From ae5823ca46929688afab099dd203edf7ef9fa0d3 Mon Sep 17 00:00:00 2001 From: Dominic Grimm Date: Sun, 6 Feb 2022 19:44:00 +0100 Subject: [PATCH] Admins have 6 hours JWT expiration instead of 24 --- docker/backend/src/backend/api/auth.cr | 2 +- docker/backend/src/backend/api/schema/mutation.cr | 5 ++++- docker/backend/src/backend/cli.cr | 2 -- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/docker/backend/src/backend/api/auth.cr b/docker/backend/src/backend/api/auth.cr index 4bbc0b5..533e303 100644 --- a/docker/backend/src/backend/api/auth.cr +++ b/docker/backend/src/backend/api/auth.cr @@ -11,7 +11,7 @@ module Backend JWT.encode({"data" => data.to_h, "exp" => expiration}, Backend.config.api.jwt_secret, JWT::Algorithm::HS256) end - def create_user_jwt(user_id : Int, expiration : Int = (Time.utc + Time::Span.new(days: 1)).to_unix) : String + def create_user_jwt(user_id : Int, expiration : Int) : String create_jwt({user_id: user_id}, expiration) end diff --git a/docker/backend/src/backend/api/schema/mutation.cr b/docker/backend/src/backend/api/schema/mutation.cr index 34326ca..219d931 100644 --- a/docker/backend/src/backend/api/schema/mutation.cr +++ b/docker/backend/src/backend/api/schema/mutation.cr @@ -14,7 +14,10 @@ module Backend LoginPayload.new( user: User.new(user), - token: Auth.create_user_jwt(user.id.not_nil!.to_i), + token: Auth.create_user_jwt( + user.id.not_nil!.to_i, + (Time.utc + (user.admin ? Time::Span.new(hours: 6) : Time::Span.new(days: 1))).to_unix + ), ) end diff --git a/docker/backend/src/backend/cli.cr b/docker/backend/src/backend/cli.cr index 848c1b7..414a72e 100644 --- a/docker/backend/src/backend/cli.cr +++ b/docker/backend/src/backend/cli.cr @@ -59,8 +59,6 @@ module Backend puts "Role: #{user.role}" puts "Admin: #{user.admin}" puts "---" - puts "Token: #{Api::Auth.create_user_jwt(user_id: user.id.not_nil!)}" - puts "---" end end end