fix(auth): make the JWT expire always

internxt · Jun 12, 2024 · cff5733 · cff5733
1 parent 0f286cd
commit cff5733
Show file tree

Hide file tree

Showing 5 changed files with 6 additions and 18 deletions.
diff --git a/src/app/routes/auth.ts b/src/app/routes/auth.ts
@@ -156,7 +156,7 @@ export class AuthController {
     this.service.User.UpdateAccountActivity(req.body.email);
     const userBucket = await this.service.User.GetUserBucket(userData);
 
-    const newToken = SignNewToken(userData, this.config.get('secrets').JWT);
+    const newToken = SignNewToken(userData, this.config.get('secrets').JWT, true);
     const keyExists = await this.service.KeyServer.keysExists(userData);
 
     if (!keyExists && req.body.publicKey) {
@@ -205,20 +205,13 @@ export class AuthController {
     };
 
     const userTeam = null;
-    // TODO: Not working. Team members can not use team workspace due to this
-    // if (userTeam) {
-    //   const tokenTeam = Sign(userTeam.bridge_user, App.config.get('secrets').JWT, internxtClient === 'drive-web');
 
-    //   return res.status(200).json({
-    //     user, token, userTeam, tokenTeam
-    //   });
-    // }
     return res.status(200).json({ user, token, userTeam, newToken });
   }
 
   async getNewToken(req: Request, res: Response) {
     const authRequest = req as Request & { user: UserAttributes };
-    const newToken = SignNewToken(authRequest.user, this.config.get('secrets').JWT);
+    const newToken = SignNewToken(authRequest.user, this.config.get('secrets').JWT, true);
 
     return res.status(200).json({ newToken });
   }

diff --git a/src/app/routes/routes.ts b/src/app/routes/routes.ts
@@ -69,12 +69,7 @@ export default (router: Router, service: any, App: any): Router => {
       service.User.GetUserBucket(userData),
     ]);
 
-    const internxtClient = req.headers['internxt-client'];
-    const token = Sign(
-      userData.email,
-      App.config.get('secrets').JWT,
-      internxtClient === 'drive-web',
-    );
+    const token = Sign(userData.email, App.config.get('secrets').JWT, true);
 
     const user = {
       email: userData.email,

diff --git a/src/app/routes/user.js b/src/app/routes/user.js
@@ -17,7 +17,7 @@ module.exports = (Router, Service, App) => {
     Service.User.UpdatePasswordMnemonic(req.user, currentPassword, newPassword, newSalt, mnemonic, privateKey)
       .then(() => {
         const token = SignWithFutureIAT(req.user.email, App.config.get('secrets').JWT);
-        const newToken = SignNewTokenWithFutureIAT(req.user, App.config.get('secrets').JWT);
+        const newToken = SignNewTokenWithFutureIAT(req.user, App.config.get('secrets').JWT, true);
         res.status(200).send({ token, newToken });
       })
       .catch((err) => {

diff --git a/src/app/services/stripe.js b/src/app/services/stripe.js
@@ -48,7 +48,7 @@ module.exports = () => {
 
   const userExistsInPayments = async (user) => {
     const paymentsUrl = process.env.PAYMENTS_SERVER_URL;
-    const token = SignNewToken(user, process.env.JWT_SECRET);
+    const token = SignNewToken(user, process.env.JWT_SECRET, true);
 
     try {
       await axios.get(`${paymentsUrl}/users/exists`, {

diff --git a/src/app/services/user.js b/src/app/services/user.js
@@ -447,7 +447,7 @@ module.exports = (Model, App) => {
     }
 
     // Successfull register
-    const token = passport.Sign(userData.email, App.config.get('secrets').JWT);
+    const token = passport.Sign(userData.email, App.config.get('secrets').JWT, true);
 
     // Creates user referrals
     await App.services.UsersReferrals.createUserReferrals(userData.id);