">,<\/span> <span class=\"nx\">res<\/span><span class=\"p\">,<\/span> <span class=\"nx\">next<\/span><span class=\"p\">)<\/span> <span class=\"o\">=&gt;<\/span> <span class=\"p\">{<\/span>\n  <span class=\"kd\">const<\/span> <span class=\"p\">{<\/span> <span class=\"nx\">email<\/span><span class=\"p\">,<\/span> <span class=\"nx\">username<\/span><span class=\"p\">,<\/span> <span class=\"nx\">password<\/span> <span class=\"p\">}<\/span> <span class=\"o\">=<\/span> <span class=\"nx\">req<\/span><span class=\"p\">.<\/span><span class=\"nx\">body<\/span><span class=\"p\">;<\/span>\n\n  <span class=\"k\">if<\/span> <span class=\"p\">(<\/span><span class=\"o\">!<\/span><span class=\"nx\">password<\/span><span class=\"p\">)<\/span> <span class=\"k\">return<\/span> <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">status<\/span><span class=\"p\">(<\/span><span class=\"mi\">400<\/span><span class=\"p\">).<\/span><span class=\"nx\">json<\/span><span class=\"p\">({<\/span> <span class=\"na\">error<\/span><span class=\"p\">:<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">No password provided<\/span><span class=\"dl\">\"<\/span> <span class=\"p\">});<\/span>\n\n  <span class=\"k\">if<\/span> <span class=\"p\">(<\/span><span class=\"o\">!<\/span><span class=\"nx\">username<\/span><span class=\"p\">)<\/span> <span class=\"k\">return<\/span> <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">status<\/span><span class=\"p\">(<\/span><span class=\"mi\">400<\/span><span class=\"p\">).<\/span><span class=\"nx\">json<\/span><span class=\"p\">({<\/span> <span class=\"na\">error<\/span><span class=\"p\">:<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">No username provided<\/span><span class=\"dl\">\"<\/span> <span class=\"p\">});<\/span>\n\n  <span class=\"k\">if<\/span> <span class=\"p\">(<\/span><span class=\"o\">!<\/span><span class=\"nx\">email<\/span><span class=\"p\">)<\/span> <span class=\"k\">return<\/span> <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">status<\/span><span class=\"p\">(<\/span><span class=\"mi\">400<\/span><span class=\"p\">).<\/span><span class=\"nx\">json<\/span><span class=\"p\">({<\/span> <span class=\"na\">error<\/span><span class=\"p\">:<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">No email provided<\/span><span class=\"dl\">\"<\/span> <span class=\"p\">});<\/span>\n\n  <span class=\"kd\">let<\/span> <span class=\"nx\">user<\/span> <span class=\"o\">=<\/span> <span class=\"k\">await<\/span> <span class=\"nx\">findUserByUsernameOrEmail<\/span><span class=\"p\">(<\/span><span class=\"nx\">username<\/span><span class=\"p\">,<\/span> <span class=\"nx\">email<\/span><span class=\"p\">);<\/span>\n  <span class=\"k\">if<\/span> <span class=\"p\">(<\/span><span class=\"nx\">user<\/span><span class=\"p\">)<\/span> <span class=\"p\">{<\/span>\n    <span class=\"kd\">let<\/span> <span class=\"nx\">error<\/span> <span class=\"o\">=<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">Email already exits<\/span><span class=\"dl\">\"<\/span><span class=\"p\">;<\/span>\n    <span class=\"k\">if<\/span> <span class=\"p\">(<\/span><span class=\"nx\">user<\/span><span class=\"p\">.<\/span><span class=\"nx\">email<\/span> <span class=\"o\">!==<\/span> <span class=\"nx\">email<\/span><span class=\"p\">)<\/span> <span class=\"nx\">error<\/span> <span class=\"o\">=<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">Username already exits<\/span><span class=\"dl\">\"<\/span><span class=\"p\">;<\/span>\n    <span class=\"k\">return<\/span> <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">json<\/span><span class=\"p\">({<\/span> <span class=\"nx\">error<\/span> <span class=\"p\">});<\/span>\n  <span class=\"p\">}<\/span>\n\n  <span class=\"nx\">req<\/span><span class=\"p\">.<\/span><span class=\"nx\">user<\/span> <span class=\"o\">=<\/span> <span class=\"p\">{<\/span>\n    <span class=\"nx\">email<\/span><span class=\"p\">,<\/span>\n    <span class=\"nx\">username<\/span><span class=\"p\">,<\/span>\n    <span class=\"nx\">password<\/span><span class=\"p\">,<\/span>\n  <span class=\"p\">};<\/span>\n\n  <span class=\"nx\">next<\/span><span class=\"p\">();<\/span>\n<span class=\"p\">};<\/span>\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<ul>\n<li>\u0627\u06af\u0631 \u06cc\u06a9 \u062d\u0633\u0627\u0628 \u06a9\u0627\u0631\u0628\u0631\u06cc \u0628\u0627 \u0647\u0645\u0627\u0646 \u0646\u0627\u0645 \u06a9\u0627\u0631\u0628\u0631\u06cc \u06cc\u0627 \u0627\u06cc\u0645\u06cc\u0644 \u0642\u0628\u0644\u0627\u064b \u0648\u062c\u0648\u062f \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f\u060c \u0628\u0631\u06af\u0631\u062f\u06cc\u062f<\/li>\n<li>\u062f\u0631 \u063a\u06cc\u0631 \u0627\u06cc\u0646 \u0635\u0648\u0631\u062a \u0636\u0645\u06cc\u0645\u0647 \u06a9\u0646\u06cc\u062f <code>user<\/code> \u0627\u0639\u062a\u0631\u0627\u0636 \u0628\u0647 <code>req<\/code> \u0648 \u0628\u0647 \u062a\u0627\u0628\u0639 \u0628\u0639\u062f\u06cc \u0628\u0631\u0648\u06cc\u062f<\/li>\n<\/ul>\n<p>controllers\/auth\/register.ts:<\/p>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight typescript\"><code><span class=\"k\">export<\/span> <span class=\"kd\">const<\/span> <span class=\"nx\">register<\/span> <span class=\"o\">=<\/span> <span class=\"k\">async<\/span> <span class=\"p\">(<\/span><span class=\"nx\">req<\/span><span class=\"p\">,<\/span> <span class=\"nx\">res<\/span><span class=\"p\">)<\/span> <span class=\"o\">=&gt;<\/span> <span class=\"p\">{<\/span>\n  <span class=\"kd\">const<\/span> <span class=\"nx\">user<\/span> <span class=\"o\">=<\/span> <span class=\"k\">await<\/span> <span class=\"nx\">createUser<\/span><span class=\"p\">(<\/span><span class=\"nx\">req<\/span><span class=\"p\">.<\/span><span class=\"nx\">user<\/span><span class=\"p\">);<\/span>\n  <span class=\"k\">if<\/span> <span class=\"p\">(<\/span><span class=\"o\">!<\/span><span class=\"nx\">user<\/span><span class=\"p\">)<\/span> <span class=\"k\">return<\/span> <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">json<\/span><span class=\"p\">({<\/span> <span class=\"na\">error<\/span><span class=\"p\">:<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">Registration Failed<\/span><span class=\"dl\">\"<\/span> <span class=\"p\">});<\/span>\n\n  <span class=\"kd\">const<\/span> <span class=\"nx\">data<\/span> <span class=\"o\">=<\/span> <span class=\"p\">{<\/span>\n    <span class=\"na\">username<\/span><span class=\"p\">:<\/span> <span class=\"nx\">user<\/span><span class=\"p\">.<\/span><span class=\"nx\">username<\/span><span class=\"p\">,<\/span>\n    <span class=\"na\">email<\/span><span class=\"p\">:<\/span> <span class=\"nx\">user<\/span><span class=\"p\">.