tokens: ability to set no expiration

This commit is contained in:
May 2023-10-02 22:00:21 -07:00
parent 5e15b20c10
commit 0071c17fe5
2 changed files with 4 additions and 3 deletions

View file

@ -37,7 +37,7 @@ export function create(
let token = { let token = {
account:id, account:id,
token:crypto.randomBytes(36).toString('hex'), token:crypto.randomBytes(36).toString('hex'),
expire:Date.now()+expire, expire: expire ? Date.now()+expire : 0,
type, type,
tokenPermissions: type == "App" ? tokenPermissions || ["user"] : undefined tokenPermissions: type == "App" ? tokenPermissions || ["user"] : undefined
@ -60,7 +60,7 @@ export function tokenFor(req: express.Request) {
} }
function getToken(token:string) { function getToken(token:string) {
return AuthTokens.find(e => e.token == token && Date.now() < e.expire) return AuthTokens.find(e => e.token == token && (e.expire == 0 || Date.now() < e.expire))
} }
export function validate(token:string) { export function validate(token:string) {
@ -76,6 +76,7 @@ export function getPermissions(token:string): TokenPermission[] | undefined {
} }
export function tokenTimer(token:AuthToken) { export function tokenTimer(token:AuthToken) {
if (!token.expire) return // justincase
if (Date.now() >= token.expire) { if (Date.now() >= token.expire) {
invalidate(token.token) invalidate(token.token)
return return

View file

@ -448,7 +448,7 @@ authRoutes.get("/me", requiresAccount, requiresPermissions("user"), (req,res) =>
let accId = acc.id let accId = acc.id
res.send({ res.send({
...acc, ...acc,
sessionCount: auth.AuthTokens.filter(e => e.type != "App" && e.account == accId && e.expire > Date.now()).length, sessionCount: auth.AuthTokens.filter(e => e.type != "App" && e.account == accId && (e.expire > Date.now() || !e.expire)).length,
sessionExpires: auth.AuthTokens.find(e => e.token == sessionToken)?.expire, sessionExpires: auth.AuthTokens.find(e => e.token == sessionToken)?.expire,
password: undefined, password: undefined,
email: email: