use time.Duration in token expiry env vars
This commit is contained in:
dhax
parent
89609ae5e6
commit
eb928912af
5 changed files with 15 additions and 15 deletions
12
README.md
12
README.md
|
|
@ -55,17 +55,17 @@ A deployed version can also be found on [Heroku](https://govue.herokuapp.com)
|
||||||
|
|
||||||
Name | Type | Default | Description
|
Name | Type | Default | Description
|
||||||
---|---|---|---
|
---|---|---|---
|
||||||
PORT | int | 3000 | http port
|
PORT | string | localhost:3000 | http address (accepts also port number only for heroku compability)
|
||||||
LOG_LEVEL | string | debug | log level
|
LOG_LEVEL | string | debug | log level
|
||||||
LOG_TEXTLOGGING | bool | false | defaults to json logging
|
LOG_TEXTLOGGING | bool | false | defaults to json logging
|
||||||
DATABASE_URL | string | postgres://postgres:postgres<br>@localhost:5432/gobase?sslmode=disable | PostgreSQL connection string
|
DATABASE_URL | string | postgres://postgres:postgres<br>@localhost:5432/gobase?sslmode=disable | PostgreSQL connection string
|
||||||
AUTH_LOGIN_URL | string | http://localhost:3000/login | client login url as sent in login token email
|
AUTH_LOGIN_URL | string | http://localhost:3000/login | client login url as sent in login token email
|
||||||
AUTH_LOGIN_TOKEN_LENGTH | int | 8 | length of login token
|
AUTH_LOGIN_TOKEN_LENGTH | int | 8 | length of login token
|
||||||
AUTH_LOGIN_TOKEN_EXPIRY | int | 11 | login token expiry in minutes
|
AUTH_LOGIN_TOKEN_EXPIRY | time.Duration | 11m | login token expiry
|
||||||
AUTH_JWT_SECRET | string | random | jwt sign and verify key - value "random" sets random 32 char secret at startup
|
AUTH_JWT_SECRET | string | random | jwt sign and verify key - value "random" creates random 32 char secret at startup (and automatically invalidates existing tokens on app restarts, so during dev you might want to set a fixed value here)
|
||||||
AUTH_JWT_EXPIRY | int | 15 | jwt access token expiry in minutes
|
AUTH_JWT_EXPIRY | time.Duration | 15m | jwt access token expiry
|
||||||
AUTH_JWT_REFRESH_EXPIRY | int | 60 | jwt refresh token expiry in minutes
|
AUTH_JWT_REFRESH_EXPIRY | time.Duration | 1h | jwt refresh token expiry
|
||||||
EMAIL_SMTP_HOST | string || email smtp host<br>(if set and connection can't be established then app panics)
|
EMAIL_SMTP_HOST | string || email smtp host (if set and connection can't be established then app panics)
|
||||||
EMAIL_SMTP_PORT | int || email smtp port
|
EMAIL_SMTP_PORT | int || email smtp port
|
||||||
EMAIL_SMTP_USER | string || email smtp username
|
EMAIL_SMTP_USER | string || email smtp username
|
||||||
EMAIL_SMTP_PASSWORD | string || email smtp password
|
EMAIL_SMTP_PASSWORD | string || email smtp password
|
||||||
|
|
|
||||||
|
|
@ -130,7 +130,7 @@ func (rs *Resource) token(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
token := &Token{
|
token := &Token{
|
||||||
Token: uuid.NewV4().String(),
|
Token: uuid.NewV4().String(),
|
||||||
Expiry: time.Now().Add(time.Minute * rs.Token.jwtRefreshExpiry),
|
Expiry: time.Now().Add(rs.Token.jwtRefreshExpiry),
|
||||||
UpdatedAt: time.Now(),
|
UpdatedAt: time.Now(),
|
||||||
AccountID: acc.ID,
|
AccountID: acc.ID,
|
||||||
Mobile: ua.Mobile(),
|
Mobile: ua.Mobile(),
|
||||||
|
|
@ -184,7 +184,7 @@ func (rs *Resource) refresh(w http.ResponseWriter, r *http.Request) {
|
||||||
}
|
}
|
||||||
|
|
||||||
token.Token = uuid.NewV4().String()
|
token.Token = uuid.NewV4().String()
|
||||||
token.Expiry = time.Now().Add(time.Minute * rs.Token.jwtRefreshExpiry)
|
token.Expiry = time.Now().Add(rs.Token.jwtRefreshExpiry)
|
||||||
token.UpdatedAt = time.Now()
|
token.UpdatedAt = time.Now()
|
||||||
|
|
||||||
access, refresh, err := rs.Token.GenTokenPair(acc.Claims(), token.Claims())
|
access, refresh, err := rs.Token.GenTokenPair(acc.Claims(), token.Claims())
|
||||||
|
|
|
||||||
|
|
@ -59,7 +59,7 @@ func (a *TokenAuth) GenTokenPair(ca jwtauth.Claims, cr jwtauth.Claims) (string,
|
||||||
// CreateJWT returns an access token for provided account claims.
