chore(release): 0.26.1 [skip ci]

## [0.26.1](https://github.com/sasjs/server/compare/v0.26.0...v0.26.1) (2022-11-15)

### Bug Fixes

* change the expiration of access/refresh tokens from days to seconds ([bb05493](bb054938c5))

CHANGELOG.md

@@ -1,3 +1,10 @@
+## [0.26.1](https://github.com/sasjs/server/compare/v0.26.0...v0.26.1) (2022-11-15)
+
+
+### Bug Fixes
+
+* change the expiration of access/refresh tokens from days to seconds ([bb05493](https://github.com/sasjs/server/commit/bb054938c5bd0535ae6b9da93ba0b14f9b80ddcd))
+
 # [0.26.0](https://github.com/sasjs/server/compare/v0.25.1...v0.26.0) (2022-11-13)
 
 

api/public/swagger.yaml

@@ -57,16 +57,16 @@ components:
                     type: string
                     description: 'Client Secret'
                     example: someRandomCryptoString
-                accessTokenExpiryDays:
+                accessTokenExpiration:
                     type: number
                     format: double
-                    description: 'Number of days in which access token will expire'
-                    example: 1
-                refreshTokenExpiryDays:
+                    description: 'Number of seconds after which access token will expire. Default is 86400 (1 day)'
+                    example: 86400
+                refreshTokenExpiration:
                     type: number
                     format: double
-                    description: 'Number of days in which access token will expire'
-                    example: 30
+                    description: 'Number of seconds after which access token will expire. Default is 2592000 (30 days)'
+                    example: 2592000
             required:
                 - clientId
                 - clientSecret
@@ -689,7 +689,11 @@ paths:
                                 $ref: '#/components/schemas/ClientPayload'
                             examples:
                                 'Example 1':
-                                    value: {clientId: someFormattedClientID1234, clientSecret: someRandomCryptoString, accessTokenExpiryDays: 1, refreshTokenExpiryDays: 30}
+                                    value: {clientId: someFormattedClientID1234, clientSecret: someRandomCryptoString}
+                                'Example 2':
+                                    value: {clientId: someFormattedClientID1234, clientSecret: someRandomCryptoString, accessTokenExpiration: 86400}
+                                'Example 3':
+                                    value: {clientId: someFormattedClientID1234, clientSecret: someRandomCryptoString, accessTokenExpiration: 86400}
             summary: "Admin only task. Create client with the following attributes:\nClientId,\nClientSecret,\naccessTokenExpiryDays (optional),\nrefreshTokenExpiryDays (optional)"
             tags:
                 - Client

api/src/controllers/auth.ts

@@ -89,11 +89,11 @@ const token = async (data: any): Promise<TokenResponse> => {
 
   const accessToken = generateAccessToken(
     userInfo,
-    client.accessTokenExpiryDays
+    client.accessTokenExpiration
   )
   const refreshToken = generateRefreshToken(
     userInfo,
-    client.refreshTokenExpiryDays
+    client.refreshTokenExpiration
   )
 
   await saveTokensInDB(userInfo.userId, clientId, accessToken, refreshToken)
@@ -107,11 +107,11 @@ const refresh = async (userInfo: InfoJWT): Promise<TokenResponse> => {
 
   const accessToken = generateAccessToken(
     userInfo,
-    client.accessTokenExpiryDays
+    client.accessTokenExpiration
   )
   const refreshToken = generateRefreshToken(
     userInfo,
-    client.refreshTokenExpiryDays
+    client.refreshTokenExpiration
   )
 
   await saveTokensInDB(

api/src/controllers/client.ts

@@ -1,6 +1,9 @@
 import { Security, Route, Tags, Example, Post, Body } from 'tsoa'
 
-import Client, { ClientPayload } from '../model/Client'
+import Client, {
+  ClientPayload,
+  NUMBER_OF_SECONDS_IN_A_DAY
+} from '../model/Client'
 
 @Security('bearerAuth')
 @Route('SASjsApi/client')
@@ -17,8 +20,8 @@ export class ClientController {
   @Example<ClientPayload>({
     clientId: 'someFormattedClientID1234',
     clientSecret: 'someRandomCryptoString',
-    accessTokenExpiryDays: 1,
-    refreshTokenExpiryDays: 30
+    accessTokenExpiration: NUMBER_OF_SECONDS_IN_A_DAY,
+    refreshTokenExpiration: NUMBER_OF_SECONDS_IN_A_DAY * 30
   })
   @Post('/')
   public async createClient(
@@ -32,8 +35,8 @@ const createClient = async (data: ClientPayload): Promise<ClientPayload> => {
   const {
     clientId,
     clientSecret,
-    accessTokenExpiryDays,
-    refreshTokenExpiryDays
+    accessTokenExpiration,
+    refreshTokenExpiration
   } = data
 
