Fixed: Multiple tokens creation for already logged in users

Issue hagopj13#274 resolved
mdmuhtasimfuadfahim · Oct 25, 2023 · 869a47e · 869a47e
1 parent 179ae84
commit 869a47e
Showing 1 changed file with 9 additions and 3 deletions.
diff --git a/src/services/token.service.js b/src/services/token.service.js
@@ -66,20 +66,26 @@ const verifyToken = async (token, type) => {
  * @returns {Promise<Object>}
  */
 const generateAuthTokens = async (user) => {
+  let refreshTokenDoc = await Token.findOne({ user: user._id });
   const accessTokenExpires = moment().add(config.jwt.accessExpirationMinutes, 'minutes');
   const accessToken = generateToken(user.id, accessTokenExpires, tokenTypes.ACCESS);
 
   const refreshTokenExpires = moment().add(config.jwt.refreshExpirationDays, 'days');
-  const refreshToken = generateToken(user.id, refreshTokenExpires, tokenTypes.REFRESH);
-  await saveToken(refreshToken, user.id, refreshTokenExpires, tokenTypes.REFRESH);
+  if (!refreshTokenDoc) {
+    const refreshToken = generateToken(user.id, refreshTokenExpires, tokenTypes.REFRESH);
+    await saveToken(refreshToken, user.id, refreshTokenExpires, tokenTypes.REFRESH);
+
+    refreshTokenDoc = {};
+    refreshTokenDoc.token = refreshToken;
+  }
 
   return {
     access: {
       token: accessToken,
       expires: accessTokenExpires.toDate(),
     },
     refresh: {
-      token: refreshToken,
+      token: refreshTokenDoc.token,
       expires: refreshTokenExpires.toDate(),
     },
   };