diff --git a/api/public/swagger.yaml b/api/public/swagger.yaml index 6c049cd..5c9e15d 100644 --- a/api/public/swagger.yaml +++ b/api/public/swagger.yaml @@ -57,16 +57,16 @@ components: type: string description: 'Client Secret' example: someRandomCryptoString - accessTokenExpiryDays: + accessTokenExpiration: type: number format: double - description: 'Number of days in which access token will expire' - example: 1 - refreshTokenExpiryDays: + description: 'Number of seconds after which access token will expire' + example: 86400 + refreshTokenExpiration: type: number format: double - description: 'Number of days in which access token will expire' - example: 30 + description: 'Number of days after which access token will expire' + example: 2592000 required: - clientId - clientSecret @@ -689,7 +689,11 @@ paths: $ref: '#/components/schemas/ClientPayload' examples: 'Example 1': - value: {clientId: someFormattedClientID1234, clientSecret: someRandomCryptoString, accessTokenExpiryDays: 1, refreshTokenExpiryDays: 30} + value: {clientId: someFormattedClientID1234, clientSecret: someRandomCryptoString} + 'Example 2': + value: {clientId: someFormattedClientID1234, clientSecret: someRandomCryptoString, accessTokenExpiration: 86400} + 'Example 3': + value: {clientId: someFormattedClientID1234, clientSecret: someRandomCryptoString, accessTokenExpiration: 86400} summary: "Admin only task. Create client with the following attributes:\nClientId,\nClientSecret,\naccessTokenExpiryDays (optional),\nrefreshTokenExpiryDays (optional)" tags: - Client diff --git a/api/src/controllers/auth.ts b/api/src/controllers/auth.ts index 2b94b8a..78d5a5b 100644 --- a/api/src/controllers/auth.ts +++ b/api/src/controllers/auth.ts @@ -89,11 +89,11 @@ const token = async (data: any): Promise => { const accessToken = generateAccessToken( userInfo, - client.accessTokenExpiryDays + client.accessTokenExpiration ) const refreshToken = generateRefreshToken( userInfo, - client.refreshTokenExpiryDays + client.refreshTokenExpiration ) await saveTokensInDB(userInfo.userId, clientId, accessToken, refreshToken) @@ -107,11 +107,11 @@ const refresh = async (userInfo: InfoJWT): Promise => { const accessToken = generateAccessToken( userInfo, - client.accessTokenExpiryDays + client.accessTokenExpiration ) const refreshToken = generateRefreshToken( userInfo, - client.refreshTokenExpiryDays + client.refreshTokenExpiration ) await saveTokensInDB( diff --git a/api/src/controllers/client.ts b/api/src/controllers/client.ts index f4e7122..dae173c 100644 --- a/api/src/controllers/client.ts +++ b/api/src/controllers/client.ts @@ -1,6 +1,9 @@ import { Security, Route, Tags, Example, Post, Body } from 'tsoa' -import Client, { ClientPayload } from '../model/Client' +import Client, { + ClientPayload, + NUMBER_OF_SECONDS_IN_A_DAY +} from '../model/Client' @Security('bearerAuth') @Route('SASjsApi/client') @@ -17,8 +20,8 @@ export class ClientController { @Example({ clientId: 'someFormattedClientID1234', clientSecret: 'someRandomCryptoString', - accessTokenExpiryDays: 1, - refreshTokenExpiryDays: 30 + accessTokenExpiration: NUMBER_OF_SECONDS_IN_A_DAY, + refreshTokenExpiration: NUMBER_OF_SECONDS_IN_A_DAY * 30 }) @Post('/') public async createClient( @@ -32,8 +35,8 @@ const createClient = async (data: ClientPayload): Promise => { const { clientId, clientSecret, - accessTokenExpiryDays, - refreshTokenExpiryDays + accessTokenExpiration, + refreshTokenExpiration } = data // Checking if client is already in the database @@ -44,7 +47,8 @@ const createClient = async (data: