feat: refresh token

agmmtoo · agmmtoo · commit 40269adc0bc6 · 2026-01-18T15:29:48.000+06:30
diff --git a/.env.example b/.env.example
@@ -6,6 +6,7 @@ FIREBASE_AUTH_DOMAIN=
 FIREBASE_PROJECT_ID=
 
 SESSION_COOKIE_NAME=
+REFRESH_TOKEN_COOKIE_NAME=
 LIBRARY_COOKIE_NAME=
 GOOGLE_APPLICATION_CREDENTIALS=/path/to/serviceAccountKey.json
 
diff --git a/components/borrows/TabLink.tsx b/components/borrows/TabLink.tsx
@@ -15,7 +15,7 @@ export const TabLink = <T extends string>({
   return (
     <div
       className={cn(
-        'inline-flex gap-2 w-fit items-center justify-center rounded-lg bg-muted text-muted-foreground p-[3px] flex-wrap',
+        'inline-flex gap-2 w-fit items-center justify-center rounded-lg bg-muted text-muted-foreground p-0.75 flex-wrap',
         className
       )}
     >
diff --git a/components/dashboard/AnalysisChartsWrapper.tsx b/components/dashboard/AnalysisChartsWrapper.tsx
@@ -3,6 +3,7 @@ import { MostBorrowedBookChart } from './MostBorrowedBookChart'
 import { MontlyBorrowChart } from './MontlyBorrowChart'
 import { TopMembershipChart } from './TopMembershipChart'
 import { getAnalysis } from '@/lib/api/analysis'
+import { format } from 'date-fns'
 
 type AnalysisChartsWrapperProps = {
   libraryId: string
@@ -37,12 +38,18 @@ export async function AnalysisChartsWrapper({
     )
   }
 
+  const formattedFrom = format(from, 'LLL dd, yyyy')
+  const formattedTo = format(to, 'LLL dd, yyyy')
   return (
     <>
       <MostBorrowedBookChart data={res.data.book} />
       <TopMembershipChart data={res.data.membership} />
       <MontlyBorrowChart data={res.data.borrowing} />
-      <MonthlyRevenueChart data={res.data.revenue} />
+      <MonthlyRevenueChart
+        data={res.data.revenue}
+        from={formattedFrom}
+        to={formattedTo}
+      />
     </>
   )
 }
diff --git a/components/dashboard/HeatmapChart.tsx b/components/dashboard/HeatmapChart.tsx
@@ -99,7 +99,7 @@ export const HeatmapChart: React.FC<HeatmapChartProps> = ({
       return {
         x: decimalHour,
         y: localDayOfWeek,
-        z: count * 20, // Scale up for bubble size
+        z: count, // Scale up for bubble size
         count,
         day: dayNames[localDayOfWeek],
         time: formatTime(localHour, localMinute),
diff --git a/components/dashboard/MonthlyRevenueChart.tsx b/components/dashboard/MonthlyRevenueChart.tsx
@@ -1,6 +1,5 @@
 'use client'
 
-// import { TrendingUp } from 'lucide-react'
 import { Area, AreaChart, CartesianGrid, XAxis } from 'recharts'
 
 import {
@@ -19,9 +18,6 @@ import {
 } from '@/components/ui/chart'
 import { Analysis } from '@/lib/types/analysis'
 import { formatDate } from '@/lib/utils'
-import { useSearchParams } from 'next/navigation'
-import { format, parse } from 'date-fns'
-import { useMemo } from 'react'
 
 const chartConfig = {
   subscription: {
@@ -34,20 +30,15 @@ const chartConfig = {
   },
 } satisfies ChartConfig
 
