Add renew token

Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com>

packages/strapi-admin/config/routes.json

@@ -59,6 +59,11 @@
       "path": "/login",
       "handler": "authentication.login"
     },
+    {
+      "method": "POST",
+      "path": "/renew-token",
+      "handler": "authentication.renewToken"
+    },
     {
       "method": "POST",
       "path": "/auth/local/register",

packages/strapi-admin/controllers/authentication.js

@@ -3,17 +3,20 @@
 const passport = require('koa-passport');
 const compose = require('koa-compose');
 
-const login = compose([
+module.exports = {
+  login: compose([
     (ctx, next) => {
       return passport.authenticate('local', { session: false }, (err, user, info) => {
         if (err) {
-        ctx.body = { error: 'Internal server error' };
+          return ctx.badImplementation();
-      } else if (!user) {
+        }
-        ctx.body = { error: info.error };
+
-      } else {
+        if (!user) {
+          return ctx.badRequest(info.error);
+        }
+
         ctx.state.user = user;
         return next();
-      }
       })(ctx, next);
     },
     ctx => {
@@ -26,8 +29,25 @@ const login = compose([
         },
       };
     },
-]);
+  ]),
 
-module.exports = {
+  renewToken(ctx) {
-  login,
+    const { token } = ctx.request.body;
+
+    if (token === undefined) {
+      return ctx.badRequest('Token is required.');
+    }
+
+    const { isValid, payload } = strapi.admin.services.auth.decodeToken(token);
+
+    if (!isValid) {
+      return ctx.badRequest('Invalid token.');
+    }
+
+    ctx.body = {
+      data: {
+        token: strapi.admin.services.auth.createJwtToken(payload.id),
+      },
+    };
+  },
 };

packages/strapi-admin/services/auth.js

@@ -8,7 +8,7 @@ const sanitizeUser = user => {
   return _.omit(user, ['password', 'resetPasswordToken']);
 };
 
-const defaultOptions = { expiresIn: '30d' };
+const defaultOptions = { expiresIn: '1s' };
 
 const getJWTOptions = () => {
   const { options, secret } = strapi.config.get('server.admin.jwt', {});
@@ -78,6 +78,17 @@ const checkCredentials = async ({ email, password }) => {
   return [null, user];
 };
 
+const decodeToken = token => {
+  const { secret } = getJWTOptions();
+
+  try {
+    const payload = jwt.verify(token, secret);
+    return { payload, isValid: true };
+  } catch (err) {
+    return { payloda: null, isValid: false };
+  }
+};
+
 module.exports = {
   checkCredentials,
   createJwtToken,
@@ -85,4 +96,5 @@ module.exports = {
   validatePassword,
   hashPassword,
   getJWTOptions,
+  decodeToken,
 };