From 32913b791b0a201171f042822a1b6d545384c3fb Mon Sep 17 00:00:00 2001
From: maxime <maximebatista18@gmail.com>
Date: Wed, 21 Feb 2024 17:15:34 +0100
Subject: [PATCH] fix jwt expiration validation

---
 API/Auth/Authentication.cs       | 3 +--
 API/Program.cs                   | 3 ++-
 API/appsettings.Development.json | 1 +
 API/appsettings.json             | 1 +
 ci/.drone.yml                    | 2 +-
 5 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/API/Auth/Authentication.cs b/API/Auth/Authentication.cs
index adad050..6165e51 100644
--- a/API/Auth/Authentication.cs
+++ b/API/Auth/Authentication.cs
@@ -1,13 +1,12 @@
 using System.IdentityModel.Tokens.Jwt;
 using System.Security.Claims;
-using Microsoft.AspNetCore.Cryptography.KeyDerivation;
 using Microsoft.IdentityModel.Tokens;
 
 namespace API.Auth;
 
 public static class Authentication
 {
-    private static readonly TimeSpan TokenLifetime = TimeSpan.FromMinutes(50);
+    private static readonly TimeSpan TokenLifetime = TimeSpan.FromMinutes(15);
 
     public static (string, DateTime) GenerateJwt(SymmetricSecurityKey key, IEnumerable<Claim> claims)
     {
diff --git a/API/Program.cs b/API/Program.cs
index 2a4f6f2..0c40272 100644
--- a/API/Program.cs
+++ b/API/Program.cs
@@ -39,7 +39,8 @@ builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
             ValidateLifetime = true,
             ValidateIssuer = false,
             ValidateAudience = false,
-            ValidateIssuerSigningKey = true
+            ValidateIssuerSigningKey = true,
+            ClockSkew = TimeSpan.Zero
         }
     );
 
diff --git a/API/appsettings.Development.json b/API/appsettings.Development.json
index fee9626..6a08a75 100644
--- a/API/appsettings.Development.json
+++ b/API/appsettings.Development.json
@@ -3,6 +3,7 @@
     "LogLevel": {
       "Default": "Information",
       "Microsoft.AspNetCore": "Warning",
+      "Microsoft.EntityFrameworkCore.Database.Command": "Warning",
       "Microsoft.AspNetCore.Authentication": "Trace"
     }
   },
diff --git a/API/appsettings.json b/API/appsettings.json
index d649d1b..79b1ebc 100644
--- a/API/appsettings.json
+++ b/API/appsettings.json
@@ -5,6 +5,7 @@
   "Logging": {
     "LogLevel": {
       "Default": "Information",
+      "Microsoft.EntityFrameworkCore.Database.Command": "Warning",
       "Microsoft.AspNetCore": "Warning",
       "Microsoft.AspNetCore.HttpLogging.HttpLoggingMiddleware": "Trace"
     }
diff --git a/ci/.drone.yml b/ci/.drone.yml
index fc841ea..dbfcd13 100644
--- a/ci/.drone.yml
+++ b/ci/.drone.yml
@@ -38,7 +38,7 @@ steps:
       - echo "$PRIVATE_KEY" > ~/.ssh/id_rsa
       - chmod 0600 ~/.ssh
       - chmod 0500 ~/.ssh/id_rsa*
-      - rsync -avz -e "ssh -p 80 -o 'StrictHostKeyChecking=no'" ci/deploy_staging_server.sh iqball@maxou.dev:/srv/www/iqball/$DRONE_BRANCH
+      - rsync -avz -e "ssh -p 80 -o 'StrictHostKeyChecking=no'" ci/deploy_staging_server.sh iqball@maxou.dev:/srv/www/iqball/$DRONE_BRANCH/
       - ssh -p 80 -o 'StrictHostKeyChecking=no' iqball@maxou.dev "chmod +x /srv/www/iqball/$DRONE_BRANCH/deploy_staging_server.sh && /srv/www/iqball/$DRONE_BRANCH/deploy_staging_server.sh $(echo $DRONE_BRANCH | tr / _) $DRONE_COMMIT_SHA"
     
 #   Deploy the production database and server on codefirst