peter.babic
/
demo-graphql-oauth
mirror of https://github.com/peterbabic/demo-graphql-oauth
0
0
Fork 0
Code Issues Projects Releases Wiki Activity

add ms to access token to randomize it

Browse Source
master
Peter Babič 5 years ago
parent 316d8c524f
commit 28666f00f9
Signed by: peter.babic
GPG Key ID: 4BB075BC1884BA40
2 changed files with 45 additions and 42 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 1
      src/server/UserResolver.spec.ts
  2. 4
      src/server/userResolver/auth.ts

1
src/server/UserResolver.spec.ts
Unescape View File

@ -60,6 +60,7 @@ describe("resolver of user", () => {
expect(jwtLifetime).toBeGreaterThanOrEqual(oneMinute)
expect(jwtLifetime).not.toBeGreaterThan(sixteenMinutes)
expect(jwtPayload.userId).toBe(user.id)
expect(jwtPayload.ms).toBeLessThan(1000)
expect(response.errors).toBeUndefined()
})
)

4
src/server/userResolver/auth.ts
Unescape View File

@ -16,8 +16,9 @@ export const comparePasswords = async (hash: string, plain: string) => {
export const signAccessToken = (payload: ContextPayload) => {
const accessTokenSecret = process.env.ACCESS_SECRET as string
const payloadWithMs = { ...payload, ms: Date.now() % 1000 }
return jwtSign(payload, accessTokenSecret, {
return jwtSign(payloadWithMs, accessTokenSecret, {
expiresIn: parseInt(process.env.ACCESS_EXPIRY as string),
})
}
@ -84,4 +85,5 @@ type JWTPayload = {
userId: number
iat: number
exp?: number
ms?: number
}

Write Preview
Loading…
Cancel
Save