From b65f5367baf799b425be0bcfb9220922751bb6eb Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Thu, 29 Dec 2022 14:18:07 +0100 Subject: Add ability to customize token lifetime --- server/lib/auth/oauth.ts | 14 ++++++++------ server/lib/auth/tokens-cache.ts | 8 ++++---- 2 files changed, 12 insertions(+), 10 deletions(-) (limited to 'server/lib/auth') diff --git a/server/lib/auth/oauth.ts b/server/lib/auth/oauth.ts index bc0d4301f..2905c79a2 100644 --- a/server/lib/auth/oauth.ts +++ b/server/lib/auth/oauth.ts @@ -10,10 +10,11 @@ import OAuth2Server, { } from '@node-oauth/oauth2-server' import { randomBytesPromise } from '@server/helpers/core-utils' import { isOTPValid } from '@server/helpers/otp' +import { CONFIG } from '@server/initializers/config' import { MOAuthClient } from '@server/types/models' import { sha1 } from '@shared/extra-utils' import { HttpStatusCode } from '@shared/models' -import { OAUTH_LIFETIME, OTP } from '../../initializers/constants' +import { OTP } from '../../initializers/constants' import { BypassLogin, getClient, getRefreshToken, getUser, revokeToken, saveToken } from './oauth-model' class MissingTwoFactorError extends Error { @@ -32,8 +33,9 @@ class InvalidTwoFactorError extends Error { * */ const oAuthServer = new OAuth2Server({ - accessTokenLifetime: OAUTH_LIFETIME.ACCESS_TOKEN, - refreshTokenLifetime: OAUTH_LIFETIME.REFRESH_TOKEN, + // Wants seconds + accessTokenLifetime: CONFIG.OAUTH2.TOKEN_LIFETIME.ACCESS_TOKEN / 1000, + refreshTokenLifetime: CONFIG.OAUTH2.TOKEN_LIFETIME.REFRESH_TOKEN / 1000, // See https://github.com/oauthjs/node-oauth2-server/wiki/Model-specification for the model specifications model: require('./oauth-model') @@ -182,10 +184,10 @@ function generateRandomToken () { function getTokenExpiresAt (type: 'access' | 'refresh') { const lifetime = type === 'access' - ? OAUTH_LIFETIME.ACCESS_TOKEN - : OAUTH_LIFETIME.REFRESH_TOKEN + ? CONFIG.OAUTH2.TOKEN_LIFETIME.ACCESS_TOKEN + : CONFIG.OAUTH2.TOKEN_LIFETIME.REFRESH_TOKEN - return new Date(Date.now() + lifetime * 1000) + return new Date(Date.now() + lifetime) } async function buildToken () { diff --git a/server/lib/auth/tokens-cache.ts b/server/lib/auth/tokens-cache.ts index 410708a35..43efc7d02 100644 --- a/server/lib/auth/tokens-cache.ts +++ b/server/lib/auth/tokens-cache.ts @@ -36,8 +36,8 @@ export class TokensCache { const token = this.userHavingToken.get(userId) if (token !== undefined) { - this.accessTokenCache.del(token) - this.userHavingToken.del(userId) + this.accessTokenCache.delete(token) + this.userHavingToken.delete(userId) } } @@ -45,8 +45,8 @@ export class TokensCache { const tokenModel = this.accessTokenCache.get(token) if (tokenModel !== undefined) { - this.userHavingToken.del(tokenModel.userId) - this.accessTokenCache.del(token) + this.userHavingToken.delete(tokenModel.userId) + this.accessTokenCache.delete(token) } } } -- cgit v1.2.3