hubert/SimpleNotes
1
0
Fork 0
Code Projects Releases Activity

Use different JWT secret for auth and refresh tokens..

Browse Source
This commit is contained in:
Hubert Van De Walle 2020-06-15 16:51:37 +02:00
parent 11740e5986
commit 7c364c7295
3 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
api/resources/application.dev.yaml
View File

@ -11,11 +11,12 @@ server:
cors: true cors: true
jwt: jwt:
secret: 9Io9kvgIedOcLdUvKl31OKf51jdTZcFHJFgqvEpfJuI= # Can be generated with `openssl rand -base64 32`
auth: auth:
secret: uiqzRNiMYwbObn/Ps5xTasYVeu/63ZuI+1oB98Ez+lY=
validity: 1 validity: 1
unit: HOURS unit: HOURS
refresh: refresh:
secret: wWchkx44YGig4Q5Z7b7+E/3ymGEGd6PS7UGedMul3bg=
validity: 15 validity: 15
unit: DAYS unit: DAYS

3
api/resources/application.prod.yaml
View File

@ -11,11 +11,12 @@ server:
cors: ${CORS:-true} cors: ${CORS:-true}
jwt: jwt:
secret: ${JWT_SECRET} # Can be generated with `openssl rand -base64 32`
auth: auth:
secret: ${JWT_SECRET} # Can be generated with `openssl rand -base64 32`
validity: 1 validity: 1
unit: HOURS unit: HOURS
refresh: refresh:
secret: ${JWT_REFRESH_SECRET} # Can be generated with `openssl rand -base64 32`
validity: 15 validity: 15
unit: DAYS unit: DAYS

8
api/src/features/ConfigurationFeature.kt
View File

@ -29,21 +29,21 @@ val configurationModule = Kodein.Module(name = "Configuration") {
data class DatabaseConfig(val host: String, val port: Int, val name: String, val username: String, val password: Masked) data class DatabaseConfig(val host: String, val port: Int, val name: String, val username: String, val password: Masked)
data class ServerConfig(val host: String, val port: Int, val cors: Boolean) data class ServerConfig(val host: String, val port: Int, val cors: Boolean)
data class JwtConfig(val secret: Masked, val auth: JwtValidity, val refresh: JwtValidity) data class JwtConfig(val auth: Jwt, val refresh: Jwt)
data class JwtValidity(val validity: Long, val unit: TimeUnit) data class Jwt(val validity: Long, val unit: TimeUnit, val secret: Masked)
data class Config(val database: DatabaseConfig, val server: ServerConfig, val jwt: JwtConfig) data class Config(val database: DatabaseConfig, val server: ServerConfig, val jwt: JwtConfig)
private fun configureAuthJwt(kodein: Kodein): SimpleJWT { private fun configureAuthJwt(kodein: Kodein): SimpleJWT {
val config by kodein.instance<Config>() val config by kodein.instance<Config>()
val jwtSecret = config.jwt.secret val jwtSecret = config.jwt.auth.secret
val authConfig = config.jwt.auth val authConfig = config.jwt.auth
return SimpleJWT(jwtSecret.value, authConfig.validity, authConfig.unit) return SimpleJWT(jwtSecret.value, authConfig.validity, authConfig.unit)
} }
private fun configureRefreshJwt(kodein: Kodein): SimpleJWT { private fun configureRefreshJwt(kodein: Kodein): SimpleJWT {
val config by kodein.instance<Config>() val config by kodein.instance<Config>()
val jwtSecret = config.jwt.secret val jwtSecret = config.jwt.refresh.secret
val refreshConfig = config.jwt.auth val refreshConfig = config.jwt.auth
return SimpleJWT(jwtSecret.value, refreshConfig.validity, refreshConfig.unit) return SimpleJWT(jwtSecret.value, refreshConfig.validity, refreshConfig.unit)
} }