Merge pull request #2 from matthewsullivan/feature/add-jwt-expiration

matthewsullivan · web-flow · commit 678827ee4a30 · 2020-12-30T16:24:02.000-05:00
Feature/add JWT expiration
diff --git a/app/graph/authentication/mutations/login.rb b/app/graph/authentication/mutations/login.rb
@@ -23,7 +23,7 @@ def login_user!(credentials)
       user = User.find_by(email: credentials[:email])
       raise StandardError unless user&.authenticate(credentials[:password])
 
-      token = JwtHelper.encode_token({ user_id: user.id })
+      token = JwtHelper.encode_token({ email: user.email, user_id: user.id })
       { user: user, token: token }
     end
   end
diff --git a/app/helpers/jwt_helper.rb b/app/helpers/jwt_helper.rb
@@ -2,9 +2,10 @@
 
 module JwtHelper
   class << self
-    SECRET = ENV['RJPA_SECRET']
+    SECRET = ENV['JWT_SECRET']
 
     def encode_token(payload)
+      payload[:exp] = Time.now.to_i + ENV['JWT_EXPIRATION'].to_i
       JWT.encode(payload, SECRET)
     end
 
@@ -22,7 +23,7 @@ def logged_in_user(token)
 
     def decoded_token(token)
       JWT.decode(token, SECRET, true, algorithm: ENV['JWT_ALGORITHM'])
-    rescue StandardError => e
+    rescue JWT::ExpiredSignature, StandardError => e
       GraphQL::ExecutionError.new(e.message)
       nil
     end
diff --git a/config/local_env.yml b/config/local_env.yml
@@ -1,2 +1,3 @@
-RJPA_SECRET: 'RJPA_SECRET'
-JWT_ALGORITHM: 'HS256'
+JWT_ALGORITHM: 'HS256'
+JWT_EXPIRATION: '3600'
+JWT_SECRET: 'RJPA_SECRET'
