From d7599a03af1ff70287618ac1d15985b62561e2d0 Mon Sep 17 00:00:00 2001 From: Dominic Grimm Date: Thu, 20 Jan 2022 20:45:28 +0100 Subject: [PATCH 1/2] Updated expiration of jwt --- docker/backend/src/mw/auth.cr | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/backend/src/mw/auth.cr b/docker/backend/src/mw/auth.cr index 5da55e4..3906438 100644 --- a/docker/backend/src/mw/auth.cr +++ b/docker/backend/src/mw/auth.cr @@ -26,7 +26,7 @@ module MW JWT.encode(payload.to_h, ENV_REQUESTER["BACKEND_JWT_SECRET"], JWT::Algorithm::HS256) end - def create_user_jwt(user_id : Int, expiration : Int = (Time.utc + Time::Span.new(days: 1)).to_unix) : String + def create_user_jwt(user_id : Int, expiration : Int = (Time.utc + Time::Span.new(hours: 6)).to_unix) : String create_jwt({user_id: user_id}, expiration) end From 192e8b632f0c4c0a02155062c75c462f38dcf9a6 Mon Sep 17 00:00:00 2001 From: Dominic Grimm Date: Thu, 20 Jan 2022 21:00:37 +0100 Subject: [PATCH 2/2] Added update password method --- docker/backend/src/mw/schema/mutation.cr | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/docker/backend/src/mw/schema/mutation.cr b/docker/backend/src/mw/schema/mutation.cr index 2ae8a96..9762ba2 100644 --- a/docker/backend/src/mw/schema/mutation.cr +++ b/docker/backend/src/mw/schema/mutation.cr @@ -15,6 +15,22 @@ module MW ) end + @[GraphQL::Field] + def update_password(context : Context, password : String) : LoginPayload + context.authenticated! + + if Auth.verify_password?(password, context.user.not_nil!.password) + raise "New password must be different from old password" + end + + context.user.not_nil!.update!(password: Auth.hash_password(password)) + + LoginPayload.new( + user: User.new(context.user.not_nil!), + token: Auth.create_user_jwt(context.user.not_nil!.id.not_nil!.to_i), + ) + end + @[GraphQL::Field] def create_user(context : Context, input : UserCreateInput) : User context.admin!