Skip to content

Commit

Permalink
Merge pull request #65 from educ-ai-org/fix/token
Browse files Browse the repository at this point in the history 
Fix/token
  • Loading branch information
@DiegoSousa-11
DiegoSousa-11 committed Jun 8, 2024
2 parents 3839aa2 + 40ecb4c commit 486e303
Show file tree
Hide file tree
Showing 3 changed files with 22 additions and 10 deletions.
16 changes: 14 additions & 2 deletions src/main/java/api/educai/controllers/UserController.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,8 +49,12 @@ public ResponseEntity<AuthDTO> authUser(@RequestBody @Valid LoginDTO loginDTO, H
cookie.setMaxAge(15 * 24 * 60 * 60); // Expires in 15 days
cookie.setSecure(true);
cookie.setHttpOnly(true);
cookie.setPath("/");

String cookieHeader = String.format("refreshToken=%s; Max-Age=%d; Path=%s; Secure; HttpOnly; SameSite=strict",
authDTO.getRefreshToken(), cookie.getMaxAge(), cookie.getPath());
response.setHeader("Set-Cookie", cookieHeader);

response.addCookie(cookie);
return status(200).body(authDTO);
}

Expand Down Expand Up @@ -100,7 +104,7 @@ public ResponseEntity<List<? extends ClassroomInfoDTO>> getUserClassrooms(HttpSe
@PostMapping("/logoff")
public ResponseEntity<Void> logoff(
HttpServletRequest request,
@CookieValue(name = "refreshToken") @NotBlank String refreshToken,
@CookieValue(name = "refreshToken") String refreshToken,
HttpServletResponse response
) {
ObjectId userId = (ObjectId) request.getAttribute("userId");
Expand All @@ -112,8 +116,16 @@ public ResponseEntity<Void> logoff(

Cookie cookie = new Cookie("refreshToken", null);
cookie.setMaxAge(0);
cookie.setSecure(true);
cookie.setHttpOnly(true);
cookie.setPath("/");

response.addCookie(cookie);

String cookieHeader = String.format("refreshToken=; Max-Age=0; Path=%s; Secure; HttpOnly; SameSite=Strict",
cookie.getPath());
response.addHeader("Set-Cookie", cookieHeader);

return status(200).build();
}

Expand Down
8 changes: 4 additions & 4 deletions src/main/java/api/educai/services/token/RefreshToken.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,7 @@
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;

import java.time.Instant;
import java.time.LocalDateTime;
import java.time.ZoneOffset;
import java.time.*;
import java.util.Date;
import java.util.Optional;

Expand All @@ -30,7 +28,9 @@ public class RefreshToken implements IToken {
@Override
public String getToken(UserDetailsDTO user) {
try {
Instant exp = LocalDateTime.now().plusDays(15).toInstant(ZoneOffset.of("-03:00")); //Expires in 15 days
ZoneId zoneId = ZoneId.of("America/Sao_Paulo");
ZonedDateTime zonedDateTime = ZonedDateTime.now(zoneId).plusDays(15); //Expires in 15 days
Instant exp = zonedDateTime.toInstant();

return JWT.create()
.withClaim("id", user.getId().toString())
Expand Down
8 changes: 4 additions & 4 deletions src/main/java/api/educai/services/token/Token.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,9 +14,7 @@
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;

import java.time.Instant;
import java.time.LocalDateTime;
import java.time.ZoneOffset;
import java.time.*;
import java.util.Date;
import java.util.Optional;

Expand All @@ -30,7 +28,9 @@ public class Token implements IToken{
@Override
public String getToken(UserDetailsDTO user) {
try {
Instant exp = LocalDateTime.now().plusMinutes(15).toInstant(ZoneOffset.of("-03:00")); //Expires in 15 minutes
ZoneId zoneId = ZoneId.of("America/Sao_Paulo");
ZonedDateTime zonedDateTime = ZonedDateTime.now(zoneId).plusMinutes(15); //Expires in 15 minutes
Instant exp = zonedDateTime.toInstant();

return JWT.create()
.withIssuer("educ.ai-api")
Expand Down

0 comments on commit 486e303

Please sign in to comment.