Merge remote-tracking branch 'origin/develop' into user-management

signal18 · Jun 11, 2024 · 43f5dd3 · 43f5dd3
2 parents 017ea86 + 609335d
commit 43f5dd3
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 2 deletions.
diff --git a/config/config.go b/config/config.go
@@ -660,6 +660,7 @@ type Config struct {
 	OAuthClientID                             string                 `mapstructure:"api-oauth-client-id" toml:"api-oauth-client-id" json:"apiOAuthClientID"`
 	OAuthClientSecret                         string                 `mapstructure:"api-oauth-client-secret" toml:"api-oauth-client-secret" json:"apiOAuthClientSecret"`
 	CacheStaticMaxAge                         int                    `mapstructure:"cache-static-max-age" toml:"cache-static-max-age" json:"-"`
+	TokenTimeout                              int                    `mapstructure:"api-token-timeout" toml:"api-token-timeout" json:"apiTokenTimeout"`
 	//OAuthRedirectURL                          string                 `mapstructure:"api-oauth-redirect-url" toml:"git-url" json:"-"`
 	//	BackupResticStoragePolicy                  string `mapstructure:"backup-restic-storage-policy"  toml:"backup-restic-storage-policy" json:"backupResticStoragePolicy"`
 	//ProvMode                           string `mapstructure:"prov-mode" toml:"prov-mode" json:"provMode"` //InitContainer vs API

diff --git a/server/api.go b/server/api.go
@@ -348,7 +348,7 @@ func (repman *ReplicationManager) loginHandler(w http.ResponseWriter, r *http.Re
 			//set claims
 			claims["iss"] = "https://api.replication-manager.signal18.io"
 			claims["iat"] = time.Now().Unix()
-			claims["exp"] = time.Now().Add(time.Hour * 48).Unix()
+			claims["exp"] = time.Now().Add(time.Hour * time.Duration(repman.Conf.TokenTimeout)).Unix()
 			claims["jti"] = "1" // should be user ID(?)
 			claims["CustomUserInfo"] = struct {
 				Name     string
@@ -360,6 +360,7 @@ func (repman *ReplicationManager) loginHandler(w http.ResponseWriter, r *http.Re
 			//sk, _ := jwt.ParseRSAPublicKeyFromPEM(signingKey)
 
 			tokenString, err := signer.SignedString(sk)
+			// log.Printf("Token expiration: %d hour\n", repman.Conf.TokenTimeout)
 
 			if err != nil {
 				w.WriteHeader(http.StatusInternalServerError)
@@ -461,7 +462,7 @@ func (repman *ReplicationManager) handlerMuxAuthCallback(w http.ResponseWriter,
 			//set claims
 			claims["iss"] = "https://api.replication-manager.signal18.io"
 			claims["iat"] = time.Now().Unix()
-			claims["exp"] = time.Now().Add(time.Hour * 48).Unix()
+			claims["exp"] = time.Now().Add(time.Hour * time.Duration(repman.Conf.TokenTimeout)).Unix()
 			claims["jti"] = "1" // should be user ID(?)
 			claims["CustomUserInfo"] = struct {
 				Name     string

diff --git a/server/server.go b/server/server.go
@@ -211,6 +211,7 @@ func (repman *ReplicationManager) SetDefaultFlags(v *viper.Viper) {
 }
 
 func (repman *ReplicationManager) AddFlags(flags *pflag.FlagSet, conf *config.Config) {
+	flags.IntVar(&conf.TokenTimeout, "api-token-timeout", 48, "Timespan of API Token before expired in hour")
 
 	if WithDeprecate == "ON" {
 		//	initDeprecated() // not needed used alias in main