get access token from cookie instead of auth header

src/modules/auth/auth.controller.ts

@@ -48,8 +48,14 @@ export class AuthController {
     const userData = req.user.data
     res.cookie('refreshToken', userData.refreshToken, {
       httpOnly: true,
-      // secure: true,
+      sameSite: 'none',
       path: '/v1/auth/refresh-token',
+      secure: true,
+    })
+    res.cookie('accessToken', userData.accessToken, {
+      httpOnly: true,
+      sameSite: 'none',
+      secure: true,
     })
     return { accessToken: req.user.data.accessToken }
   }

src/modules/auth/strategies/jwt.strategy.ts

@@ -4,6 +4,7 @@ import { ExtractJwt, Strategy } from 'passport-jwt'
 import { AuthService } from '../auth.service'
 import { AppSettings } from '../../../settings/app-settings'
 import { UsersService } from '../../users/services/users.service'
+import { Request as RequestType } from 'express'
 
 @Injectable()
 export class JwtStrategy extends PassportStrategy(Strategy) {
@@ -13,7 +14,10 @@ export class JwtStrategy extends PassportStrategy(Strategy) {
     private userService: UsersService
   ) {
     super({
-      jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
+      jwtFromRequest: ExtractJwt.fromExtractors([
+        JwtStrategy.extractJWT,
+        ExtractJwt.fromAuthHeaderAsBearerToken(),
+      ]),
       ignoreExpiration: false,
       secretOrKey: appSettings.auth.ACCESS_JWT_SECRET_KEY,
     })
@@ -26,4 +30,11 @@ export class JwtStrategy extends PassportStrategy(Strategy) {
     }
     return user
   }
+
+  private static extractJWT(req: RequestType): string | null {
+    if (req.cookies && 'accessToken' in req.cookies && req.cookies.accessToken.length > 0) {
+      return req.cookies.accessToken
+    }
+    return null
+  }
 }