dennii/dbgate
1
0
Fork 0
mirror of https://github.com/DeNNiiInc/dbgate.git synced 2026-04-25 04:06:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

configurable token lifetime

Browse Source
This commit is contained in:
Jan Prochazka
2022-11-27 11:06:33 +01:00
parent 012d3ec2e1
commit 592865b16e
1 changed files with 7 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
packages/api/src/controllers/auth.js
View File

@@ -12,6 +12,10 @@ function shouldAuthorizeApi() {
return !!process.env.OAUTH_AUTH || !!process.env.AD_URL || (!!logins && !process.env.BASIC_AUTH); return !!process.env.OAUTH_AUTH || !!process.env.AD_URL || (!!logins && !process.env.BASIC_AUTH);
} }
function getTokenLifetime() {
return process.env.TOKEN_LIFETIME || '1d';
}
function unauthorizedResponse(req, res, text) { function unauthorizedResponse(req, res, text) {
// if (req.path == getExpressPath('/config/get-settings')) { // if (req.path == getExpressPath('/config/get-settings')) {
// return res.json({}); // return res.json({});
@@ -81,7 +85,7 @@ module.exports = {
} }
if (access_token) { if (access_token) {
return { return {
accessToken: jwt.sign({ login }, tokenSecret, { expiresIn: '1m' }), accessToken: jwt.sign({ login }, tokenSecret, { expiresIn: getTokenLifetime() }),
}; };
} }
@@ -105,7 +109,7 @@ module.exports = {
return { error: 'Login failed' }; return { error: 'Login failed' };
} }
return { return {
accessToken: jwt.sign({ login }, tokenSecret, { expiresIn: '1m' }), accessToken: jwt.sign({ login }, tokenSecret, { expiresIn: getTokenLifetime() }),
}; };
} catch (err) { } catch (err) {
console.log('Failed active directory authentization', err.message); console.log('Failed active directory authentization', err.message);
@@ -121,7 +125,7 @@ module.exports = {
} }
if (logins.find(x => x.login == login)?.password == password) { if (logins.find(x => x.login == login)?.password == password) {
return { return {
accessToken: jwt.sign({ login }, tokenSecret, { expiresIn: '1m' }), accessToken: jwt.sign({ login }, tokenSecret, { expiresIn: getTokenLifetime() }),
}; };
} }
return { error: 'Invalid credentials' }; return { error: 'Invalid credentials' };