token life time in database and set default to 24 hours (#315)

* update * update * update
swuecho · May 16, 2023 · 795ca48 · 795ca48
1 parent 5e4c0a6
commit 795ca48
Show file tree

Hide file tree

Showing 6 changed files with 17 additions and 9 deletions.
diff --git a/api/auth/token.go b/api/auth/token.go
@@ -34,8 +34,8 @@ func GenJwtSecretAndAudience() (string, string) {
 	return secret, audience
 }
 
-func GenerateToken(userID int32, role string, secret, jwt_audience string) (string, error) {
-	expires := time.Now().Add(time.Hour * 8).Unix()
+func GenerateToken(userID int32, role string, secret, jwt_audience string, lifetime time.Duration) (string, error) {
+	expires := time.Now().Add(lifetime).Unix()
 	notBefore := time.Now().Unix()
 	issuer := "https://www.bestqa.net"
 

diff --git a/api/auth/token_test.go b/api/auth/token_test.go
@@ -3,12 +3,14 @@ package auth
 import (
 	"fmt"
 	"testing"
+	"time"
 )
 
 func TestGenerateToken(t *testing.T) {
 	user_id := int32(0)
 	secret := "abedefg"
-	token, err := GenerateToken(user_id, "user", secret, "aud")
+	lifetime := 8 * time.Hour 
+	token, err := GenerateToken(user_id, "user", secret, "aud", lifetime)
 	if err != nil {
 		t.Fatalf("error generating password hash: %v", err)
 	}

diff --git a/api/chat_auth_user_handler.go b/api/chat_auth_user_handler.go
@@ -131,8 +131,8 @@ func (h *AuthUserHandler) SignUp(w http.ResponseWriter, r *http.Request) {
 		http.Error(w, eris.Wrap(err, "failed to create user ").Error(), http.StatusInternalServerError)
 		return
 	}
-
-	tokenString, err := auth.GenerateToken(user.ID, user.Role(), jwtSecretAndAud.Secret, jwtSecretAndAud.Audience)
+	lifetime := time.Duration(jwtSecretAndAud.Lifetime) * time.Hour
+	tokenString, err := auth.GenerateToken(user.ID, user.Role(), jwtSecretAndAud.Secret, jwtSecretAndAud.Audience, lifetime)
 	if err != nil {
 		http.Error(w, "failed to generate token", http.StatusInternalServerError)
 		return
@@ -163,7 +163,8 @@ func (h *AuthUserHandler) Login(w http.ResponseWriter, r *http.Request) {
 		RespondWithError(w, http.StatusUnauthorized, "error.invalid_email_or_password", err)
 		return
 	}
-	token, err := auth.GenerateToken(user.ID, user.Role(), jwtSecretAndAud.Secret, jwtSecretAndAud.Audience)
+	lifetime := time.Duration(jwtSecretAndAud.Lifetime) * time.Hour
+	token, err := auth.GenerateToken(user.ID, user.Role(), jwtSecretAndAud.Secret, jwtSecretAndAud.Audience, lifetime)
 
 	if err != nil {
 		RespondWithError(w, http.StatusInternalServerError, "error.fail_to_generate_token", err)

diff --git a/api/sqlc/schema.sql b/api/sqlc/schema.sql
@@ -2,9 +2,11 @@ CREATE TABLE IF NOT EXISTS jwt_secrets (
     id SERIAL PRIMARY KEY,
     name TEXT NOT NULL,
     secret TEXT NOT NULL,
-    audience TEXT NOT NULL
+    audience TEXT NOT NULL,
+    lifetime smallint NOT NULL default 24
 );
 
+ALTER TABLE jwt_secrets ADD COLUMN IF NOT EXISTS lifetime smallint NOT NULL default 24;
 
 CREATE TABLE IF NOT EXISTS chat_model (
   id SERIAL PRIMARY KEY,  

diff --git a/api/sqlc_queries/jwt_secrets.sql.go b/api/sqlc_queries/jwt_secrets.sql.go
diff --git a/api/sqlc_queries/models.go b/api/sqlc_queries/models.go