<\/span><span class=\"nx\">email<\/span><span class=\"p\">,<\/span>\n  <span class=\"p\">};<\/span>\n\n  <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">json<\/span><span class=\"p\">({<\/span> <span class=\"nx\">data<\/span> <span class=\"p\">});<\/span>\n<span class=\"p\">};<\/span>\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<ul>\n<li>\u0631\u0645\u0632 \u0639\u0628\u0648\u0631 \u0631\u0627 \u0642\u0628\u0644 \u0627\u0632 \u0630\u062e\u06cc\u0631\u0647 \u062f\u0631 \u067e\u0627\u06cc\u06af\u0627\u0647 \u062f\u0627\u062f\u0647 \u0647\u0634 \u06a9\u0646\u06cc\u062f\n<\/li>\n<\/ul>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight typescript\"><code><span class=\"kd\">const<\/span> <span class=\"nx\">createUser<\/span> <span class=\"o\">=<\/span> <span class=\"k\">async<\/span> <span class=\"p\">(<\/span><span class=\"nx\">user<\/span><span class=\"p\">:<\/span> <span class=\"kr\">any<\/span><span class=\"p\">)<\/span> <span class=\"o\">=&gt;<\/span> <span class=\"p\">{<\/span>\n  <span class=\"nx\">user<\/span><span class=\"p\">.<\/span><span class=\"nx\">password<\/span> <span class=\"o\">=<\/span> <span class=\"k\">await<\/span> <span class=\"nx\">hashString<\/span><span class=\"p\">(<\/span><span class=\"nx\">user<\/span><span class=\"p\">.<\/span><span class=\"nx\">password<\/span><span class=\"p\">);<\/span>\n\n  <span class=\"k\">return<\/span> <span class=\"nx\">db<\/span><span class=\"p\">.<\/span><span class=\"nx\">user<\/span><span class=\"p\">.<\/span><span class=\"nx\">create<\/span><span class=\"p\">({<\/span>\n    <span class=\"na\">data<\/span><span class=\"p\">:<\/span> <span class=\"nx\">user<\/span><span class=\"p\">,<\/span>\n  <span class=\"p\">});<\/span>\n<span class=\"p\">};<\/span>\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<h2><span class=\"ez-toc-section\" id=\"%D9%88%D8%A7%D8%B1%D8%AF_%D8%B4%D8%AF%D9%86\"><\/span>\n<p>  \u0648\u0627\u0631\u062f \u0634\u062f\u0646<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u0645\u0633\u06cc\u0631: <code>router.post(\"\/auth\/login\", login)<\/code><\/p>\n<p><\/p>\n<ul>\n<li>\u0645\u062a\u0646 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0628\u0627\u06cc\u062f \u062d\u0627\u0648\u06cc { \u0646\u0627\u0645 \u06a9\u0627\u0631\u0628\u0631\u06cc\u060c \u0631\u0645\u0632 \u0639\u0628\u0648\u0631 } \u0628\u0627\u0634\u062f.<\/li>\n<li>\u062f\u0631 \u0627\u06cc\u0646\u062c\u0627 \u0641\u06cc\u0644\u062f \u0646\u0627\u0645 \u06a9\u0627\u0631\u0628\u0631\u06cc \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u062d\u0627\u0648\u06cc \u0627\u06cc\u0645\u06cc\u0644 \u0646\u06cc\u0632 \u0628\u0627\u0634\u062f \u0648 \u06af\u0632\u06cc\u0646\u0647 \u0627\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc \u0648\u0631\u0648\u062f \u0628\u0627 \u0646\u0627\u0645 \u06a9\u0627\u0631\u0628\u0631\u06cc \u0648 \u0627\u06cc\u0645\u06cc\u0644 \u0627\u0631\u0627\u0626\u0647 \u0645\u06cc \u062f\u0647\u062f<\/li>\n<li>\u0627\u06af\u0631 \u06a9\u0627\u0631\u0628\u0631 \u0648\u062c\u0648\u062f \u0646\u062f\u0627\u0631\u062f \u06cc\u0627 \u0631\u0645\u0632 \u0639\u0628\u0648\u0631 \u0646\u0627\u062f\u0631\u0633\u062a \u0627\u0633\u062a\u060c \u062e\u0637\u0627 \u0631\u0627 \u0628\u0631\u06af\u0631\u062f\u0627\u0646\u06cc\u062f<\/li>\n<li>AccessToken \u0648 refreshToken \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f<\/li>\n<li>refreshToken \u0631\u0627 \u0627\u0631\u0633\u0627\u0644 \u06a9\u0646\u06cc\u062f \u062a\u0627 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u06cc\u06a9 \u06a9\u0648\u06a9\u06cc httpOnly \u0628\u0627 \u0627\u0639\u062a\u0628\u0627\u0631 30 \u0631\u0648\u0632 \u0630\u062e\u06cc\u0631\u0647 \u0634\u0648\u062f<\/li>\n<li>AccessToken \u0631\u0627 \u0627\u0631\u0633\u0627\u0644 \u06a9\u0646\u06cc\u062f<\/li>\n<\/ul>\n<p>controllers\/auth\/login.ts:<\/p>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight typescript\"><code><span class=\"k\">export<\/span> <span class=\"kd\">const<\/span> <span class=\"nx\">login<\/span> <span class=\"o\">=<\/span> <span class=\"k\">async<\/span> <span class=\"p\">(<\/span><span class=\"nx\">req<\/span><span class=\"p\">,<\/span> <span class=\"nx\">res<\/span><span class=\"p\">)<\/span> <span class=\"o\">=&gt;<\/span> <span class=\"p\">{<\/span>\n  <span class=\"k\">try<\/span> <span class=\"p\">{<\/span>\n    <span class=\"k\">if<\/span> <span class=\"p\">(<\/span><span class=\"o\">!<\/span><span class=\"nx\">req<\/span><span class=\"p\">.<\/span><span class=\"nx\">body<\/span><span class=\"p\">.<\/span><span class=\"nx\">username<\/span><span class=\"p\">)<\/span>\n      <span class=\"k\">return<\/span> <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">status<\/span><span class=\"p\">(<\/span><span class=\"mi\">400<\/span><span class=\"p\">).<\/span><span class=\"nx\">json<\/span><span class=\"p\">({<\/span> <span class=\"na\">error<\/span><span class=\"p\">:<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">No Username provided<\/span><span class=\"dl\">\"<\/span> <span class=\"p\">});<\/span>\n    <span class=\"k\">if<\/span> <span class=\"p\">(<\/span><span class=\"o\">!<\/span><span class=\"nx\">req<\/span><span class=\"p\">.<\/span><span class=\"nx\">body<\/span><span class=\"p\">.<\/span><span class=\"nx\">password<\/span><span class=\"p\">)<\/span>\n      <span class=\"k\">return<\/span> <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">status<\/span><span class=\"p\">(<\/span><span class=\"mi\">400<\/span><span class=\"p\">).<\/span><span class=\"nx\">json<\/span><span class=\"p\">({<\/span> <span class=\"na\">error<\/span><span class=\"p\">:<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">No Password provided<\/span><span class=\"dl\">\"<\/span> <span class=\"p\">});<\/span>\n\n    <span class=\"kd\">const<\/span> <span class=\"p\">{<\/span> <span class=\"nx\">username<\/span><span class=\"p\">,<\/span> <span class=\"nx\">password<\/span> <span class=\"p\">}<\/span> <span class=\"o\">=<\/span> <span class=\"nx\">req<\/span><span class=\"p\">.<\/span><span class=\"nx\">body<\/span><span class=\"p\">;<\/span>\n\n    <span class=\"c1\">\/\/ User can log in with username or email<\/span>\n    <span class=\"kd\">const<\/span> <span class=\"nx\">user<\/span> <span class=\"o\">=<\/span> <span class=\"k\">await<\/span> <span class=\"nx\">findUserByUsernameOrEmail<\/span><span class=\"p\">(<\/span><span class=\"nx\">username<\/span><span class=\"p\">,<\/span> <span class=\"nx\">username<\/span><span class=\"p\">);<\/span>\n\n    <span class=\"k\">if<\/span> <span class=\"p\">(<\/span><span class=\"o\">!<\/span><span class=\"nx\">user<\/span><span class=\"p\">)<\/span> <span class=\"k\">return<\/span> <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">status<\/span><span class=\"p\">(<\/span><span class=\"mi\">404<\/span><span class=\"p\">).