Implement refresh token logic with fingerprint + rotation

server/resolvers/update_profile.go

@@ -8,11 +8,13 @@ import (
 	"time"
 
 	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/cookie"
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/db/models"
 	"github.com/authorizerdev/authorizer/server/email"
 	"github.com/authorizerdev/authorizer/server/graph/model"
-	"github.com/authorizerdev/authorizer/server/session"
+	"github.com/authorizerdev/authorizer/server/sessionstore"
+	"github.com/authorizerdev/authorizer/server/token"
 	"github.com/authorizerdev/authorizer/server/utils"
 	"golang.org/x/crypto/bcrypt"
 )
@@ -25,29 +27,17 @@ func UpdateProfileResolver(ctx context.Context, params model.UpdateProfileInput)
 		return res, err
 	}
 
-	token, err := utils.GetAuthToken(gc)
+	claims, err := token.ValidateAccessToken(gc)
 	if err != nil {
 		return res, err
 	}
 
-	claim, err := utils.VerifyAuthToken(token)
-	if err != nil {
-		return res, err
-	}
-
-	id := fmt.Sprintf("%v", claim["id"])
-	sessionToken := session.GetUserSession(id, token)
-
-	if sessionToken == "" {
-		return res, fmt.Errorf(`unauthorized`)
-	}
-
 	// validate if all params are not empty
 	if params.GivenName == nil && params.FamilyName == nil && params.Picture == nil && params.MiddleName == nil && params.Nickname == nil && params.OldPassword == nil && params.Email == nil && params.Birthdate == nil && params.Gender == nil && params.PhoneNumber == nil {
-		return res, fmt.Errorf("please enter atleast one param to update")
+		return res, fmt.Errorf("please enter at least one param to update")
 	}
 
-	userEmail := fmt.Sprintf("%v", claim["email"])
+	userEmail := fmt.Sprintf("%v", claims["email"])
 	user, err := db.Provider.GetUserByEmail(userEmail)
 	if err != nil {
 		return res, err
@@ -123,20 +113,20 @@ func UpdateProfileResolver(ctx context.Context, params model.UpdateProfileInput)
 			return res, fmt.Errorf("user with this email address already exists")
 		}
 
-		session.DeleteAllUserSession(fmt.Sprintf("%v", user.ID))
-		utils.DeleteCookie(gc)
+		sessionstore.DeleteAllUserSession(fmt.Sprintf("%v", user.ID))
+		cookie.DeleteCookie(gc)
 
 		user.Email = newEmail
 		user.EmailVerifiedAt = nil
 		hasEmailChanged = true
 		// insert verification request
 		verificationType := constants.VerificationTypeUpdateEmail
-		token, err := utils.CreateVerificationToken(newEmail, verificationType)
+		verificationToken, err := token.CreateVerificationToken(newEmail, verificationType)
 		if err != nil {
 			log.Println(`error generating token`, err)
 		}
 		db.Provider.AddVerificationRequest(models.VerificationRequest{
-			Token:      token,
+			Token:      verificationToken,
 			Identifier: verificationType,
 			ExpiresAt:  time.Now().Add(time.Minute * 30).Unix(),
 			Email:      newEmail,
@@ -144,7 +134,7 @@ func UpdateProfileResolver(ctx context.Context, params model.UpdateProfileInput)
 
 		// exec it as go routin so that we can reduce the api latency
 		go func() {
-			email.SendVerificationMail(newEmail, token)
+			email.SendVerificationMail(newEmail, verificationToken)
 		}()
 	}