github
/
nocodb
mirror of https://github.com/nocodb/nocodb
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

Merge pull request #2423 from nocodb/fix/jwt-expiresIn 

fix: expired jwt token still usable
pull/2436/head
Pranav C 2 years ago committed by GitHub
parent
00f3ca6352 284e2a69ea
commit
f05e8dc3fe
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 26 additions and 19 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 14
      packages/nocodb/src/lib/Noco.ts
  2. 9
      packages/nocodb/src/lib/meta/api/userApi/initStrategies.ts

14
packages/nocodb/src/lib/Noco.ts
Unescape View File

@ -187,7 +187,7 @@ export default class Noco {
} }
await Noco._ncMeta.metaInit(); await Noco._ncMeta.metaInit();
await this.readOrGenJwtSecret(); await this.initJwt();
await initAdminFromEnv(); await initAdminFromEnv();
await NcUpgrader.upgrade({ ncMeta: Noco._ncMeta }); await NcUpgrader.upgrade({ ncMeta: Noco._ncMeta });
@ -489,8 +489,9 @@ export default class Noco {
} }
} }
private async readOrGenJwtSecret(): Promise<any> { private async initJwt(): Promise<any> {
if (this.config?.auth?.jwt && !this.config.auth.jwt.secret) { if (this.config?.auth?.jwt) {
if (!this.config.auth.jwt.secret) {
let secret = ( let secret = (
await Noco._ncMeta.metaGet('', '', 'nc_store', { await Noco._ncMeta.metaGet('', '', 'nc_store', {
key: 'nc_auth_jwt_secret' key: 'nc_auth_jwt_secret'
@ -504,6 +505,13 @@ export default class Noco {
} }
this.config.auth.jwt.secret = secret; this.config.auth.jwt.secret = secret;
} }
this.config.auth.jwt.options = this.config.auth.jwt.options || {};
if (!this.config.auth.jwt.options?.expiresIn) {
this.config.auth.jwt.options.expiresIn =
process.env.NC_JWT_EXPIRES_IN ?? '10h';
}
}
let serverId = ( let serverId = (
await Noco._ncMeta.metaGet('', '', 'nc_store', { await Noco._ncMeta.metaGet('', '', 'nc_store', {
key: 'nc_server_id' key: 'nc_server_id'

9
packages/nocodb/src/lib/meta/api/userApi/initStrategies.ts
Unescape View File

@ -2,18 +2,17 @@ import User from '../../../models/User';
import ProjectUser from '../../../models/ProjectUser'; import ProjectUser from '../../../models/ProjectUser';
import { promisify } from 'util'; import { promisify } from 'util';
import { Strategy as CustomStrategy } from 'passport-custom'; import { Strategy as CustomStrategy } from 'passport-custom';
import { Strategy } from 'passport-jwt';
import passport from 'passport'; import passport from 'passport';
import { ExtractJwt } from 'passport-jwt'; import passportJWT from 'passport-jwt';
import { Strategy as AuthTokenStrategy } from 'passport-auth-token'; import { Strategy as AuthTokenStrategy } from 'passport-auth-token';
import { Strategy as GoogleStrategy } from 'passport-google-oauth20'; import { Strategy as GoogleStrategy } from 'passport-google-oauth20';
import { randomTokenString } from '../../helpers/stringHelpers'; import { randomTokenString } from '../../helpers/stringHelpers';
const PassportLocalStrategy = require('passport-local').Strategy; const PassportLocalStrategy = require('passport-local').Strategy;
const ExtractJwt = passportJWT.ExtractJwt;
const JwtStrategy = passportJWT.Strategy;
const jwtOptions = { const jwtOptions = {
expiresIn: process.env.NC_JWT_EXPIRES_IN ?? '10h',
jwtFromRequest: ExtractJwt.fromHeader('xc-auth') jwtFromRequest: ExtractJwt.fromHeader('xc-auth')
}; };
@ -84,7 +83,7 @@ export function initStrategies(router): void {
}); });
passport.use( passport.use(
new Strategy( new JwtStrategy(
{ {
secretOrKey: Noco.getConfig().auth.jwt.secret, secretOrKey: Noco.getConfig().auth.jwt.secret,
...jwtOptions, ...jwtOptions,

Write Preview
Loading…
Cancel
Save