<\/span><span class=\"nx\">json<\/span><span class=\"p\">({<\/span> <span class=\"na\">error<\/span><span class=\"p\">:<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">User Not Found<\/span><span class=\"dl\">\"<\/span> <span class=\"p\">});<\/span>\n\n    <span class=\"kd\">const<\/span> <span class=\"nx\">match<\/span> <span class=\"o\">=<\/span> <span class=\"k\">await<\/span> <span class=\"nx\">bcrypt<\/span><span class=\"p\">.<\/span><span class=\"nx\">compare<\/span><span class=\"p\">(<\/span><span class=\"nx\">password<\/span><span class=\"p\">,<\/span> <span class=\"nx\">user<\/span><span class=\"p\">.<\/span><span class=\"nx\">password<\/span><span class=\"p\">);<\/span>\n\n    <span class=\"k\">if<\/span> <span class=\"p\">(<\/span><span class=\"o\">!<\/span><span class=\"nx\">match<\/span><span class=\"p\">)<\/span> <span class=\"k\">return<\/span> <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">status<\/span><span class=\"p\">(<\/span><span class=\"mi\">401<\/span><span class=\"p\">).<\/span><span class=\"nx\">json<\/span><span class=\"p\">({<\/span> <span class=\"na\">error<\/span><span class=\"p\">:<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">Wrong Password<\/span><span class=\"dl\">\"<\/span> <span class=\"p\">});<\/span>\n\n    <span class=\"kd\">const<\/span> <span class=\"nx\">accessToken<\/span> <span class=\"o\">=<\/span> <span class=\"nx\">genAccessToken<\/span><span class=\"p\">(<\/span><span class=\"nx\">user<\/span><span class=\"p\">);<\/span>\n    <span class=\"kd\">const<\/span> <span class=\"nx\">tokenId<\/span> <span class=\"o\">=<\/span> <span class=\"nx\">randomUUID<\/span><span class=\"p\">();<\/span>\n    <span class=\"kd\">const<\/span> <span class=\"nx\">refreshToken<\/span> <span class=\"o\">=<\/span> <span class=\"nx\">genRefreshToken<\/span><span class=\"p\">(<\/span><span class=\"nx\">user<\/span><span class=\"p\">,<\/span> <span class=\"nx\">tokenId<\/span><span class=\"p\">);<\/span>\n\n    <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">cookie<\/span><span class=\"p\">(<\/span><span class=\"dl\">\"<\/span><span class=\"s2\">refreshToken<\/span><span class=\"dl\">\"<\/span><span class=\"p\">,<\/span> <span class=\"nx\">refreshToken<\/span><span class=\"p\">,<\/span> <span class=\"p\">{<\/span>\n      <span class=\"na\">httpOnly<\/span><span class=\"p\">:<\/span> <span class=\"kc\">true<\/span><span class=\"p\">,<\/span>\n      <span class=\"na\">maxAge<\/span><span class=\"p\">:<\/span> <span class=\"mi\">24<\/span> <span class=\"o\">*<\/span> <span class=\"mi\">60<\/span> <span class=\"o\">*<\/span> <span class=\"mi\">60<\/span> <span class=\"o\">*<\/span> <span class=\"mi\">30<\/span> <span class=\"o\">*<\/span> <span class=\"mi\">1000<\/span><span class=\"p\">,<\/span> <span class=\"c1\">\/\/ 30 days<\/span>\n    <span class=\"p\">});<\/span>\n\n    <span class=\"c1\">\/\/ add the token to the database<\/span>\n    <span class=\"nx\">addRefreshToken<\/span><span class=\"p\">(<\/span><span class=\"nx\">tokenId<\/span><span class=\"p\">,<\/span> <span class=\"nx\">user<\/span><span class=\"p\">.<\/span><span class=\"nx\">id<\/span><span class=\"p\">,<\/span> <span class=\"nx\">refreshToken<\/span><span class=\"p\">);<\/span>\n\n    <span class=\"k\">return<\/span> <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">json<\/span><span class=\"p\">({<\/span> <span class=\"nx\">accessToken<\/span> <span class=\"p\">});<\/span>\n  <span class=\"p\">}<\/span> <span class=\"k\">catch<\/span> <span class=\"p\">(<\/span><span class=\"nx\">error<\/span><span class=\"p\">)<\/span> <span class=\"p\">{<\/span>\n    <span class=\"k\">return<\/span> <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">status<\/span><span class=\"p\">(<\/span><span class=\"mi\">500<\/span><span class=\"p\">).<\/span><span class=\"nx\">json<\/span><span class=\"p\">({<\/span> <span class=\"na\">error<\/span><span class=\"p\">:<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">Internal Error<\/span><span class=\"dl\">\"<\/span> <span class=\"p\">});<\/span>\n  <span class=\"p\">}<\/span>\n<span class=\"p\">};<\/span>\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<ul>\n<li>refreshToken \u062f\u0627\u062f\u0647 \u0647\u0627\u06cc \u062d\u0633\u0627\u0633\u06cc \u0627\u0633\u062a\u060c \u0628\u0646\u0627\u0628\u0631\u0627\u06cc\u0646 \u0634\u0645\u0627 \u0646\u0628\u0627\u06cc\u062f \u0622\u0646 \u0631\u0627 \u062f\u0631 \u0645\u062a\u0646 \u0633\u0627\u062f\u0647 \u0630\u062e\u06cc\u0631\u0647 \u06a9\u0646\u06cc\u062f<\/li>\n<li>\u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u062f \u0622\u0646 \u0631\u0627 \u0647\u0634 \u06a9\u0646\u06cc\u062f \u06cc\u0627 \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc \u06a9\u0646\u06cc\u062f\n<\/li>\n<\/ul>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight typescript\"><code><span class=\"kd\">const<\/span> <span class=\"nx\">addRefreshToken<\/span> <span class=\"o\">=<\/span> <span class=\"k\">async<\/span> <span class=\"p\">(<\/span>\n  <span class=\"nx\">id<\/span><span class=\"p\">:<\/span> <span class=\"kr\">string<\/span><span class=\"p\">,<\/span>\n  <span class=\"nx\">userId<\/span><span class=\"p\">:<\/span> <span class=\"kr\">number<\/span><span class=\"p\">,<\/span>\n  <span class=\"nx\">refreshToken<\/span><span class=\"p\">:<\/span> <span class=\"kr\">string<\/span>\n<span class=\"p\">)<\/span> <span class=\"o\">=&gt;<\/span> <span class=\"p\">{<\/span>\n  <span class=\"kd\">const<\/span> <span class=\"nx\">hashedToken<\/span> <span class=\"o\">=<\/span> <span class=\"k\">await<\/span> <span class=\"nx\">hashString<\/span><span class=\"p\">(<\/span><span class=\"nx\">refreshToken<\/span><span class=\"p\">);<\/span>\n  <span class=\"k\">return<\/span> <span class=\"nx\">db<\/span><span class=\"p\">.<\/span><span class=\"nx\">refreshToken<\/span><span class=\"p\">.<\/span><span class=\"nx\">create<\/span><span class=\"p\">({<\/span>\n    <span class=\"na\">data<\/span><span class=\"p\">:<\/span> <span class=\"p\">{<\/span>\n      <span class=\"nx\">id<\/span><span class=\"p\">,<\/span>\n      <span class=\"nx\">userId<\/span><span class=\"p\">,<\/span>\n      <span class=\"nx\">hashedToken<\/span><span class=\"p\">,<\/span>\n    <span class=\"p\">},<\/span>\n  <span class=\"p\">});<\/span>\n<span class=\"p\">};<\/span>\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<h2><span class=\"ez-toc-section\" id=\"Refresh_Access_Token\"><\/span>\n<p>  Refresh Access Token<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u0645\u0633\u06cc\u0631: <code>router.get(\"\/auth\/refresh\", verifyRefreshToken, refreshAccessToken)<\/code><\/p>\n<p><img decoding=\"async\" src=\"https:\/\/nabfollower.com\/blog\/wp-content\/uploads\/2023\/04\/1681969960_707_\u0627\u062d\u0631\u0627\u0632-\u0647\u0648\u06cc\u062a-\u0648-\u0645\u062d\u0627\u0641\u0638\u062a-\u0627\u0632-\u0645\u0633\u06cc\u0631\u0647\u0627\u06cc-REST-API-\u0628\u0627-JWT.png\" alt=\"\u0646\u0645\u0648\u062f\u0627\u0631 \u062a\u0648\u0627\u0644\u06cc \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc accessToken\" loading=\"lazy\" width=\"800\" height=\"1161\" title=\"\"><\/p>\n<ul>\n<li>\u0627\u06af\u0631 \u062a\u0648\u06a9\u0646 \u0645\u0646\u0642\u0636\u06cc \u0634\u062f\u0647 \u0628\u0627\u0634\u062f \u06cc\u0627 \u062f\u0631 \u0622\u0646 \u062f\u0633\u062a\u06a9\u0627\u0631\u06cc \u0634\u062f\u0647 \u0628\u0627\u0634\u062f\u060c \u062a\u0623\u06cc\u06cc\u062f \u0646\u0627\u0645\u0648\u0641\u0642 \u062e\u0648\u0627\u0647\u062f \u0628\u0648\u062f<\/li>\n<li>\u0627\u06af\u0631 \u062a\u0623\u06cc\u06cc\u062f \u062a\u0623\u06cc\u06cc\u062f \u0634\u0648\u062f \u0627\u0645\u0627 \u0631\u0645\u0632 \u062f\u0631 db \u0648\u062c\u0648\u062f \u0646\u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f\u060c \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u06cc\u062f \u0645\u0634\u06a9\u0648\u06a9 \u0634\u0648\u06cc\u062f \u06a9\u0647 \u0634\u062e\u0635\u06cc \u062f\u0631 \u062a\u0644\u0627\u0634 \u0627\u0633\u062a \u0627\u0632 \u06cc\u06a9 \u062a\u0648\u06a9\u0646 \u0642\u062f\u06cc\u0645\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u062f \u06a9\u0647 \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u0628\u0647 \u0633\u0631\u0642\u062a \u0631\u0641\u062a\u0647 \u0628\u0627\u0634\u062f\u060c \u0628\u0646\u0627\u0628\u0631\u0627\u06cc\u0646 \u0634\u0645\u0627 \u063a\u06cc\u0631\u0645\u062c\u0627\u0632 \u0631\u0627 \u0628\u0631\u06af\u0631\u062f\u0627\u0646\u06cc\u062f.<\/li>\n<li>\u062f\u0631 \u063a\u06cc\u0631 \u0627\u06cc\u0646 \u0635\u0648\u0631\u062a\u060c refreshToken \u0631\u0627 \u06a9\u0647 \u062f\u0631 \u06a9\u0648\u06a9\u06cc \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0628\u0648\u062f \u062d\u0630\u0641 \u06a9\u0646\u06cc\u062f\u060c \u062a\u0648\u06a9\u0646 \u062c\u062f\u06cc\u062f \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f\u060c \u0622\u0646 \u0631\u0627 \u062f\u0631 \u067e\u0627\u06cc\u06af\u0627\u0647 \u062f\u0627\u062f\u0647 \u0630\u062e\u06cc\u0631\u0647 \u06a9\u0646\u06cc\u062f \u0648 \u0622\u0646 \u0631\u0627 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u06cc\u06a9 \u06a9\u0648\u06a9\u06cc httpOnly \u0627\u0631\u0633\u0627\u0644 \u06a9\u0646\u06cc\u062f\u060c \u0628\u0647 \u0627\u06cc\u0646 \u0639\u0645\u0644 \u0686\u0631\u062e\u0634 \u062a\u0648\u06a9\u0646 refresh \u0645\u06cc \u06af\u0648\u06cc\u0646\u062f.<\/li>\n<li>AccessToken \u0631\u0627 \u0627\u0631\u0633\u0627\u0644 \u06a9\u0646\u06cc\u062f\n<\/li>\n<\/ul>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight typescript\"><code><span class=\"k\">export<\/span> <span class=\"kd\">const<\/span> <span class=\"nx\">refreshAccessToken<\/span> <span class=\"o\">=<\/span> <span class=\"k\">async<\/span> <span class=\"p\">(<\/span><span class=\"nx\">req<\/span><span class=\"p\">,<\/span> <span class=\"nx\">res<\/span><span class=\"p\">)<\/span> <span class=\"o\">=&gt;<\/span> <span class=\"p\">{<\/span>\n  <span class=\"kd\">const<\/span> <span class=\"nx\">user<\/span> <span class=\"o\">=<\/span> <span class=\"nx\">req<\/span><span class=\"p\">.<\/span><span class=\"nx\">user<\/span><span class=\"p\">;<\/span>\n  <span class=\"kd\">const<\/span> <span class=\"nx\">newTokenId<\/span> <span class=\"o\">=<\/span> <span class=\"nx\">randomUUID<\/span><span class=\"p\">();<\/span>\n  <span class=\"kd\">const<\/span> <span class=\"nx\">newRefreshToken<\/span> <span class=\"o\">=<\/span> <span class=\"nx\">genRefreshToken<\/span><span class=\"p\">(<\/span><span class=\"nx\">user<\/span><span class=\"p\">,<\/span> <span class=\"nx\">newTokenId<\/span><span class=\"p\">);<\/span>\n\n  <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">cookie<\/span><span class=\"p\">(<\/span><span class=\"dl\">\"<\/span><span class=\"s2\">refreshToken<\/span><span class=\"dl\">\"<\/span><span class=\"p\">,<\/span> <span class=\"nx\">newRefreshToken<\/span><span class=\"p\">,<\/span> <span class=\"p\">{<\/span>\n    <span class=\"na\">httpOnly<\/span><span class=\"p\">:<\/span> <span class=\"kc\">true<\/span><span class=\"p\">,<\/span>\n    <span class=\"na\">maxAge<\/span><span class=\"p\">:<\/span> <span class=\"mi\">24<\/span> <span class=\"o\">*<\/span> <span class=\"mi\">60<\/span> <span class=\"o\">*<\/span> <span class=\"mi\">60<\/span> <span class=\"o\">*<\/span> <span class=\"mi\">1000<\/span> <span class=\"o\">*<\/span> <span class=\"mi\">30<\/span><span class=\"p\">,<\/span>\n  <span class=\"p\">});<\/span>\n\n  <span class=\"c1\">\/\/ refresh token rotation<\/span>\n  <span class=\"nx\">deleteRefreshTokenById<\/span><span class=\"p\">(<\/span><span class=\"nx\">user<\/span><span class=\"p\">.<\/span><span class=\"nx\">jwtid<\/span><span class=\"p\">);<\/span>\n  <span class=\"nx\">addRefreshToken<\/span><span class=\"p\">(<\/span><span class=\"nx\">newTokenId<\/span><span class=\"p\">,<\/span> <span class=\"nx\">user<\/span><span class=\"p\">.<\/span><span class=\"nx\">id<\/span><span class=\"p\">,<\/span> <span class=\"nx\">newRefreshToken<\/span><span class=\"p\">);<\/span>\n  <span class=\"c1\">\/\/<\/span>\n\n  <span class=\"kd\">const<\/span> <span class=\"nx\">accessToken<\/span> <span class=\"o\">=<\/span> <span class=\"nx\">genAccessToken<\/span><span class=\"p\">(<\/span><span class=\"nx\">user<\/span><span class=\"p\">);<\/span>\n  <span class=\"k\">return<\/span> <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">json<\/span><span class=\"p\">({<\/span> <span class=\"nx\">accessToken<\/span> <span class=\"p\">});<\/span>\n<span class=\"p\">};<\/span>\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<h2><span class=\"ez-toc-section\" id=\"%D8%AF%D8%B3%D8%AA%D8%B1%D8%B3%DB%8C_%D8%A8%D9%87_%D9%85%D9%86%D8%A7%D8%A8%D8%B9_%D9%85%D8%AD%D8%A7%D9%81%D8%B8%D8%AA_%D8%B4%D8%AF%D9%87\"><\/span>\n<p>  \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0645\u0646\u0627\u0628\u0639 \u0645\u062d\u0627\u0641\u0638\u062a \u0634\u062f\u0647<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><img decoding=\"async\" src=\"https:\/\/nabfollower.com\/blog\/wp-content\/uploads\/2023\/04\/1681969960_781_\u0627\u062d\u0631\u0627\u0632-\u0647\u0648\u06cc\u062a-\u0648-\u0645\u062d\u0627\u0641\u0638\u062a-\u0627\u0632-\u0645\u0633\u06cc\u0631\u0647\u0627\u06cc-REST-API-\u0628\u0627-JWT.png\" alt=\"\u0646\u0645\u0648\u062f\u0627\u0631 \u062a\u0648\u0627\u0644\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0645\u0633\u06cc\u0631\u0647\u0627\u06cc \u0645\u062d\u0627\u0641\u0638\u062a \u0634\u062f\u0647\" loading=\"lazy\" width=\"800\" height=\"698\" title=\"\"><\/p>\n<p>\u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u0645\u062b\u0627\u0644\u060c \/users \u0631\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u06cc\u06a9 \u0646\u0642\u0637\u0647 \u067e\u0627\u06cc\u0627\u0646\u06cc \u0645\u062d\u0627\u0641\u0638\u062a \u0634\u062f\u0647 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0631\u062f<\/p>\n<p>\u0645\u0633\u06cc\u0631: <code>router.use(\"\/users\", verifyAccessToken, listUsers)<\/code><\/p>\n<p>Middlewares\/verifyAccessToken.ts:<\/p>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight typescript\"><code><span class=\"k\">export<\/span> <span class=\"kd\">const<\/span> <span class=\"nx\">verifyAccessToken<\/span> <span class=\"o\">=<\/span> <span class=\"p\">(<\/span><span class=\"nx\">req<\/span><span class=\"p\">,<\/span> <span class=\"nx\">res<\/span><span class=\"p\">,<\/span> <span class=\"nx\">next<\/span><span class=\"p\">)<\/span> <span class=\"o\">=&gt;<\/span> <span class=\"p\">{<\/span>\n  <span class=\"kd\">const<\/span> <span class=\"nx\">authHeader<\/span> <span class=\"o\">=<\/span> <span class=\"nx\">req<\/span><span class=\"p\">.