Fix JWT expire time going crazy. Now set to 1day

2025-08-16 22:06:51 +00:00 · 2020-02-19 13:01:34 +10:00
parent e09b427081
commit 0ec4f63926
2 changed files with 140 additions and 152 deletions
--- a/backend/internal/token.js
+++ b/backend/internal/token.js
@@ -20,7 +20,7 @@ module.exports = {
 		let Token = new TokenModel();

 		data.scope  = data.scope || 'user';
-        data.expiry = data.expiry || '30d';
+		data.expiry = data.expiry || '1d';

 		return userModel
 			.query()
@@ -59,9 +59,8 @@ module.exports = {
 												attrs: {
 													id: user.id
 												},
-                                                scope: [data.scope]
-                                            }, {
-                                                expires: expiry.unix()
+												scope:     [data.scope],
+												expiresIn: data.expiry
 											})
 												.then(signed => {
 													return {
@@ -94,7 +93,7 @@ module.exports = {
 		let Token = new TokenModel();

 		data        = data || {};
-        data.expiry = data.expiry || '30d';
+		data.expiry = data.expiry || '1d';

 		if (access && access.token.getUserId(0)) {

@@ -121,9 +120,8 @@ module.exports = {
 			return Token.create({
 				iss:       'api',
 				scope:     scope,
-                attrs: token_attrs
-            }, {
-                expiresIn: expiry.unix()
+				attrs:     token_attrs,
+				expiresIn: data.expiry
 			})
 				.then(signed => {
 					return {
@@ -140,18 +138,18 @@ module.exports = {
 	 * @param   {Object} user
 	 * @returns {Promise}
 	 */
-    getTokenFromUser: user => {
-        let Token  = new TokenModel();
-        let expiry = helpers.parseDatePeriod('1d');
+	getTokenFromUser: (user) => {
+		const expire = '1d';
+		const Token  = new TokenModel();
+		const expiry = helpers.parseDatePeriod(expire);

 		return Token.create({
 			iss:   'api',
 			attrs: {
 				id: user.id
 			},
-            scope: ['user']
-        }, {
-            expiresIn: expiry.unix()
+			scope:     ['user'],
+			expiresIn: expire
 		})
 			.then(signed => {
 				return {
--- a/backend/models/token.js
+++ b/backend/models/token.js
@@ -19,23 +19,15 @@ module.exports = function () {
    let self = {
        /**
         * @param {Object}  payload
-         * @param {Object}  [user_options]
-         * @param {Integer} [user_options.expires]
         * @returns {Promise}
         */
-        create: (payload, user_options) => {
-
-            user_options = user_options || {};
-
+        create: (payload) => {
            // sign with RSA SHA256
            let options = {
-                algorithm: ALGO
+                algorithm: ALGO,
+                expiresIn: payload.expiresIn || '1d'
            };

-            if (typeof user_options.expires !== 'undefined' && user_options.expires) {
-                options.expiresIn = user_options.expires;
-            }
-
            payload.jti = crypto.randomBytes(12)
                .toString('base64')
                .substr(-8);
@@ -51,10 +43,8 @@ module.exports = function () {
                            payload: payload
                        });
                    }
-
                });
            });
-
        },

        /**