ClientPayload): Promise => { const client = new Client({ clientId, clientSecret, - accessTokenExpiryDays + accessTokenExpiration, + refreshTokenExpiration }) const savedClient = await client.save() @@ -52,7 +56,7 @@ const createClient = async (data: ClientPayload): Promise => { return { clientId: savedClient.clientId, clientSecret: savedClient.clientSecret, - accessTokenExpiryDays: savedClient.accessTokenExpiryDays, - refreshTokenExpiryDays: savedClient.refreshTokenExpiryDays + accessTokenExpiration: savedClient.accessTokenExpiration, + refreshTokenExpiration: savedClient.refreshTokenExpiration } } diff --git a/api/src/model/Client.ts b/api/src/model/Client.ts index 1fcb204..7bfef40 100644 --- a/api/src/model/Client.ts +++ b/api/src/model/Client.ts @@ -1,5 +1,6 @@ import mongoose, { Schema } from 'mongoose' +export const NUMBER_OF_SECONDS_IN_A_DAY = 86400 export interface ClientPayload { /** * Client ID @@ -12,15 +13,15 @@ export interface ClientPayload { */ clientSecret: string /** - * Number of days in which access token will expire - * @example 1 + * Number of seconds after which access token will expire + * @example 86400 */ - accessTokenExpiryDays?: number + accessTokenExpiration?: number /** - * Number of days in which access token will expire - * @example 30 + * Number of days after which access token will expire + * @example 2592000 */ - refreshTokenExpiryDays?: number + refreshTokenExpiration?: number } const ClientSchema = new Schema({ @@ -32,13 +33,13 @@ const ClientSchema = new Schema({ type: String, required: true }, - accessTokenExpiryDays: { + accessTokenExpiration: { type: Number, - default: 1 + default: NUMBER_OF_SECONDS_IN_A_DAY }, - refreshTokenExpiryDays: { + refreshTokenExpiration: { type: Number, - default: 30 + default: NUMBER_OF_SECONDS_IN_A_DAY * 30 } }) diff --git a/api/src/utils/generateAccessToken.ts b/api/src/utils/generateAccessToken.ts index ec25c61..8bd1de2 100644 --- a/api/src/utils/generateAccessToken.ts +++ b/api/src/utils/generateAccessToken.ts @@ -1,7 +1,8 @@ import jwt from 'jsonwebtoken' import { InfoJWT } from '../types' +import { NUMBER_OF_SECONDS_IN_A_DAY } from '../model/Client' export const generateAccessToken = (data: InfoJWT, expiry?: number) => jwt.sign(data, process.secrets.ACCESS_TOKEN_SECRET, { - expiresIn: expiry ? `${expiry}d` : '1d' + expiresIn: expiry ? expiry : NUMBER_OF_SECONDS_IN_A_DAY }) diff --git a/api/src/utils/generateRefreshToken.ts b/api/src/utils/generateRefreshToken.ts index 03f7bc1..10b1362 100644 --- a/api/src/utils/generateRefreshToken.ts +++ b/api/src/utils/generateRefreshToken.ts @@ -1,7 +1,8 @@ import jwt from 'jsonwebtoken' import { InfoJWT } from '../types' +import { NUMBER_OF_SECONDS_IN_A_DAY } from '../model/Client' export const generateRefreshToken = (data: InfoJWT, expiry?: number) => jwt.sign(data, process.secrets.REFRESH_TOKEN_SECRET, { - expiresIn: expiry ? `${expiry}d` : '30d' + expiresIn: expiry ? expiry : NUMBER_OF_SECONDS_IN_A_DAY }) diff --git a/api/src/utils/validation.ts b/api/src/utils/validation.ts index 9ffcdb6..6b1e067 100644 --- a/api/src/utils/validation.ts +++ b/api/src/utils/validation.ts @@ -89,8 +89,8 @@ export const registerClientValidation = (data: any): Joi.ValidationResult => Joi.object({ clientId: Joi.string().required(), clientSecret: Joi.string().required(), - accessTokenExpiryDays: Joi.number(), - refreshTokenExpiryDays: Joi.number() + accessTokenExpiration: Joi.number(), + refreshTokenExpiration: Joi.number() }).validate(data) export const registerPermissionValidation = (data: any): Joi.ValidationResult =>