<\/span><span class=\"nx\">headers<\/span><span class=\"p\">[<\/span><span class=\"dl\">\"<\/span><span class=\"s2\">authorization<\/span><span class=\"dl\">\"<\/span><span class=\"p\">];<\/span>\n  <span class=\"kd\">const<\/span> <span class=\"nx\">token<\/span> <span class=\"o\">=<\/span> <span class=\"nx\">authHeader<\/span> <span class=\"o\">&amp;&amp;<\/span> <span class=\"nx\">authHeader<\/span><span class=\"p\">.<\/span><span class=\"nx\">split<\/span><span class=\"p\">(<\/span><span class=\"dl\">\"<\/span><span class=\"s2\"> <\/span><span class=\"dl\">\"<\/span><span class=\"p\">)[<\/span><span class=\"mi\">1<\/span><span class=\"p\">];<\/span>\n  <span class=\"k\">if<\/span> <span class=\"p\">(<\/span><span class=\"nx\">token<\/span> <span class=\"o\">==<\/span> <span class=\"kc\">null<\/span><span class=\"p\">)<\/span> <span class=\"k\">return<\/span> <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">sendStatus<\/span><span class=\"p\">(<\/span><span class=\"mi\">401<\/span><span class=\"p\">);<\/span>\n  <span class=\"kd\">const<\/span> <span class=\"nx\">user<\/span> <span class=\"o\">=<\/span> <span class=\"nx\">tokenVerifier<\/span><span class=\"p\">.<\/span><span class=\"nx\">validateAccessToken<\/span><span class=\"p\">(<\/span><span class=\"nx\">token<\/span><span class=\"p\">);<\/span>\n  <span class=\"k\">if<\/span> <span class=\"p\">(<\/span><span class=\"nx\">user<\/span><span class=\"p\">.<\/span><span class=\"nx\">tokenError<\/span><span class=\"p\">)<\/span>\n    <span class=\"k\">return<\/span> <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">status<\/span><span class=\"p\">(<\/span><span class=\"mi\">401<\/span><span class=\"p\">).<\/span><span class=\"nx\">json<\/span><span class=\"p\">({<\/span>\n      <span class=\"na\">error<\/span><span class=\"p\">:<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">Invalid Access token<\/span><span class=\"dl\">\"<\/span><span class=\"p\">,<\/span>\n      <span class=\"na\">tokenError<\/span><span class=\"p\">:<\/span> <span class=\"nx\">user<\/span><span class=\"p\">.<\/span><span class=\"nx\">tokenError<\/span><span class=\"p\">,<\/span>\n    <span class=\"p\">});<\/span>\n\n  <span class=\"nx\">req<\/span><span class=\"p\">.<\/span><span class=\"nx\">user<\/span> <span class=\"o\">=<\/span> <span class=\"nx\">user<\/span><span class=\"p\">;<\/span>\n  <span class=\"k\">return<\/span> <span class=\"nx\">next<\/span><span class=\"p\">();<\/span>\n<span class=\"p\">};<\/span>\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<ul>\n<li>\u0645\u0634\u062a\u0631\u06cc \u0628\u0627\u06cc\u062f \u0631\u0645\u0632 \u0631\u0627 \u062f\u0631 \u0633\u0631\u0628\u0631\u06af \u0645\u062c\u0648\u0632 \u0628\u0647 \u062f\u0646\u0628\u0627\u0644 \u0642\u0627\u0644\u0628 \u0627\u0631\u0633\u0627\u0644 \u06a9\u0646\u062f <code>Bearer $token<\/code>\n<\/li>\n<li>\u0627\u06af\u0631 \u062a\u0648\u06a9\u0646 \u0645\u0639\u062a\u0628\u0631 \u0646\u0628\u0627\u0634\u062f\u060c \u062e\u0637\u0627 \u0628\u0631\u06af\u0631\u062f\u0627\u0646\u062f\u0647 \u062e\u0648\u0627\u0647\u062f \u0634\u062f (\u0645\u0627\u0646\u0646\u062f TokenExpiredError \u06cc\u0627 JsonWebTokenError \u062f\u0631 \u0635\u0648\u0631\u062a \u0627\u0635\u0644\u0627\u062d \u062a\u0648\u06a9\u0646)<\/li>\n<li>\u062f\u0631 \u063a\u06cc\u0631 \u0627\u06cc\u0646 \u0635\u0648\u0631\u062a \u0633\u0631\u0648\u0631 \u067e\u0627\u06cc\u06af\u0627\u0647 \u062f\u0627\u062f\u0647 \u0631\u0627 \u067e\u0631\u0633 \u0648 \u062c\u0648 \u0645\u06cc \u06a9\u0646\u062f \u0648 \u0644\u06cc\u0633\u062a \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0645\u0634\u062a\u0631\u06cc \u0627\u0631\u0633\u0627\u0644 \u0645\u06cc \u06a9\u0646\u062f<\/li>\n<\/ul>\n<h2><span class=\"ez-toc-section\" id=\"%D8%AE%D8%B1%D9%88%D8%AC\"><\/span>\n<p>  \u062e\u0631\u0648\u062c<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u0645\u0633\u06cc\u0631: <code>router.delete(\"\/auth\/logout\", logout)<\/code><\/p>\n<h3><span class=\"ez-toc-section\" id=\"%D8%A7%D8%B2_%D8%AC%D9%84%D8%B3%D9%87_%D8%AC%D8%A7%D8%B1%DB%8C_%D8%AE%D8%A7%D8%B1%D8%AC_%D8%B4%D9%88%DB%8C%D8%AF\"><\/span>\n<p>  \u0627\u0632 \u062c\u0644\u0633\u0647 \u062c\u0627\u0631\u06cc \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight typescript\"><code><span class=\"k\">export<\/span> <span class=\"kd\">const<\/span> <span class=\"nx\">logout<\/span> <span class=\"o\">=<\/span> <span class=\"k\">async<\/span> <span class=\"p\">(<\/span><span class=\"nx\">req<\/span><span class=\"p\">,<\/span> <span class=\"nx\">res<\/span><span class=\"p\">)<\/span> <span class=\"o\">=&gt;<\/span> <span class=\"p\">{<\/span>\n  <span class=\"kd\">const<\/span> <span class=\"nx\">refreshToken<\/span> <span class=\"o\">=<\/span> <span class=\"nx\">req<\/span><span class=\"p\">.<\/span><span class=\"nx\">cookies<\/span><span class=\"p\">.<\/span><span class=\"nx\">refreshToken<\/span><span class=\"p\">;<\/span>\n  <span class=\"k\">if<\/span> <span class=\"p\">(<\/span><span class=\"o\">!<\/span><span class=\"nx\">refreshToken<\/span><span class=\"p\">)<\/span> <span class=\"k\">return<\/span> <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">status<\/span><span class=\"p\">(<\/span><span class=\"mi\">401<\/span><span class=\"p\">).<\/span><span class=\"nx\">json<\/span><span class=\"p\">({<\/span> <span class=\"na\">error<\/span><span class=\"p\">:<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">No Refresh Token<\/span><span class=\"dl\">\"<\/span> <span class=\"p\">});<\/span>\n\n  <span class=\"c1\">\/\/ does not check if it exists in the db<\/span>\n  <span class=\"kd\">const<\/span> <span class=\"nx\">user<\/span> <span class=\"o\">=<\/span> <span class=\"nx\">tokenVerifier<\/span><span class=\"p\">.