From a0fe8c0017d4f594d57e0d3c00305077874f5aa0 Mon Sep 17 00:00:00 2001 From: Philipp Dormann Date: Sat, 5 Dec 2020 12:34:07 +0100 Subject: [PATCH] =?UTF-8?q?=F0=9F=9A=A7=20CreateAuth=20-=20basic=20jwt=20c?= =?UTF-8?q?reation=20with=20user=20details?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ref #12 --- src/models/creation/CreateAuth.ts | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/models/creation/CreateAuth.ts b/src/models/creation/CreateAuth.ts index 4580869..f21c026 100644 --- a/src/models/creation/CreateAuth.ts +++ b/src/models/creation/CreateAuth.ts @@ -33,20 +33,20 @@ export class CreateAuth { } else { const found_user = found_users[0] if (await argon2.verify(found_user.password, this.password + found_user.uuid)) { - // TODO: proper jwt creation const timestamp_accesstoken_expiry = Math.floor(Date.now() / 1000) + 5 * 60 + delete found_user.password; newAuth.access_token = jsonwebtoken.sign({ - refreshtokencount: 5, - userdetails: {}, + userdetails: found_user, exp: timestamp_accesstoken_expiry }, "securekey") + newAuth.access_token_expires_at = timestamp_accesstoken_expiry + // const timestamp_refresh_expiry = Math.floor(Date.now() / 1000) + 10 * 36000 newAuth.refresh_token = jsonwebtoken.sign({ refreshtokencount: 5, - userdetails: {}, + userid: found_user.id, exp: timestamp_refresh_expiry }, "securekey") - newAuth.access_token_expires_at = timestamp_accesstoken_expiry newAuth.refresh_token_expires_at = timestamp_refresh_expiry } else { throw new InvalidCredentialsError()