Merge pull request #637 from signal18/caff_dev

svaroqui · web-flow · commit 609335d0d30d · 2024-06-11T09:50:20.000+02:00
jwt-auth-variable
diff --git a/config/config.go b/config/config.go
@@ -660,6 +660,7 @@ type Config struct {
 	OAuthClientID                             string                 `mapstructure:"api-oauth-client-id" toml:"api-oauth-client-id" json:"apiOAuthClientID"`
 	OAuthClientSecret                         string                 `mapstructure:"api-oauth-client-secret" toml:"api-oauth-client-secret" json:"apiOAuthClientSecret"`
 	CacheStaticMaxAge                         int                    `mapstructure:"cache-static-max-age" toml:"cache-static-max-age" json:"-"`
+	TokenTimeout                              int                    `mapstructure:"api-token-timeout" toml:"api-token-timeout" json:"apiTokenTimeout"`
 	//OAuthRedirectURL                          string                 `mapstructure:"api-oauth-redirect-url" toml:"git-url" json:"-"`
 	//	BackupResticStoragePolicy                  string `mapstructure:"backup-restic-storage-policy"  toml:"backup-restic-storage-policy" json:"backupResticStoragePolicy"`
 	//ProvMode                           string `mapstructure:"prov-mode" toml:"prov-mode" json:"provMode"` //InitContainer vs API
diff --git a/server/api.go b/server/api.go
@@ -343,7 +343,7 @@ func (repman *ReplicationManager) loginHandler(w http.ResponseWriter, r *http.Re
 			//set claims
 			claims["iss"] = "https://api.replication-manager.signal18.io"
 			claims["iat"] = time.Now().Unix()
-			claims["exp"] = time.Now().Add(time.Hour * 48).Unix()
+			claims["exp"] = time.Now().Add(time.Hour * time.Duration(repman.Conf.TokenTimeout)).Unix()
 			claims["jti"] = "1" // should be user ID(?)
 			claims["CustomUserInfo"] = struct {
 				Name     string
@@ -355,6 +355,7 @@ func (repman *ReplicationManager) loginHandler(w http.ResponseWriter, r *http.Re
 			//sk, _ := jwt.ParseRSAPublicKeyFromPEM(signingKey)
 
 			tokenString, err := signer.SignedString(sk)
+			// log.Printf("Token expiration: %d hour\n", repman.Conf.TokenTimeout)
 
 			if err != nil {
 				w.WriteHeader(http.StatusInternalServerError)
@@ -456,7 +457,7 @@ func (repman *ReplicationManager) handlerMuxAuthCallback(w http.ResponseWriter,
 			//set claims
 			claims["iss"] = "https://api.replication-manager.signal18.io"
 			claims["iat"] = time.Now().Unix()
-			claims["exp"] = time.Now().Add(time.Hour * 48).Unix()
+			claims["exp"] = time.Now().Add(time.Hour * time.Duration(repman.Conf.TokenTimeout)).Unix()
 			claims["jti"] = "1" // should be user ID(?)
 			claims["CustomUserInfo"] = struct {
 				Name     string
diff --git a/server/server.go b/server/server.go
@@ -211,6 +211,7 @@ func (repman *ReplicationManager) SetDefaultFlags(v *viper.Viper) {
 }
 
 func (repman *ReplicationManager) AddFlags(flags *pflag.FlagSet, conf *config.Config) {
+	flags.IntVar(&conf.TokenTimeout, "api-token-timeout", 48, "Timespan of API Token before expired in hour")
 
 	if WithDeprecate == "ON" {
 		//	initDeprecated() // not needed used alias in main

Original file line number	Diff line number	Diff line change
`@@ -211,6 +211,7 @@ func (repman ReplicationManager) SetDefaultFlags(v viper.Viper) {`
`211`	`211`	`}`
`212`	`212`
`213`	`213`	`func (repman ReplicationManager) AddFlags(flags pflag.FlagSet, conf *config.Config) {`
	`214`	`+ flags.IntVar(&conf.TokenTimeout, "api-token-timeout", 48, "Timespan of API Token before expired in hour")`
`214`	`215`
`215`	`216`	`if WithDeprecate == "ON" {`
`216`	`217`	`// initDeprecated() // not needed used alias in main`