<\/span><span class=\"nx\">verifyRefreshToken<\/span><span class=\"p\">(<\/span><span class=\"nx\">refreshToken<\/span><span class=\"p\">);<\/span>\n\n  <span class=\"k\">if<\/span> <span class=\"p\">(<\/span><span class=\"nx\">user<\/span><span class=\"p\">.<\/span><span class=\"nx\">tokenError<\/span><span class=\"p\">)<\/span>\n    <span class=\"k\">return<\/span> <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">status<\/span><span class=\"p\">(<\/span><span class=\"mi\">401<\/span><span class=\"p\">).<\/span><span class=\"nx\">json<\/span><span class=\"p\">({<\/span>\n      <span class=\"na\">error<\/span><span class=\"p\">:<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">Invalid Refresh token<\/span><span class=\"dl\">\"<\/span><span class=\"p\">,<\/span>\n      <span class=\"na\">tokenError<\/span><span class=\"p\">:<\/span> <span class=\"nx\">user<\/span><span class=\"p\">.<\/span><span class=\"nx\">tokenError<\/span><span class=\"p\">,<\/span>\n    <span class=\"p\">});<\/span>\n\n  <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">clearCookie<\/span><span class=\"p\">(<\/span><span class=\"dl\">\"<\/span><span class=\"s2\">refreshToken<\/span><span class=\"dl\">\"<\/span><span class=\"p\">);<\/span>\n  <span class=\"nx\">deleteRefreshTokenById<\/span><span class=\"p\">(<\/span><span class=\"nx\">user<\/span><span class=\"p\">.<\/span><span class=\"nx\">jwtid<\/span><span class=\"p\">);<\/span>\n  <span class=\"k\">return<\/span> <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">sendStatus<\/span><span class=\"p\">(<\/span><span class=\"mi\">200<\/span><span class=\"p\">);<\/span>\n<span class=\"p\">};<\/span>\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<h3><span class=\"ez-toc-section\" id=\"%D8%A7%D8%B2_%D9%87%D9%85%D9%87_%D8%AF%D8%B3%D8%AA%DA%AF%D8%A7%D9%87%E2%80%8C%D9%87%D8%A7_%D8%AE%D8%A7%D8%B1%D8%AC_%D8%B4%D9%88%DB%8C%D8%AF\"><\/span>\n<p>  \u0627\u0632 \u0647\u0645\u0647 \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>\u0645\u0633\u06cc\u0631: <code>router.delete(\"\/auth\/logout\", logout_all)<\/code><\/p>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight typescript\"><code><span class=\"k\">export<\/span> <span class=\"kd\">const<\/span> <span class=\"nx\">logout_all<\/span> <span class=\"o\">=<\/span> <span class=\"k\">async<\/span> <span class=\"p\">(<\/span><span class=\"nx\">req<\/span><span class=\"p\">,<\/span> <span class=\"nx\">res<\/span><span class=\"p\">)<\/span> <span class=\"o\">=&gt;<\/span> <span class=\"p\">{<\/span>\n  <span class=\"kd\">const<\/span> <span class=\"nx\">refreshToken<\/span> <span class=\"o\">=<\/span> <span class=\"nx\">req<\/span><span class=\"p\">.<\/span><span class=\"nx\">cookies<\/span><span class=\"p\">.<\/span><span class=\"nx\">refreshToken<\/span><span class=\"p\">;<\/span>\n  <span class=\"k\">if<\/span> <span class=\"p\">(<\/span><span class=\"o\">!<\/span><span class=\"nx\">refreshToken<\/span><span class=\"p\">)<\/span> <span class=\"k\">return<\/span> <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">status<\/span><span class=\"p\">(<\/span><span class=\"mi\">401<\/span><span class=\"p\">).<\/span><span class=\"nx\">json<\/span><span class=\"p\">({<\/span> <span class=\"na\">error<\/span><span class=\"p\">:<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">No Refresh Token<\/span><span class=\"dl\">\"<\/span> <span class=\"p\">});<\/span>\n\n  <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">clearCookie<\/span><span class=\"p\">(<\/span><span class=\"dl\">\"<\/span><span class=\"s2\">refreshToken<\/span><span class=\"dl\">\"<\/span><span class=\"p\">);<\/span>\n\n  <span class=\"c1\">\/\/ does not check if it exists in the db<\/span>\n  <span class=\"kd\">const<\/span> <span class=\"nx\">user<\/span> <span class=\"o\">=<\/span> <span class=\"nx\">tokenVerifier<\/span><span class=\"p\">.<\/span><span class=\"nx\">verifyRefreshToken<\/span><span class=\"p\">(<\/span><span class=\"nx\">refreshToken<\/span><span class=\"p\">);<\/span>\n\n  <span class=\"k\">if<\/span> <span class=\"p\">(<\/span><span class=\"nx\">user<\/span><span class=\"p\">.<\/span><span class=\"nx\">tokenError<\/span><span class=\"p\">)<\/span>\n    <span class=\"k\">return<\/span> <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">status<\/span><span class=\"p\">(<\/span><span class=\"mi\">401<\/span><span class=\"p\">).<\/span><span class=\"nx\">json<\/span><span class=\"p\">({<\/span>\n      <span class=\"na\">error<\/span><span class=\"p\">:<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">Invalid Refresh token<\/span><span class=\"dl\">\"<\/span><span class=\"p\">,<\/span>\n      <span class=\"na\">tokenError<\/span><span class=\"p\">:<\/span> <span class=\"nx\">user<\/span><span class=\"p\">.<\/span><span class=\"nx\">tokenError<\/span><span class=\"p\">,<\/span>\n    <span class=\"p\">});<\/span>\n\n  <span class=\"c1\">\/\/ delete all tokens associated with this user<\/span>\n  <span class=\"nx\">deleteAllRefreshTokens<\/span><span class=\"p\">(<\/span><span class=\"nx\">user<\/span><span class=\"p\">.<\/span><span class=\"nx\">id<\/span><span class=\"p\">);<\/span>\n  <span class=\"k\">return<\/span> <span class=\"nx\">res<\/span><span class=\"p\">.<\/span><span class=\"nx\">sendStatus<\/span><span class=\"p\">(<\/span><span class=\"mi\">200<\/span><span class=\"p\">);<\/span>\n<span class=\"p\">};<\/span>\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<p>\u0628\u0647 2 \u0686\u06cc\u0632 \u062a\u0648\u062c\u0647 \u06a9\u0646\u06cc\u062f\u060c<\/p>\n<ol>\n<li>\u0647\u06cc\u0686 \u0628\u0631\u0631\u0633\u06cc \u0628\u0631\u0627\u06cc \u062f\u06cc\u062f\u0646 \u0627\u06cc\u0646\u06a9\u0647 \u0622\u06cc\u0627 \u062a\u0648\u06a9\u0646 \u062f\u0631 db \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f \u0648\u062c\u0648\u062f \u0646\u062f\u0627\u0631\u062f<\/li>\n<li>\u062a\u0623\u06cc\u06cc\u062f \u0631\u0645\u0632 \u062f\u0633\u062a\u0631\u0633\u06cc \u0646\u0627\u062f\u06cc\u062f\u0647 \u06af\u0631\u0641\u062a\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a<\/li>\n<\/ol>\n<p>\u0628\u06cc\u0627\u06cc\u06cc\u062f \u0633\u0646\u0627\u0631\u06cc\u0648\u06cc\u06cc \u0631\u0627 \u062f\u0631 \u0646\u0638\u0631 \u0628\u06af\u06cc\u0631\u06cc\u0645 \u06a9\u0647 \u062f\u0631 \u0622\u0646 \u06a9\u0648\u06a9\u06cc \u0645\u0634\u062a\u0631\u06cc \u0631\u0628\u0648\u062f\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a\u060c \u0628\u0646\u0627\u0628\u0631\u0627\u06cc\u0646 \u0645\u0647\u0627\u062c\u0645 \u062f\u0627\u0631\u0627\u06cc refreshToken \u0627\u0633\u062a.