Add Setting for User Token Expiration (hobbyfarm#178)

ebauman · Mar 28, 2024 · 6b5e9b8 · 6b5e9b8
1 parent 247a9ff
commit 6b5e9b8
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 5 deletions.
diff --git a/v3/pkg/setting/util.go b/v3/pkg/setting/util.go
@@ -3,10 +3,11 @@ package setting
 import (
 	"encoding/json"
 	"fmt"
-	"github.com/hobbyfarm/gargantua/v3/pkg/property"
 	"strconv"
 	"strings"
 
+	"github.com/hobbyfarm/gargantua/v3/pkg/property"
+
 	settingProto "github.com/hobbyfarm/gargantua/v3/protos/setting"
 )
 
@@ -24,6 +25,7 @@ const (
 	ImprintLink                              SettingName = "imprint-link"
 	ImprintLinkName                          SettingName = "imprint-linkname"
 	AboutModalButtons                        SettingName = "aboutmodal-buttons"
+	UserTokenExpiration                      SettingName = "user-token-expiration"
 )
 
 var DataTypeMappingToProto = map[property.DataType]settingProto.DataType{

diff --git a/v3/services/authnsvc/internal/authnservice.go b/v3/services/authnsvc/internal/authnservice.go
@@ -495,7 +495,7 @@ func (a AuthServer) LoginFunc(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	token, err := GenerateJWT(user)
+	token, err := a.GenerateJWT(user)
 
 	if err != nil {
 		glog.Error(err)
@@ -506,12 +506,24 @@ func (a AuthServer) LoginFunc(w http.ResponseWriter, r *http.Request) {
 	util.ReturnHTTPMessage(w, r, 200, "authorized", token)
 }
 
-func GenerateJWT(user *userProto.User) (string, error) {
+func (a AuthServer) GenerateJWT(user *userProto.User) (string, error) {
+	// Get Expiration Date Setting
+	setting, err := a.settingClient.GetSettingValue(context.Background(), &settingProto.Id{Name: string(settingUtil.UserTokenExpiration)})
+	if err != nil {
+		return "", err
+	}
+
+	tokenExpiration := time.Duration(24)
+	if s, ok := setting.GetValue().(*settingProto.SettingValue_Int64Value); err != nil || !ok || setting == nil {
+		return "", fmt.Errorf("error retreiving retention Time setting")
+	} else {
+		tokenExpiration = time.Duration(s.Int64Value)
+	}
 
 	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
 		"email": user.GetEmail(),
-		"nbf":   time.Now().Unix(),                     // not valid before now
-		"exp":   time.Now().Add(time.Hour * 24).Unix(), // expire in 24 hours
+		"nbf":   time.Now().Unix(),                                  // not valid before now
+		"exp":   time.Now().Add(time.Hour * tokenExpiration).Unix(), // expire after [tokenExpiration] hours
 	})
 
 	// Sign and get the complete encoded token as a string using the secret

diff --git a/v3/services/settingsvc/internal/preinstall.go b/v3/services/settingsvc/internal/preinstall.go
@@ -241,5 +241,18 @@ func predefinedSettings() []*settingProto.CreateSettingRequest {
 				DisplayName: "Strict AccessCode Validation",
 			},
 		},
+		{
+			Name:      string(settingUtil.UserTokenExpiration),
+			Namespace: util.GetReleaseNamespace(),
+			Labels: map[string]string{
+				labels.SettingScope: "gargantua",
+			},
+			Value: "24",
+			Property: &settingProto.Property{
+				DataType:    settingProto.DataType_DATA_TYPE_INTEGER,
+				ValueType:   settingProto.ValueType_VALUE_TYPE_SCALAR,
+				DisplayName: "User Token Expiration (hours)",
+			},
+		},
 	}
 }