Merge pull request #2942 from airqo-platform/token-expiry

JWTs should expire in one hour
airqo-platform · Jan 23, 2024 · 5b012f1 · 5b012f1
2 parents 4a1d506 + 1ffebf1
commit 5b012f1
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/src/auth-service/models/User.js b/src/auth-service/models/User.js
@@ -835,8 +835,8 @@ UserSchema.methods.createToken = async function () {
       return userWithDerivedAttributes;
     } else {
       const user = userWithDerivedAttributes.data[0];
-      // Calculate expiration time (24 hours from now) in seconds
-      const expirationTime = Math.floor(Date.now() / 1000) + 24 * 60 * 60;
+      const oneDayExpiry = Math.floor(Date.now() / 1000) + 24 * 60 * 60;
+      const oneHourExpiry = Math.floor(Date.now() / 1000) + 60 * 60;
       logObject("user", user);
       return jwt.sign(
         {
@@ -856,7 +856,7 @@ UserSchema.methods.createToken = async function () {
           updatedAt: user.updatedAt,
           rateLimit: user.rateLimit,
           lastLogin: user.lastLogin,
-          exp: expirationTime,
+          exp: oneHourExpiry,
         },
         constants.JWT_SECRET
       );