-
Notifications
You must be signed in to change notification settings - Fork 41
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add expiration time limit #1413
Conversation
Pull Request Test Coverage Report for Build 8741272486Details
💛 - Coveralls |
@@ -2,10 +2,18 @@ import { siweMessageBuilder } from '@/domain/siwe/entities/__tests__/siwe-messag | |||
import { VerifyAuthMessageDtoSchema } from '@/routes/auth/entities/verify-auth-message.dto.entity'; | |||
import { faker } from '@faker-js/faker'; | |||
|
|||
const MAX_VALIDITY_PERIOD_IN_MS = 15 * 60 * 1_000; // 15 minutes | |||
|
|||
describe('VerifyAuthMessageDto', () => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe I'm not getting it 100% right here, but I'm thinking whether we should call jest.useFakeTimers
also here (as in AuthController
tests) or not, to make sure the edge cases (faker
returning threshold dates) doesn't make the tests flaky.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's true. I've adjusted it to include fake timers in 8fdb401.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've only left a small doubt/comment, but overall it looks good to me 👏🏻
Adds a 15 minute limit for the validity period of JWT tokens. (It is currently hardcoded, but will eventually be injected.): - Change the `SiweMessageSchema` to a function that accepts a validity period. - Pass a value to `getSiweMessageSchema` in `VerifyAuthMessageDto`. - Add test case, as well as update existing tests.
Summary
This adds a 15 minute limit for the validity period of JWT tokens. (It is currently hardcoded, but will eventually be injected.)
Changes
SiweMessageSchema
to a function that accepts a validity period.getSiweMessageSchema
inVerifyAuthMessageDto
.