<\/p>\n<ul>\n<li>\u0627\u06a9\u0646\u0648\u0646 \u0627\u0648 \u0627\u0632 \u0622\u0646 refreshToken \u0628\u0631\u0627\u06cc \u062f\u0631\u06cc\u0627\u0641\u062a AccessToken \u062c\u062f\u06cc\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u062f<\/li>\n<li>\u06a9\u0647 refreshToken \u06a9\u0644\u0627\u06cc\u0646\u062a \u0631\u0627 \u06a9\u0647 \u0627\u0632 \u0622\u0646 \u0631\u0628\u0648\u062f\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a \u0628\u0627\u0637\u0644 \u0645\u06cc \u06a9\u0646\u062f<\/li>\n<li>\u0622\u0646 \u0645\u0634\u062a\u0631\u06cc \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u06a9\u0627\u0631\u0628\u0631 \u0642\u0627\u0646\u0648\u0646\u06cc \u0628\u0627\u0634\u062f<\/li>\n<li>\u0648 \u0627\u06a9\u0646\u0648\u0646 \u0622\u0646 \u0645\u0634\u062a\u0631\u06cc \u0646\u0645\u06cc \u062a\u0648\u0627\u0646\u062f AccessToken \u062c\u062f\u06cc\u062f\u06cc \u062f\u0631\u06cc\u0627\u0641\u062a \u06a9\u0646\u062f<\/li>\n<li>\u0628\u0646\u0627\u0628\u0631\u0627\u06cc\u0646 \u0627\u06af\u0631 \u062a\u0623\u06cc\u06cc\u062f accesToken \u06cc\u0627 \u0628\u0631\u0631\u0633\u06cc \u0648\u062c\u0648\u062f \u0646\u0634\u0627\u0646\u0647 \u062f\u0631 db \u0648\u062c\u0648\u062f \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f\u060c \u0622\u0646 \u06a9\u0644\u0627\u06cc\u0646\u062a \u0646\u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0627\u0632 \u0633\u06cc\u0633\u062a\u0645 \u062e\u0627\u0631\u062c \u0634\u0648\u062f.<\/li>\n<\/ul>\n<h2><span class=\"ez-toc-section\" id=\"%D8%AA%D8%B3%D8%AA_api\"><\/span>\n<p>  \u062a\u0633\u062a api<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u062f \u0627\u0632 curl \u0628\u0631\u0627\u06cc \u0627\u0646\u062c\u0627\u0645 \u062a\u0645\u0627\u0645 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0647\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f<br \/>\u062a\u0645\u0627\u0645 \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u0641\u0647\u0631\u0633\u062a \u0634\u062f\u0647 \u062f\u0631 \u0632\u06cc\u0631 \u062f\u0631 tests\/api-test-curl.sh \u0646\u0648\u0634\u062a\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a<\/p>\n<p>\u0627\u06af\u0631 \u0627\u0632 Insomnia \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u06a9\u0646\u06cc\u062f\u060c \u06a9\u0647 \u0627\u0628\u0632\u0627\u0631\u06cc \u0639\u0627\u0644\u06cc \u0628\u0631\u0627\u06cc \u062a\u0633\u062a api \u0645\u0646\u0628\u0639 \u0628\u0627\u0632 \u0627\u0633\u062a\u060c \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u06cc\u062f \u062a\u0645\u0627\u0645 \u062f\u0631\u062e\u0648\u0627\u0633\u062a\u200c\u0647\u0627 \u0631\u0627 \u0627\u0632 tests\/api-test-insomnia.json \u0648\u0627\u0631\u062f \u06a9\u0646\u06cc\u062f.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%D8%AB%D8%A8%D8%AA_%D9%86%D8%A7%D9%85\"><\/span>\n<p>  \u062b\u0628\u062a \u0646\u0627\u0645<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight shell\"><code>curl <span class=\"nt\">--request<\/span> POST <span class=\"se\">\\<\/span>\n  <span class=\"nt\">--url<\/span> http:\/\/localhost:5000\/api\/auth\/register <span class=\"se\">\\<\/span>\n  <span class=\"nt\">--header<\/span> <span class=\"s1\">'Content-Type: application\/json'<\/span> <span class=\"se\">\\<\/span>\n  <span class=\"nt\">--data<\/span> <span class=\"s1\">'{\n    \"username\" : \"gr523\",\n    \"email\" : \"gr523@gmail.com\",\n    \"password\" : \"Pass82G9\"\n}'<\/span>\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<h3><span class=\"ez-toc-section\" id=\"%D9%88%D8%A7%D8%B1%D8%AF_%D8%B4%D8%AF%D9%86-2\"><\/span>\n<p>  \u0648\u0627\u0631\u062f \u0634\u062f\u0646<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight shell\"><code>curl <span class=\"nt\">--request<\/span> POST <span class=\"se\">\\<\/span>\n  <span class=\"nt\">--url<\/span> http:\/\/localhost:5000\/api\/auth\/login <span class=\"se\">\\<\/span>\n  <span class=\"nt\">--header<\/span> <span class=\"s1\">'Content-Type: application\/json'<\/span> <span class=\"se\">\\<\/span>\n  <span class=\"nt\">--cookie-jar<\/span> <span class=\"s2\">\"cookie.txt\"<\/span> <span class=\"se\">\\<\/span>\n  <span class=\"nt\">--data<\/span> <span class=\"s1\">'{\n    \"username\" : \"gr523\",\n    \"password\" : \"Pass82G9\"\n}'<\/span>\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<p>\u062e\u0631\u0648\u062c\u06cc: <code>{\"accessToken\":\"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjNjY2Q2ZjNhLWQxMzItNDQzZi05NWM0LTRmMDJjYmU3ZDRlMSIsInVzZXJuYW1lIjoiZ3I1MjMiLCJlbWFpbCI6ImdyNTIzQGdtYWlsLmNvbSIsImlhdCI6MTY4MTkyOTYyNywiZXhwIjoxNjgxOTI5OTI3fQ.qbfKNvMk2W9JojB7O9CAtshOKoPQ1n2whLWrP4lzEJo\"}<\/code><\/p>\n<ul>\n<li>\u06a9\u0648\u06a9\u06cc \u062f\u0631 cookie.txt \u0630\u062e\u06cc\u0631\u0647 \u062e\u0648\u0627\u0647\u062f \u0634\u062f<\/li>\n<li>\u0645\u0642\u062f\u0627\u0631 accessToken \u0631\u0627 \u062f\u0631 \u06a9\u0644\u06cc\u067e \u0628\u0648\u0631\u062f \u062e\u0648\u062f \u06a9\u067e\u06cc \u06a9\u0646\u06cc\u062f<\/li>\n<\/ul>\n<h3><span class=\"ez-toc-section\" id=\"%D8%AF%D8%B3%D8%AA%D8%B1%D8%B3%DB%8C_%D8%A8%D9%87_%D9%86%D9%82%D8%B7%D9%87_%D9%BE%D8%A7%DB%8C%D8%A7%D9%86%DB%8C_%D9%85%D8%AD%D8%A7%D9%81%D8%B8%D8%AA_%D8%B4%D8%AF%D9%87\"><\/span>\n<p>  \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0646\u0642\u0637\u0647 \u067e\u0627\u06cc\u0627\u0646\u06cc \u0645\u062d\u0627\u0641\u0638\u062a \u0634\u062f\u0647<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ul>\n<li>AccessToken \u0631\u0627 \u0628\u0639\u062f \u0627\u0632 Bearer \u0642\u0631\u0627\u0631 \u062f\u0647\u06cc\u062f\n<\/li>\n<\/ul>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight shell\"><code>curl <span class=\"nt\">--request<\/span> GET <span class=\"se\">\\<\/span>\n  <span class=\"nt\">--url<\/span> http:\/\/localhost:5000\/api\/api\/users <span class=\"se\">\\<\/span>\n  <span class=\"nt\">--header<\/span> <span class=\"s1\">'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjNjY2Q2ZjNhLWQxMzItNDQzZi05NWM0LTRmMDJjYmU3ZDRlMSIsInVzZXJuYW1lIjoiZ3I1MjMiLCJlbWFpbCI6ImdyNTIzQGdtYWlsLmNvbSIsImlhdCI6MTY4MTkyOTYyNywiZXhwIjoxNjgxOTI5OTI3fQ.qbfKNvMk2W9JojB7O9CAtshOKoPQ1n2whLWrP4lzEJo'<\/span>\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<p>\u062e\u0631\u0648\u062c\u06cc: <code>{\"users\":[{\"id\":\"3ccd6f3a-d132-443f-95c4-4f02cbe7d4e1\",\"username\":\"gr523\",\"email\":\"gr523@gmail.com\"}]}<\/code><\/p>\n<ul>\n<li>\u0645\u0642\u062f\u0627\u0631 accessToken \u0631\u0627 \u062a\u063a\u06cc\u06cc\u0631 \u062f\u0647\u06cc\u062f\n<\/li>\n<\/ul>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight shell\"><code>curl <span class=\"nt\">--request<\/span> GET <span class=\"se\">\\<\/span>\n  <span class=\"nt\">--url<\/span> http:\/\/localhost:5000\/api\/api\/users <span class=\"se\">\\<\/span>\n  <span class=\"nt\">--header<\/span> <span class=\"s1\">'Authorization: Bearer xxxxxxxxxxxxxxxxNiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjNjY2Q2ZjNhLWQxMzItNDQzZi05NWM0LTRmMDJjYmU3ZDRlMSIsInVzZXJuYW1lIjoiZ3I1MjMiLCJlbWFpbCI6ImdyNTIzQGdtYWlsLmNvbSIsImlhdCI6MTY4MTkyOTYyNywiZXhwIjoxNjgxOTI5OTI3fQ.qbfKNvMk2W9JojB7O9CAtshOKoPQ1n2whLWrP4lzEJo'<\/span>\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<p>\u062e\u0631\u0648\u062c\u06cc <code>{\"error\":\"Invalid Access token\",\"tokenError\":\"JsonWebTokenError\"}<\/code><\/p>\n<p>\u0645\u062f\u062a \u0627\u0639\u062a\u0628\u0627\u0631 accessToken \u0631\u0648\u06cc 5 \u062f\u0642\u06cc\u0642\u0647 \u062a\u0646\u0638\u06cc\u0645 \u0634\u062f\u0647 \u0627\u0633\u062a\u060c \u067e\u0633 \u0627\u0632 \u0622\u0646 \u0646\u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u062f \u0627\u0632 \u0622\u0646 \u0646\u0634\u0627\u0646\u0647 \u0628\u0631\u0627\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0645\u0646\u0627\u0628\u0639 \u0645\u062d\u0627\u0641\u0638\u062a \u0634\u062f\u0647 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f.