   // Checking if client is already in the database
@@ -44,7 +47,8 @@ const createClient = async (data: ClientPayload): Promise<ClientPayload> => {
   const client = new Client({
     clientId,
     clientSecret,
-    accessTokenExpiryDays
+    accessTokenExpiration,
+    refreshTokenExpiration
   })
 
   const savedClient = await client.save()
@@ -52,7 +56,7 @@ const createClient = async (data: ClientPayload): Promise<ClientPayload> => {
   return {
     clientId: savedClient.clientId,
     clientSecret: savedClient.clientSecret,
-    accessTokenExpiryDays: savedClient.accessTokenExpiryDays,
-    refreshTokenExpiryDays: savedClient.refreshTokenExpiryDays
+    accessTokenExpiration: savedClient.accessTokenExpiration,
+    refreshTokenExpiration: savedClient.refreshTokenExpiration
   }
 }

api/src/model/Client.ts

@@ -1,5 +1,6 @@
 import mongoose, { Schema } from 'mongoose'
 
+export const NUMBER_OF_SECONDS_IN_A_DAY = 86400
 export interface ClientPayload {
   /**
    * Client ID
@@ -12,15 +13,15 @@ export interface ClientPayload {
    */
   clientSecret: string
   /**
-   * Number of days in which access token will expire
-   * @example 1
+   * Number of seconds after which access token will expire. Default is 86400 (1 day)
+   * @example 86400
    */
-  accessTokenExpiryDays?: number
+  accessTokenExpiration?: number
   /**
-   * Number of days in which access token will expire
-   * @example 30
+   * Number of seconds after which access token will expire. Default is 2592000 (30 days)
+   * @example 2592000
    */
-  refreshTokenExpiryDays?: number
+  refreshTokenExpiration?: number
 }
 
 const ClientSchema = new Schema<ClientPayload>({
@@ -32,13 +33,13 @@ const ClientSchema = new Schema<ClientPayload>({
     type: String,
     required: true
   },
-  accessTokenExpiryDays: {
+  accessTokenExpiration: {
     type: Number,
-    default: 1
+    default: NUMBER_OF_SECONDS_IN_A_DAY
   },
-  refreshTokenExpiryDays: {
+  refreshTokenExpiration: {
     type: Number,
-    default: 30
+    default: NUMBER_OF_SECONDS_IN_A_DAY * 30
   }
 })
 

api/src/utils/generateAccessToken.ts

@@ -1,7 +1,8 @@
 import jwt from 'jsonwebtoken'
 import { InfoJWT } from '../types'
+import { NUMBER_OF_SECONDS_IN_A_DAY } from '../model/Client'
 
 export const generateAccessToken = (data: InfoJWT, expiry?: number) =>
   jwt.sign(data, process.secrets.ACCESS_TOKEN_SECRET, {
-    expiresIn: expiry ? `${expiry}d` : '1d'
+    expiresIn: expiry ? expiry : NUMBER_OF_SECONDS_IN_A_DAY
   })

api/src/utils/generateRefreshToken.ts

@@ -1,7 +1,8 @@
 import jwt from 'jsonwebtoken'
 import { InfoJWT } from '../types'
+import { NUMBER_OF_SECONDS_IN_A_DAY } from '../model/Client'
 
 export const generateRefreshToken = (data: InfoJWT, expiry?: number) =>
   jwt.sign(data, process.secrets.REFRESH_TOKEN_SECRET, {
-    expiresIn: expiry ? `${expiry}d` : '30d'
+    expiresIn: expiry ? expiry : NUMBER_OF_SECONDS_IN_A_DAY
   })

api/src/utils/validation.ts

@@ -89,8 +89,8 @@ export const registerClientValidation = (data: any): Joi.ValidationResult =>
   Joi.object({
     clientId: Joi.string().required(),
     clientSecret: Joi.string().required(),
-    accessTokenExpiryDays: Joi.number(),
-    refreshTokenExpiryDays: Joi.number()
+    accessTokenExpiration: Joi.number(),
+    refreshTokenExpiration: Joi.number()
   }).validate(data)
 
 export const registerPermissionValidation = (data: any): Joi.ValidationResult =>