feat: refresh token

src/auth/controllers/auth.controller.ts

@@ -10,6 +10,7 @@ import {
   EnableBiometricRequestDto,
   ForgetPasswordRequestDto,
   LoginRequestDto,
+  RefreshTokenRequestDto,
   SendForgetPasswordOtpRequestDto,
   SetEmailRequestDto,
   setJuniorPasswordRequestDto,
@@ -85,6 +86,13 @@ export class AuthController {
     return this.authService.setJuniorPasscode(setPasscodeDto);
   }
 
+  @Post('refresh-token')
+  @Public()
+  async refreshToken(@Body() { refreshToken }: RefreshTokenRequestDto) {
+    const [res, user] = await this.authService.refreshToken(refreshToken);
+    return ResponseFactory.data(new LoginResponseDto(res, user));
+  }
+
   @Post('login')
   async login(@Body() loginDto: LoginRequestDto, @Headers(DEVICE_ID_HEADER) deviceId: string) {
     const [res, user] = await this.authService.login(loginDto, deviceId);

src/auth/dtos/request/index.ts

@@ -3,6 +3,7 @@ export * from './disable-biometric.request.dto';
 export * from './enable-biometric.request.dto';
 export * from './forget-password.request.dto';
 export * from './login.request.dto';
+export * from './refresh-token.request.dto';
 export * from './send-forget-password-otp.request.dto';
 export * from './set-email.request.dto';
 export * from './set-junior-password.request.dto';

src/auth/dtos/request/refresh-token.request.dto.ts

@@ -0,0 +1,9 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { IsNotEmpty, IsString } from 'class-validator';
+import { i18nValidationMessage as i18n } from 'nestjs-i18n';
+export class RefreshTokenRequestDto {
+  @ApiProperty()
+  @IsString({ message: i18n('validation.isString', { path: 'general', property: 'auth.refreshToken' }) })
+  @IsNotEmpty({ message: i18n('validation.required', { path: 'general', property: 'auth.refreshToken' }) })
+  refreshToken!: string;
+}

src/auth/services/auth.service.ts

@@ -19,7 +19,7 @@ import {
 import { VerifyUserRequestDto } from '../dtos/request/verify-user.request.dto';
 import { User } from '../entities';
 import { GrantType, Roles } from '../enums';
-import { ILoginResponse } from '../interfaces';
+import { IJwtPayload, ILoginResponse } from '../interfaces';
 import { removePadding, verifySignature } from '../utils';
 import { DeviceService } from './device.service';
 import { UserService } from './user.service';
@@ -197,6 +197,22 @@ export class AuthService {
     await this.juniorTokenService.invalidateToken(body.qrToken);
   }
 
+  async refreshToken(refreshToken: string): Promise<[ILoginResponse, User]> {
+    try {
+      const isValid = await this.jwtService.verifyAsync<IJwtPayload>(refreshToken, {
+        secret: this.configService.getOrThrow('JWT_REFRESH_TOKEN_SECRET'),
+      });
+
+      const user = await this.userService.findUserOrThrow({ id: isValid.sub });
+
+      const tokens = await this.generateAuthToken(user);
+
+      return [tokens, user];
+    } catch (error) {
+      throw new BadRequestException('AUTH.INVALID_REFRESH_TOKEN');
+    }
+  }
+
   private async loginWithPassword(loginDto: LoginRequestDto, user: User): Promise<ILoginResponse> {
     const isPasswordValid = bcrypt.compareSync(loginDto.password, user.password);