add option to extend the duration of the authorized token through a h…

…eader
dreth · Aug 15, 2024 · 45ed22c · 45ed22c
1 parent 24bc291
commit 45ed22c
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 5 deletions.
diff --git a/backend/auth/auth.go b/backend/auth/auth.go
@@ -145,7 +145,7 @@ func Register(c *gin.Context) {
 	telegram.SendTelegramMessage(req.TelegramBotAPIKey, req.TelegramUserID, fmt.Sprintf("🎂 Your user has been successfully registered, through this bot and user ID you'll receive your birthday reminders (if there's any) at %s (Timezone: %s).\n\nIf you encounter any issues using the app or want to give any feedback to us. Please open an issue here: https://github.com/dreth/hbd/issues, thanks and we hope you find the application useful!", req.ReminderTime, req.Timezone))
 
 	// Return the token and the user's details
-	token, err := GenerateJWT(req.Email)
+	token, err := GenerateJWT(req.Email, 720)
 	if helper.HE(c, err, http.StatusInternalServerError, "failed to generate token", false) {
 		return
 	} else {
@@ -229,8 +229,15 @@ func Login(c *gin.Context) {
 		return
 	}
 
+	// Get the JWT duration from the header or use the default
+	jwtDuration, err := GetJWTDurationFromHeader(c, 720)
+	if err != nil {
+		jwtDuration = 720
+	}
+
 	// Generate JWT token
-	token, err := GenerateJWT(req.Email)
+	println(jwtDuration)
+	token, err := GenerateJWT(req.Email, jwtDuration)
 	if helper.HE(c, err, http.StatusInternalServerError, "failed to generate token", false) {
 		return
 	}
@@ -379,7 +386,7 @@ func ModifyUser(c *gin.Context) {
 	}
 
 	// After committing the transaction, emit another JWT token with the new email
-	token, err := GenerateJWT(req.NewEmail)
+	token, err := GenerateJWT(req.NewEmail, 720)
 	if helper.HE(c, err, http.StatusInternalServerError, "failed to generate token", false) {
 		return
 	}

diff --git a/backend/auth/jwt.go b/backend/auth/jwt.go
@@ -2,17 +2,28 @@ package auth
 
 import (
 	"errors"
+	"fmt"
 	"hbd/env"
 	"hbd/structs"
+	"strconv"
 	"time"
 
+	"github.com/gin-gonic/gin"
 	"github.com/golang-jwt/jwt/v5"
 )
 
 var jwtKey = []byte(env.MK)
 
-func GenerateJWT(email string) (string, error) {
-	expirationTime := time.Now().Add(720 * time.Hour)
+func GenerateJWT(email string, duration int) (string, error) {
+	// If the duration is 0, default to 720
+	if duration == 0 {
+		duration = 720
+	}
+
+	// Set the expiration time for the token
+	expirationTime := time.Now().Add(time.Duration(duration) * time.Hour)
+
+	// Create the JWT claims, which includes the email and expiry time
 	claims := &structs.Claims{
 		Email: email,
 		RegisteredClaims: jwt.RegisteredClaims{
@@ -36,3 +47,15 @@ func ValidateJWT(tokenStr string) (*structs.Claims, error) {
 	}
 	return claims, nil
 }
+
+func GetJWTDurationFromHeader(c *gin.Context, defaultDuration int) (int, error) {
+	jwtDurationStr := c.GetHeader("x-jwt-duration-hours")
+	if jwtDurationStr != "" {
+		jwtDuration, err := strconv.Atoi(jwtDurationStr)
+		if err != nil {
+			return 0, fmt.Errorf("invalid JWT duration")
+		}
+		return jwtDuration, nil
+	}
+	return defaultDuration, nil
+}