feat(auth): เพิ่ม remember me

wanasart · wanasart · commit 46446c468c4c · 2025-08-31T19:45:04.000+07:00
diff --git a/server/src/controllers/auth.controller.ts b/server/src/controllers/auth.controller.ts
@@ -10,6 +10,12 @@ const COOKIE_NAME = process.env.COOKIE_NAME || 'access_token';
 const COOKIE_DOMAIN = process.env.COOKIE_DOMAIN || undefined; // เช่น ".example.com"
 const COOKIE_SAMESITE = (process.env.COOKIE_SAMESITE as 'lax' | 'none' | 'strict') || 'lax';
 const COOKIE_MAX_AGE_MS = Number(process.env.COOKIE_MAX_AGE_MS ?? 60 * 60 * 1000);
+const COOKIE_MAX_AGE_REMEMBER_MS = Number(
+  process.env.COOKIE_MAX_AGE_REMEMBER_MS ?? 7 * 24 * 60 * 60 * 1000
+);
+const COOKIE_MAX_AGE_TEST_MS = Number(
+  process.env.COOKIE_MAX_AGE_TEST_MS ?? 5000
+);
 
 const cookieBase = {
   httpOnly: true,
@@ -34,15 +40,23 @@ const cookieBase = {
  * @author Wanasart
  */
 export async function login(req: Request, res: Response, next: NextFunction) {
-  console.log('LOGIN body:', req.body);
-
   try {
-    const { usernameOrEmail, password } = req.body;
-    const user = await AuthService.authenticateUser(usernameOrEmail, password);
+    const { usernameOrEmail, password, remember } = req.body as {
+      usernameOrEmail: string; password: string; remember?: boolean;
+    };
+
+    const user = await AuthService.authenticateUser(usernameOrEmail, password, !!remember);
 
-    const token = AuthService.createSessionToken({ id: user.usr_id, role: user.usr_role }); // Generate a token for the user
+    // ⬇️ ออกโทเค็นตามอายุที่เลือก (1h หรือ 7d)
+    const token = AuthService.createSessionToken(
+      { id: user.usr_id, role: user.usr_role },
+      { remember: !!remember }
+    );
 
-    res.cookie(COOKIE_NAME, token, { ...cookieBase, maxAge: COOKIE_MAX_AGE_MS });
+    // ⬇️ ตั้งอายุคุกกี้ตาม remember
+    const maxAge = !!remember ? COOKIE_MAX_AGE_REMEMBER_MS : COOKIE_MAX_AGE_MS;
+    // const maxAge = !!remember ? COOKIE_MAX_AGE_TEST_MS : COOKIE_MAX_AGE_MS; // ⬅️ สำหรับทดสอบ
+    res.cookie(COOKIE_NAME, token, { ...cookieBase, maxAge });
 
     return res.json({ message: 'Login successful', success: true, user });
   } catch (err) {
@@ -126,28 +140,23 @@ export async function register(req: Request, res: Response, next: NextFunction)
  * @author Wanasart
  */
 export async function me(req: Request, res: Response, next: NextFunction) {
-  res.set({
-    'Cache-Control': 'no-store',
-    'Pragma': 'no-cache',
-    'Vary': 'Cookie',
-  });
+  res.set({ 'Cache-Control': 'no-store', 'Pragma': 'no-cache', 'Vary': 'Cookie' });
 
   try {
-    const token = req.cookies?.access_token;
+    const token = req.cookies?.[COOKIE_NAME]; // ⬅️ ใช้ COOKIE_NAME
     if (!token) return res.status(401).json({ error: 'Unauthenticated' });
 
-    const payload = verifySessionToken(token); // { id, role }
+    const payload = verifySessionToken(token);
     const user = await getUserSafeById(payload.id);
     if (!user) return res.status(401).json({ error: 'User not found' });
 
-    // ส่งเฉพาะ field ที่ใช้แสดงผล
     return res.json({
       usr_id: user.usr_id,
       usr_username: user.usr_username,
       usr_email: user.usr_email,
       usr_role: user.usr_role,
     });
-  } catch (err) {
+  } catch {
     return res.status(401).json({ error: 'Invalid token' });
   }
 }
diff --git a/server/src/services/auth.service.ts b/server/src/services/auth.service.ts
@@ -8,7 +8,9 @@ import { UserRow, UserSafe } from '../models/users.model';
 
 const JWT_SECRET = process.env.JWT_SECRET || 'dev-secret';
 const JWT_EXPIRES = process.env.JWT_EXPIRES || '1h';
+const JWT_EXPIRES_REMEMBER = process.env.JWT_EXPIRES_REMEMBER || '7d'; // ⬅️ เพิ่มบรรทัดนี้
 const BCRYPT_ROUNDS = Number(process.env.BCRYPT_ROUNDS) || 12;
+const JWT_EXPIRES_TEST = process.env.JWT_EXPIRES_TEST;
 
 /**
  * สร้าง JWT session token จาก payload
@@ -18,9 +20,14 @@ const BCRYPT_ROUNDS = Number(process.env.BCRYPT_ROUNDS) || 12;
  *
  * @author Wanasart
  */
-export function createSessionToken(payload: { id: number, role: string }) {
-    return jwt.sign(payload, JWT_SECRET, { expiresIn: JWT_EXPIRES });
-}
+export function createSessionToken(
+    payload: { id: number; role: string },
+    opts?: { remember?: boolean; expiresIn?: string | number }
+  ) {
+    const expiresIn = opts?.expiresIn ?? (opts?.remember ? JWT_EXPIRES_REMEMBER : JWT_EXPIRES);
+    // const expiresIn = opts?.expiresIn ?? (opts?.remember ? JWT_EXPIRES_TEST : JWT_EXPIRES); // ⬅️ สำหรับทดสอบ
+    return jwt.sign(payload, JWT_SECRET, { expiresIn });
+  }
 
 /**
  * ตรวจสอบความถูกต้องของ JWT session token
@@ -61,7 +68,7 @@ function toUserSafe(user: UserRow): UserSafe {
  *
  * @author Wanasart
  */
-export async function authenticateUser(usernameOrEmail: string, password: string) {
+export async function authenticateUser(usernameOrEmail: string, password: string, remember: boolean = false): Promise<UserSafe> {
     // console.log(`Authenticating user: ${usernameOrEmail} with password: ${password}`);
     const { rows } = await pool.query<UserRow>(`
         SELECT * FROM users 
