auth with cookie

controller/auth.controller.js

@@ -90,9 +90,21 @@ exports.login = handleError(async (req, res) => {
     token: `Bearer ${accessToken}`,
     user: cekUser,
   }
+  const now = new Date()
+  const time = now.getTime()
+  now.setTime(time + 24 * 60 * 60 * 1000)
+  res.cookie('sidali-cookie', accessToken, { httpOnly: true, expires: now })
 
   response.success(res, {
     message: 'Berhasil Login',
     data,
   })
 })
+
+exports.logout = (req, res) => {
+  res.cookie('sidali-cookie', '', { expires: new Date() })
+
+  response.success(res, {
+    message: 'Berhasil Logout',
+  })
+}

middleware/verifyToken.js

@@ -6,7 +6,8 @@ module.exports = (req, res, next) => {
   const authHeader = req.headers.authorization
   const token =
     (req.params.token && req.params.token.split(' ')[1]) ||
-    (authHeader && authHeader.split(' ')[1])
+    (authHeader && authHeader.split(' ')[1]) ||
+    req.cookies['sidali-cookie']
 
   if (!token)
     return response.error(res, {
@@ -15,11 +16,13 @@ module.exports = (req, res, next) => {
     })
 
   jwt.verify(token, process.env.SECRET, async (err, data) => {
-    if (err)
+    if (err) {
       return response.error(res, {
         code: 401,
         message: 'Unauthorized',
       })
+    }
+
     try {
       const user = await userModel.findById(data._id)
       req.user = user

routes/v1/auth.routes.js

@@ -1,6 +1,8 @@
 const router = require('express').Router()
 const auth = require('../../controller/auth.controller')
+const verify = require('../../middleware/verifyToken')
 
 router.post('/login', auth.login)
+router.delete('/logout', verify, auth.logout)
 
 module.exports = router