-export function MonthlyRevenueChart({ data }: { data: Analysis['revenue'] }) {
-  const params = useSearchParams()
-  const paramFrom = params.get('from') as string
-  const paramTo = params.get('to') as string
-
-  const [from, to] = useMemo(() => {
-    const from = format(
-      parse(paramFrom, 'dd-MM-yyyy', new Date()),
-      'LLL dd, yyyy'
-    )
-    const to = format(parse(paramTo, 'dd-MM-yyyy', new Date()), 'LLL dd, yyyy')
-    return [from, to]
-  }, [paramFrom, paramTo])
-
+export function MonthlyRevenueChart({
+  data,
+  from,
+  to,
+}: {
+  data: Analysis['revenue']
+  from: string
+  to: string
+}) {
   return (
     <Card>
       <CardHeader>
@@ -111,15 +102,13 @@ export function MonthlyRevenueChart({ data }: { data: Analysis['revenue'] }) {
               fill="url(#fillFine)"
               fillOpacity={0.4}
               stroke="var(--color-fine)"
-              stackId="a"
             />
             <Area
               dataKey="subscription"
               type="natural"
               fill="url(#fillSubscription)"
               fillOpacity={0.4}
               stroke="var(--color-subscription)"
-              stackId="a"
             />
           </AreaChart>
         </ChartContainer>
diff --git a/components/dashboard/MontlyBorrowChart.tsx b/components/dashboard/MontlyBorrowChart.tsx
@@ -83,7 +83,7 @@ export function MontlyBorrowChart({ data }: { data: Analysis['borrowing'] }) {
               dataKey="total_borrow"
               type="natural"
               stroke="var(--color-total_borrow)"
-              strokeWidth={2}
+              strokeWidth={1}
               dot={false}
               activeDot={{
                 r: 6,
@@ -93,7 +93,7 @@ export function MontlyBorrowChart({ data }: { data: Analysis['borrowing'] }) {
               dataKey="total_return"
               type="natural"
               stroke="var(--color-total_return)"
-              strokeWidth={2}
+              strokeWidth={1}
               dot={false}
               activeDot={{
                 r: 6,
diff --git a/lib/actions/login.ts b/lib/actions/login.ts
@@ -42,13 +42,25 @@ export async function loginAction(
 
   const user = userCredentials.user
   const sessionName = process.env.SESSION_COOKIE_NAME as string
+  const refreshTokenName = process.env.REFRESH_TOKEN_COOKIE_NAME as string
   const result = await user.getIdTokenResult()
   const token = result.token
+  const refreshToken = userCredentials.user.refreshToken
   const maxAge =
     new Date(result.expirationTime).getTime() - new Date().getTime()
   const cookieStore = await cookies()
+
+  // Store ID token
   cookieStore.set(sessionName, token, {
-    maxAge,
+    maxAge: Math.floor(maxAge / 1000), // Convert milliseconds to seconds
+    httpOnly: true,
+    secure: true,
+    sameSite: 'strict',
+  })
+
+  // Store refresh token (longer expiration)
+  cookieStore.set(refreshTokenName, refreshToken, {
+    maxAge: 30 * 24 * 60 * 60, // 30 days in seconds
     httpOnly: true,
     secure: true,
     sameSite: 'strict',
diff --git a/lib/actions/logout.ts b/lib/actions/logout.ts
@@ -5,5 +5,7 @@ import { cookies } from 'next/headers'
 export async function logoutAction() {
   const cookieStore = await cookies()
   const sessionName = process.env.SESSION_COOKIE_NAME as string
+  const refreshTokenName = process.env.REFRESH_TOKEN_COOKIE_NAME as string
   cookieStore.delete(sessionName)
+  cookieStore.delete(refreshTokenName)
 }
diff --git a/proxy.ts b/proxy.ts
@@ -1,8 +1,135 @@
 import { NextResponse } from 'next/server'
 import { NextRequest, ProxyConfig } from 'next/server'
+import { getAuth } from 'firebase-admin/auth'
+import { adminApp } from './lib/firebase/admin'
+
+const auth = getAuth(adminApp)
 
