[#51] JWT Token's expiration is configurable

2018-08-12 10:57:11 -06:00 · 2018-08-12 10:57:11 -06:00 · 9edae31787
parent 559de6910a
commit 9edae31787
2 changed files with 10 additions and 1 deletions
--- a/config/prod.exs
+++ b/config/prod.exs
@ -67,5 +67,13 @@ config :poa_backend,
         {"admin2", "password87654321"}
       ]

+# this will set the expiration in the JWT tokens, the format is `{integer, unit}` where unit is one of:
+# `:second` | `:seconds`
+# `:minute` | `:minutes`
+# `:hour` | `:hours`
+# `:week` | `:weeks`
+config :poa_backend,
+       jwt_ttl: {1, :hour}
+
 config :mnesia,
  dir: 'priv/data/mnesia' # make sure this directory exists!
--- a/lib/poa_backend/auth/router.ex
+++ b/lib/poa_backend/auth/router.ex
@ -19,7 +19,8 @@ defmodule POABackend.Auth.Router do
         [user_name, password] <- String.split(decoded64, ":"),
         {:ok, user} <- Auth.authenticate_user(user_name, password)
    do
-      {:ok, token, _} = POABackend.Auth.Guardian.encode_and_sign(user, %{}, ttl: @token_default_ttl)
+      ttl = Application.get_env(:poa_backend, :jwt_ttl, @token_default_ttl)
+      {:ok, token, _} = POABackend.Auth.Guardian.encode_and_sign(user, %{}, ttl: ttl)

      {:ok, result} =
        %{token: token}