mirror of
https://github.com/PeterMaquiran/tvone.git
synced 2026-04-19 20:26:06 +00:00
56 lines
1.4 KiB
TypeScript
56 lines
1.4 KiB
TypeScript
import { NextResponse } from "next/server";
|
|
|
|
export async function GET(req: Request) {
|
|
const cookie = req.headers.get("cookie");
|
|
|
|
const refreshToken = cookie
|
|
?.split("; ")
|
|
.find((c) => c.startsWith("refresh_token="))
|
|
?.split("=")[1];
|
|
|
|
if (!refreshToken) {
|
|
return NextResponse.json({ message: "No refresh token" }, { status: 401 });
|
|
}
|
|
|
|
try {
|
|
// Call your auth server (Keycloak or NestJS)
|
|
const res = await fetch("http://api.example.com/auth/refresh", {
|
|
method: "POST",
|
|
headers: {
|
|
"Content-Type": "application/json",
|
|
},
|
|
body: JSON.stringify({ refresh_token: refreshToken }),
|
|
});
|
|
|
|
if (!res.ok) {
|
|
throw new Error("Refresh failed");
|
|
}
|
|
|
|
const data = await res.json();
|
|
|
|
const response = NextResponse.json({ success: true });
|
|
|
|
// 🍪 Set new access token
|
|
response.cookies.set("access_token", data.access_token, {
|
|
httpOnly: true,
|
|
secure: true,
|
|
sameSite: "lax",
|
|
path: "/",
|
|
domain: ".example.com",
|
|
maxAge: data.expires_in,
|
|
});
|
|
|
|
response.cookies.set("refresh_token", data.refresh_token, {
|
|
httpOnly: true,
|
|
secure: true,
|
|
sameSite: "lax",
|
|
path: "/",
|
|
domain: ".example.com",
|
|
maxAge: data.expires_in,
|
|
});
|
|
|
|
return response;
|
|
} catch {
|
|
return NextResponse.json({ message: "Refresh failed" }, { status: 401 });
|
|
}
|
|
} |