first accesstoken generation

ref #12
2020-12-05 12:28:59 +01:00 · 2020-12-05 12:28:59 +01:00 · c33097f773
parent 28c2b862f0
commit c33097f773
1 changed files with 14 additions and 6 deletions
--- a/src/models/creation/CreateAuth.ts
+++ b/src/models/creation/CreateAuth.ts
@ -32,14 +32,22 @@ export class CreateAuth {
            throw new UserNotFoundError()
        } else {
            const found_user = found_users[0]
-            console.log(found_user.password);
            if (await argon2.verify(found_user.password, this.password + found_user.uuid)) {
                // TODO: proper jwt creation
-                const token = jsonwebtoken.sign({}, "securekey")
-                newAuth.access_token = token
-                newAuth.refresh_token = token
-                newAuth.access_token_expires_at = 1587349200
-                newAuth.refresh_token_expires_at = 1587349200
+                const timestamp_accesstoken_expiry = Math.floor(Date.now() / 1000) + 5 * 60
+                newAuth.access_token = jsonwebtoken.sign({
+                    refreshtokencount: 5,
+                    userdetails: {},
+                    exp: timestamp_accesstoken_expiry
+                }, "securekey")
+                const timestamp_refresh_expiry = Math.floor(Date.now() / 1000) + 10 * 36000
+                newAuth.refresh_token = jsonwebtoken.sign({
+                    refreshtokencount: 5,
+                    userdetails: {},
+                    exp: timestamp_refresh_expiry
+                }, "securekey")
+                newAuth.access_token_expires_at = timestamp_accesstoken_expiry
+                newAuth.refresh_token_expires_at = timestamp_refresh_expiry
            } else {
                throw new InvalidCredentialsError()
            }