WIP: Refresh Token

[gitwoz]

Reverts #4581

[cursor]

Bug: Null Token Handling in `setCookie` Function

The setCookie function uses jwt.decode() for accessToken and refreshToken without null checking. If a token is malformed, jwt.decode() returns null, causing a runtime TypeError (e.g., "Cannot read property 'exp' of null") when attempting to access the .exp property to determine cookie expiration. This can lead to application crashes when setting authentication cookies.

src/common/utils/cookie.ts#L83-L101

matters-server/src/common/utils/cookie.ts

Lines 83 to 101 in 5ab38e6

	// cookie:accessToken - Contains user authentication JWT (1 hour)
	if (accessToken) {
	const payload = jwt.decode(accessToken) as { exp: number }
	const accessCookieOptions = getCookieOptions({
	req,
	expires: new Date(payload.exp * 1000),
	})
	res.cookie(COOKIE_ACCESS_TOKEN_NAME, accessToken, accessCookieOptions)
	}
	// cookie:refreshToken - Contains refresh token (30 days)
	if (refreshToken) {
	const payload = jwt.decode(refreshToken) as { exp: number }
	const refreshCookieOptions = getCookieOptions({
	req,
	expires: new Date(payload.exp * 1000),
	})
	res.cookie(COOKIE_REFRESH_TOKEN_NAME, refreshToken, refreshCookieOptions)
	}

Fix in Cursor

---

Was this report helpful? Give feedback by reacting with 👍 or 👎

[codecov]

Codecov Report

❌ Patch coverage is 38.06452% with 96 lines in your changes missing coverage. Please review.
✅ Project coverage is 55.71%. Comparing base (f2cc812) to head (5ab38e6).
⚠️ Report is 427 commits behind head on develop.

Files with missing lines	Patch %	Lines
src/mutations/user/refreshToken.ts	2.77%	31 Missing and 4 partials ⚠️
src/common/utils/getViewer.ts	22.22%	19 Missing and 2 partials ⚠️
src/connectors/userService.ts	40.00%	16 Missing and 2 partials ⚠️
src/common/utils/cookie.ts	6.66%	12 Missing and 2 partials ⚠️
src/mutations/user/verifyEmail.ts	28.57%	5 Missing ⚠️
src/mutations/user/socialLogin.ts	0.00%	2 Missing ⚠️
src/mutations/user/userLogout.ts	0.00%	1 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff             @@
##           develop    #4582      +/-   ##
===========================================
- Coverage    56.40%   55.71%   -0.70%     
===========================================
  Files          973      975       +2     
  Lines        19074    19179     +105     
  Branches      4032     4052      +20     
===========================================
- Hits         10759    10685      -74     
- Misses        7575     7730     +155     
- Partials       740      764      +24     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.