|
// CreateJWT returns an access token for provided account claims.
|
||||||
func (a *TokenAuth) CreateJWT(c jwtauth.Claims) (string, error) {
|
func (a *TokenAuth) CreateJWT(c jwtauth.Claims) (string, error) {
|
||||||
c.SetIssuedNow()
|
c.SetIssuedNow()
|
||||||
c.SetExpiryIn(a.jwtExpiry * time.Minute)
|
c.SetExpiryIn(a.jwtExpiry)
|
||||||
_, tokenString, err := a.JwtAuth.Encode(c)
|
_, tokenString, err := a.JwtAuth.Encode(c)
|
||||||
return tokenString, err
|
return tokenString, err
|
||||||
}
|
}
|
||||||
|
|
@ -67,7 +67,7 @@ func (a *TokenAuth) CreateJWT(c jwtauth.Claims) (string, error) {
|
||||||
// CreateRefreshJWT returns a refresh token for provided token Claims.
|
// CreateRefreshJWT returns a refresh token for provided token Claims.
|
||||||
func (a *TokenAuth) CreateRefreshJWT(c jwtauth.Claims) (string, error) {
|
func (a *TokenAuth) CreateRefreshJWT(c jwtauth.Claims) (string, error) {
|
||||||
c.SetIssuedNow()
|
c.SetIssuedNow()
|
||||||
c.SetExpiryIn(time.Minute * a.jwtRefreshExpiry)
|
c.SetExpiryIn(a.jwtRefreshExpiry)
|
||||||
_, tokenString, err := a.JwtAuth.Encode(c)
|
_, tokenString, err := a.JwtAuth.Encode(c)
|
||||||
return tokenString, err
|
return tokenString, err
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -44,7 +44,7 @@ func (a *LoginTokenAuth) CreateToken(id int) LoginToken {
|
||||||
lt := LoginToken{
|
lt := LoginToken{
|
||||||
Token: randStringBytes(a.loginTokenLength),
|
Token: randStringBytes(a.loginTokenLength),
|
||||||
AccountID: id,
|
AccountID: id,
|
||||||
Expiry: time.Now().Add(time.Minute * a.loginTokenExpiry),
|
Expiry: time.Now().Add(a.loginTokenExpiry),
|
||||||
}
|
}
|
||||||
a.add(lt)
|
a.add(lt)
|
||||||
a.purgeExpired()
|
a.purgeExpired()
|
||||||
|
|
|
||||||
|
|
@ -38,15 +38,15 @@ func init() {
|
||||||
RootCmd.AddCommand(serveCmd)
|
RootCmd.AddCommand(serveCmd)
|
||||||
|
|
||||||
// Here you will define your flags and configuration settings.
|
// Here you will define your flags and configuration settings.
|
||||||
viper.SetDefault("port", "3000")
|
viper.SetDefault("port", "localhost:3000")
|
||||||
viper.SetDefault("log_level", "debug")
|
viper.SetDefault("log_level", "debug")
|
||||||
|
|
||||||
viper.SetDefault("auth_login_url", "http://localhost:3000/login")
|
viper.SetDefault("auth_login_url", "http://localhost:3000/login")
|
||||||
viper.SetDefault("auth_login_token_length", 8)
|
viper.SetDefault("auth_login_token_length", 8)
|
||||||
viper.SetDefault("auth_login_token_expiry", 11) // expiry in minutes
|
viper.SetDefault("auth_login_token_expiry", "11m")
|
||||||
viper.SetDefault("auth_jwt_secret", "random")
|
viper.SetDefault("auth_jwt_secret", "random")
|
||||||
viper.SetDefault("auth_jwt_expiry", 15)
|
viper.SetDefault("auth_jwt_expiry", "15m")
|
||||||
viper.SetDefault("auth_jwt_refresh_expiry", 60)
|
viper.SetDefault("auth_jwt_refresh_expiry", "1h")
|
||||||
|
|
||||||
// Cobra supports Persistent Flags which will work for this command
|
// Cobra supports Persistent Flags which will work for this command
|
||||||
// and all subcommands, e.g.:
|
// and all subcommands, e.g.:
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue