Add ability to customize token lifetime

author: Chocobozzz <me@florianbigard.com> 2022-12-29 14:18:07 +0100
committer: Chocobozzz <me@florianbigard.com> 2023-01-04 11:41:29 +0100
commit: b65f5367baf799b425be0bcfb9220922751bb6eb (patch)
tree: 0ec740d368864ace758bb842eef6864e822c4a06 /server/lib
parent: 518c5cc62d922ddedc16f5a1e2c3e7035f342115 (diff)
download: PeerTube-b65f5367baf799b425be0bcfb9220922751bb6eb.tar.gz
PeerTube-b65f5367baf799b425be0bcfb9220922751bb6eb.tar.zst
PeerTube-b65f5367baf799b425be0bcfb9220922751bb6eb.zip
2 files changed, 12 insertions, 10 deletions
diff --git a/server/lib/auth/oauth.ts b/server/lib/auth/oauth.ts
index bc0d4301f..2905c79a2 100644
--- a/server/lib/auth/oauth.ts
+++ b/server/lib/auth/oauth.ts
@@ -10,10 +10,11 @@ import OAuth2Server, {
 } from '@node-oauth/oauth2-server'
 import { randomBytesPromise } from '@server/helpers/core-utils'
 import { isOTPValid } from '@server/helpers/otp'
+import { CONFIG } from '@server/initializers/config'
 import { MOAuthClient } from '@server/types/models'
 import { sha1 } from '@shared/extra-utils'
 import { HttpStatusCode } from '@shared/models'
-import { OAUTH_LIFETIME, OTP } from '../../initializers/constants'
+import { OTP } from '../../initializers/constants'
 import { BypassLogin, getClient, getRefreshToken, getUser, revokeToken, saveToken } from './oauth-model'
 class MissingTwoFactorError extends Error {
@@ -32,8 +33,9 @@ class InvalidTwoFactorError extends Error {
 *
 */
 const oAuthServer = new OAuth2Server({
-  accessTokenLifetime: OAUTH_LIFETIME.ACCESS_TOKEN,
+  // Wants seconds
-  refreshTokenLifetime: OAUTH_LIFETIME.REFRESH_TOKEN,
+  accessTokenLifetime: CONFIG.OAUTH2.TOKEN_LIFETIME.ACCESS_TOKEN / 1000,
+  refreshTokenLifetime: CONFIG.OAUTH2.TOKEN_LIFETIME.REFRESH_TOKEN / 1000,
  // See https://github.com/oauthjs/node-oauth2-server/wiki/Model-specification for the model specifications
  model: require('./oauth-model')
@@ -182,10 +184,10 @@ function generateRandomToken () {
 function getTokenExpiresAt (type: 'access' | 'refresh') {
  const lifetime = type === 'access'
-    ? OAUTH_LIFETIME.ACCESS_TOKEN
+    ? CONFIG.OAUTH2.TOKEN_LIFETIME.ACCESS_TOKEN
-    : OAUTH_LIFETIME.REFRESH_TOKEN
+    : CONFIG.OAUTH2.TOKEN_LIFETIME.REFRESH_TOKEN
-  return new Date(Date.now() + lifetime * 1000)
+  return new Date(Date.now() + lifetime)
 }
 async function buildToken () {
diff --git a/server/lib/auth/tokens-cache.ts b/server/lib/auth/tokens-cache.ts
index 410708a35..43efc7d02 100644
--- a/server/lib/auth/tokens-cache.ts
+++ b/server/lib/auth/tokens-cache.ts
@@ -36,8 +36,8 @@ export class TokensCache {
    const token = this.userHavingToken.get(userId)
    if (token !== undefined) {
-      this.accessTokenCache.del(token)
+      this.accessTokenCache.delete(token)
-      this.userHavingToken.del(userId)
+      this.userHavingToken.delete(userId)
    }
  }
@@ -45,8 +45,8 @@ export class TokensCache {
    const tokenModel = this.accessTokenCache.get(token)
    if (tokenModel !== undefined) {
-      this.userHavingToken.del(tokenModel.userId)
+      this.userHavingToken.delete(tokenModel.userId)
-      this.accessTokenCache.del(token)
+      this.accessTokenCache.delete(token)
    }
  }
 }
author	Chocobozzz <me@florianbigard.com>	2022-12-29 14:18:07 +0100
committer	Chocobozzz <me@florianbigard.com>	2023-01-04 11:41:29 +0100
commit	b65f5367baf799b425be0bcfb9220922751bb6eb (patch)
tree	0ec740d368864ace758bb842eef6864e822c4a06 /server/lib
parent	518c5cc62d922ddedc16f5a1e2c3e7035f342115 (diff)
download	PeerTube-b65f5367baf799b425be0bcfb9220922751bb6eb.tar.gz PeerTube-b65f5367baf799b425be0bcfb9220922751bb6eb.tar.zst PeerTube-b65f5367baf799b425be0bcfb9220922751bb6eb.zip