iio/pingvin-share
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: store only 10 share tokens in the cookies and clear the expired ones

Browse Source
This commit is contained in:
Elias Schneider
2024-07-16 19:17:53 +02:00
parent 414bcecbb5
commit e5a0c649e3
2 changed files with 53 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
backend/src/share/share.service.ts
View File

@@ -4,7 +4,7 @@ import {
Injectable,
NotFoundException,
} from "@nestjs/common";
import { JwtService } from "@nestjs/jwt";
import { JwtService, JwtSignOptions } from "@nestjs/jwt";
import { Share, User } from "@prisma/client";
import * as archiver from "archiver";
import * as argon from "argon2";
@@ -328,15 +328,21 @@ export class ShareService {
const { expiration } = await this.prisma.share.findUnique({
where: { id: shareId },
});
return this.jwtService.sign(
{
shareId,
},
{
expiresIn: moment(expiration).diff(new Date(), "seconds") + "s",
secret: this.config.get("internal.jwtSecret"),
},
);
const tokenPayload = {
shareId,
iat: moment().unix(),
};
const tokenOptions: JwtSignOptions = {
secret: this.config.get("internal.jwtSecret"),
};
if (!moment(expiration).isSame(0)) {
tokenOptions.expiresIn = moment(expiration).diff(new Date(), "seconds");
}
return this.jwtService.sign(tokenPayload, tokenOptions);
}
async verifyShareToken(shareId: string, token: string) {