<\/p>\n<p>\u067e\u0627\u0633\u062e \u062e\u0648\u0627\u0647\u062f \u0628\u0648\u062f <code>{\"error\":\"Invalid Access token\",\"tokenError\":\"TokenExpiredError\"}<\/code><\/p>\n<p>\u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u062f \u0645\u062f\u062a \u0627\u0639\u062a\u0628\u0627\u0631 \u0631\u0627 \u062f\u0631 utils\/genToken.ts \u062a\u063a\u06cc\u06cc\u0631 \u062f\u0647\u06cc\u062f<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Refresh_Access_Token-2\"><\/span>\n<p>  Refresh Access Token<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ul>\n<li>\u0627\u0632 \u0645\u0642\u062f\u0627\u0631 refreshToken \u0627\u0632 cookie.txt \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f\n<\/li>\n<\/ul>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight shell\"><code>curl <span class=\"nt\">--request<\/span> GET <span class=\"se\">\\<\/span>\n  <span class=\"nt\">--url<\/span> http:\/\/localhost:5000\/api\/auth\/refresh <span class=\"se\">\\<\/span>\n  <span class=\"nt\">--cookie<\/span> <span class=\"nv\">refreshToken<\/span><span class=\"o\">=<\/span>eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqd3RpZCI6IjQwY2VkYmRjLWM2NmQtNGJlYy1hNjc4LTg0MWJkZDhlMTBkMyIsImlkIjoiM2NjZDZmM2EtZDEzMi00NDNmLTk1YzQtNGYwMmNiZTdkNGUxIiwidXNlcm5hbWUiOiJncjUyMyIsImVtYWlsIjoiZ3I1MjNAZ21haWwuY29tIiwiaWF0IjoxNjgxOTI4MzgwLCJleHAiOjE2ODQ1MjAzODB9.WDk-YbqxX7_yCr8ATbDxbCV-W6EUNzxZPchPaHnuZAI\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<p>\u06cc\u0627 \u062f\u0631 \u0644\u06cc\u0646\u0648\u06a9\u0633 \u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u062f \u0627\u0632 sed \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f\u060c<\/p>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight shell\"><code>curl <span class=\"nt\">--request<\/span> GET <span class=\"se\">\\<\/span>\n  <span class=\"nt\">--url<\/span> http:\/\/localhost:5000\/api\/auth\/refresh <span class=\"se\">\\<\/span>\n  <span class=\"nt\">--cookie<\/span> <span class=\"nv\">refreshToken<\/span><span class=\"o\">=<\/span><span class=\"s2\">\"<\/span><span class=\"si\">$(<\/span><span class=\"nb\">sed<\/span> <span class=\"nt\">-En<\/span> <span class=\"s1\">'\/refreshToken\/s\/.*refreshToken\\s*(.*)\/\\1\/p'<\/span> cookie.txt<span class=\"si\">)<\/span><span class=\"s2\">\"<\/span>\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<p>\u062f\u0648\u0628\u0627\u0631\u0647 \u0648\u0627\u0631\u062f \u0634\u0648\u06cc\u062f \u0648 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0631\u0641\u0631\u0634 \u06a9\u0646\u06cc\u062f\u060c \u067e\u0627\u0633\u062e \u062e\u0648\u0627\u0647\u062f \u0628\u0648\u062f <code>{\"error\":\"Invalid Refresh Token\",\"tokenError\":\"OldToken\"}<\/code><\/p>\n<p>\u0634\u0645\u0627 \u062a\u0627 \u0627\u06cc\u0646 \u0645\u0631\u062d\u0644\u0647 \u062e\u0648\u0627\u0646\u062f\u0647 \u0627\u06cc\u062f\u060c \u0622\u0645\u0627\u062f\u0647 \u0647\u0633\u062a\u06cc\u062f \u062a\u0627 \u067e\u0631\u0648\u0698\u0647 rest-api \u0628\u0639\u062f\u06cc \u062e\u0648\u062f \u0631\u0627 \u0634\u0631\u0648\u0639 \u06a9\u0646\u06cc\u062f.  \u0642\u062f\u0631\u062f\u0627\u0646 \u0647\u0631 \u06af\u0648\u0646\u0647 \u0628\u0627\u0632\u062e\u0648\u0631\u062f\u06cc \u0647\u0633\u062a\u0645.  \u0628\u0647 \u0645\u0646 \u0628\u06af\u0648\u06cc\u06cc\u062f\u060c \u0627\u06af\u0631 \u0627\u06cc\u0646 \u0633\u0628\u06a9 \u0627\u0632 \u0622\u0645\u0648\u0632\u0634 \u0631\u0627 \u062f\u0648\u0633\u062a \u062f\u0627\u0631\u06cc\u062f \u06cc\u0627 \u0686\u0647 \u0686\u06cc\u0632\u06cc \u0631\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646 \u0628\u0631\u0627\u06cc \u0628\u0647\u062a\u0631 \u06a9\u0631\u062f\u0646 \u0622\u0646 \u062a\u063a\u06cc\u06cc\u0631 \u062f\u0627\u062f<\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>\u0628\u0631\u0631\u0633\u06cc \u0627\u062c\u0645\u0627\u0644\u06cc \u067e\u0633 \u0627\u0632 \u062e\u0648\u0627\u0646\u062f\u0646 \u0627\u06cc\u0646 \u0645\u0642\u0627\u0644\u0647\u060c \u0634\u0645\u0627 \u0642\u0627\u062f\u0631 \u062e\u0648\u0627\u0647\u06cc\u062f \u0628\u0648\u062f \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0628\u0627 \u0646\u0627\u0645 \u06a9\u0627\u0631\u0628\u0631\u06cc\/\u0627\u06cc\u0645\u06cc\u0644 \u0648 \u0631\u0645\u0632 \u0639\u0628\u0648\u0631 \u0622\u0646\u0647\u0627 \u06a9\u0627\u0631\u0628\u0631\u062f\u0647\u0627\u06cc accessToken \u0648 refreshToken \u0631\u0627 \u062f\u0631\u06a9 \u06a9\u0646\u06cc\u062f \u0628\u0627 \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc accessToken\u060c \u0627\u0632 \u0646\u0642\u0627\u0637 \u067e\u0627\u06cc\u0627\u0646\u06cc api \u062f\u0631 \u0628\u0631\u0627\u0628\u0631 \u0645\u0634\u062a\u0631\u06cc\u0627\u0646 \u063a\u06cc\u0631\u0645\u062c\u0627\u0632 \u0645\u062d\u0627\u0641\u0638\u062a \u06a9\u0646\u06cc\u062f \u0627\u062c\u0627\u0632\u0647 \u0648\u0631\u0648\u062f \u0686\u0646\u062f\u06af\u0627\u0646\u0647 \u0628\u0627 \u0642\u0627\u0628\u0644\u06cc\u062a \u0644\u063a\u0648 \u062a\u0645\u0627\u0645 \u062c\u0644\u0633\u0647 \u06cc\u06a9 \u0627\u0644\u06af\u0648 \u0628\u0627 \u0645\u062d\u0627\u0641\u0638\u062a \u0627\u0632 \u062b\u0628\u062a &hellip;<\/p>\n","protected":false},"author":2,"featured_media":18560,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"","fifu_image_alt":"","footnotes":""},"categories":[339],"tags":[],"class_list":["post-18559","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-dev"],"_links":{"self":[{"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/posts\/18559","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/comments?post=18559"}],"version-history":[{"count":0,"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/posts\/18559\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/media\/18560"}],"wp:attachment":[{"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/media?parent=18559"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/categories?post=18559"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/tags?post=18559"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}