sending jwt token in cookie

rakibtweets · rakibtweets · commit b8b24bc84f51 · 2022-01-21T06:44:57.000+06:00
diff --git a/Controllers/userAuthController.js b/Controllers/userAuthController.js
@@ -2,6 +2,7 @@ const mongoose = require('mongoose');
 const User = require('../Modals/userModels');
 const ErrrorHandler = require('../Utils/errorHandler');
 const catchAsyncErrors = require('../Middlewares/catchAsyncErrors');
+const sendToken = require('../Utils/JwtToken');
 
 // Register a user => /api/v1/register
 exports.registerUser = catchAsyncErrors(async (req, res, next) => {
@@ -17,11 +18,7 @@ exports.registerUser = catchAsyncErrors(async (req, res, next) => {
     },
   });
 
-  const token = user.getJwtToken();
-  res.status(201).json({
-    success: true,
-    token,
-  });
+  sendToken(user, 200, res);
 });
 
 // Login user => /api/v1/login
@@ -47,10 +44,5 @@ exports.loginUser = catchAsyncErrors(async (req, res, next) => {
     return next(new ErrrorHandler('Invalid Email or Password', 401));
   }
 
-  const token = user.getJwtToken();
-
-  res.status(200).json({
-    success: true,
-    token,
-  });
+  sendToken(user, 200, res);
 });
diff --git a/Utils/JwtToken.js b/Utils/JwtToken.js
@@ -0,0 +1,21 @@
+// create and send token and save in the cookie.
+
+const sendToken = (user, statusCode, res) => {
+  //create token
+  const token = user.getJwtToken();
+
+  //options for cookie
+  const options = {
+    expires: new Date(
+      Date.now() + process.env.COOKIE_EXPIRES_TIME * 24 * 60 * 60 * 1000
+    ),
+    httpOnly: true,
+  };
+  res.status(statusCode).cookie('token', token, options).json({
+    success: true,
+    token,
+    user,
+  });
+};
+
+module.exports = sendToken;