 export async function proxy(request: NextRequest) {
-  if (!request.cookies.has(process.env.SESSION_COOKIE_NAME!)) {
+  const sessionName = process.env.SESSION_COOKIE_NAME!
+  const refreshTokenName = process.env.REFRESH_TOKEN_COOKIE_NAME!
+  const refreshToken = request.cookies.get(refreshTokenName)?.value
+  const idToken = request.cookies.get(sessionName)?.value
+
+  // If neither token exists, redirect to login
+  if (!idToken && !refreshToken) {
+    const loginUrl = new URL('/login', request.url)
+    loginUrl.searchParams.set('from', request.nextUrl.pathname)
+    return NextResponse.redirect(loginUrl)
+  }
+
+  // If ID token is missing but refresh token exists, try to refresh
+  if (!idToken && refreshToken) {
+    try {
+      console.log('proxy: ID token missing, refreshing with refresh token')
+      const refreshResponse = await fetch(
+        `https://securetoken.googleapis.com/v1/token?key=${process.env.FIREBASE_API_KEY}`,
+        {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+          body: new URLSearchParams({
+            grant_type: 'refresh_token',
+            refresh_token: refreshToken,
+          }),
+        }
+      )
+
+      if (!refreshResponse.ok) {
+        throw new Error('Failed to refresh token')
+      }
+
+      const data = await refreshResponse.json()
+      const newIdToken = data.id_token
+      const newRefreshToken = data.refresh_token
+
+      const decodedToken = await auth.verifyIdToken(newIdToken)
+      const expiresIn = decodedToken.exp * 1000 - Date.now()
+
+      const response = NextResponse.next()
+
+      response.cookies.set(sessionName, newIdToken, {
+        maxAge: Math.floor(expiresIn / 1000),
+        httpOnly: true,
+        secure: true,
+        sameSite: 'strict',
+      })
+
+      response.cookies.set(refreshTokenName, newRefreshToken, {
+        maxAge: 30 * 24 * 60 * 60, // 30 days
+        httpOnly: true,
+        secure: true,
+        sameSite: 'strict',
+      })
+
+      return response
+    } catch (refreshError) {
+      console.error('Token refresh failed:', refreshError)
+      const loginUrl = new URL('/login', request.url)
+      loginUrl.searchParams.set('from', request.nextUrl.pathname)
+      return NextResponse.redirect(loginUrl)
+    }
+  }
+
+  // ID token exists, verify it
+  try {
+    await auth.verifyIdToken(idToken!)
+    return NextResponse.next()
+  } catch (error: any) {
+    console.log('proxy: Token verification error:', error)
+
+    // Token is expired, try to refresh
+    if (error?.code === 'auth/id-token-expired' && refreshToken) {
+      try {
+        console.log('proxy: ID token expired, refreshing')
+        const refreshResponse = await fetch(
+          `https://securetoken.googleapis.com/v1/token?key=${process.env.FIREBASE_API_KEY}`,
+          {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+            body: new URLSearchParams({
+              grant_type: 'refresh_token',
+              refresh_token: refreshToken,
+            }),
+          }
+        )
+
+        if (!refreshResponse.ok) {
+          throw new Error('Failed to refresh token')
+        }
+
+        const data = await refreshResponse.json()
+        const newIdToken = data.id_token
+        const newRefreshToken = data.refresh_token
+
+        const decodedToken = await auth.verifyIdToken(newIdToken)
+        const expiresIn = decodedToken.exp * 1000 - Date.now()
+
+        const response = NextResponse.next()
+
+        response.cookies.set(sessionName, newIdToken, {
+          maxAge: Math.floor(expiresIn / 1000),
+          httpOnly: true,
+          secure: true,
+          sameSite: 'strict',
+        })
+
+        response.cookies.set(refreshTokenName, newRefreshToken, {
+          maxAge: 30 * 24 * 60 * 60, // 30 days
+          httpOnly: true,
+          secure: true,
+          sameSite: 'strict',
+        })
+
+        return response
+      } catch (refreshError) {
+        console.error('Token refresh failed:', refreshError)
+        const loginUrl = new URL('/login', request.url)
+        loginUrl.searchParams.set('from', request.nextUrl.pathname)
+        return NextResponse.redirect(loginUrl)
+      }
+    }
+
+    // Token is revoked or invalid, redirect to login
     const loginUrl = new URL('/login', request.url)
     loginUrl.searchParams.set('from', request.nextUrl.pathname)
     return NextResponse.redirect(loginUrl)

Original file line number	Diff line number	Diff line change
`@@ -15,7 +15,7 @@ export const TabLink = <T extends string>({`
`15`	`15`	`return (`
`16`	`16`	`<div`
`17`	`17`	`className={cn(`
`18`		`- 'inline-flex gap-2 w-fit items-center justify-center rounded-lg bg-muted text-muted-foreground p-[3px] flex-wrap',`
	`18`	`+ 'inline-flex gap-2 w-fit items-center justify-center rounded-lg bg-muted text-muted-foreground p-0.75 flex-wrap',`
`19`	`19`	`className`
`20`	`20`	`)}`
`21`	`21`	`>`
Original file line number	Diff line number	Diff line change
`@@ -5,5 +5,7 @@ import { cookies } from 'next/headers'`
`5`	`5`	`export async function logoutAction() {`
`6`	`6`	`const cookieStore = await cookies()`
`7`	`7`	`const sessionName = process.env.SESSION_COOKIE_NAME as string`
	`8`	`+ const refreshTokenName = process.env.REFRESH_TOKEN_COOKIE_NAME as string`
`8`	`9`	`cookieStore.delete(sessionName)`
	`10`	`+ cookieStore.delete(refreshTokenName)`
`9`	`11`	`}`