fix jwt expiration validation

1 year ago · 32913b791b
parent d34e196830
commit 32913b791b
5 changed files with 6 additions and 4 deletions
--- a/API/Auth/Authentication.cs
+++ b/API/Auth/Authentication.cs
@ -1,13 +1,12 @@
 using System.IdentityModel.Tokens.Jwt;
 using System.Security.Claims;
-using Microsoft.AspNetCore.Cryptography.KeyDerivation;
 using Microsoft.IdentityModel.Tokens;

 namespace API.Auth;

 public static class Authentication
 {
-    private static readonly TimeSpan TokenLifetime = TimeSpan.FromMinutes(50);
+    private static readonly TimeSpan TokenLifetime = TimeSpan.FromMinutes(15);

    public static (string, DateTime) GenerateJwt(SymmetricSecurityKey key, IEnumerable<Claim> claims)
    {
--- a/API/Program.cs
+++ b/API/Program.cs
@ -39,7 +39,8 @@ builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
            ValidateLifetime = true,
            ValidateIssuer = false,
            ValidateAudience = false,
-            ValidateIssuerSigningKey = true
+            ValidateIssuerSigningKey = true,
+            ClockSkew = TimeSpan.Zero
        }
    );

--- a/API/appsettings.Development.json
+++ b/API/appsettings.Development.json
@ -3,6 +3,7 @@
    "LogLevel": {
      "Default": "Information",
      "Microsoft.AspNetCore": "Warning",
+      "Microsoft.EntityFrameworkCore.Database.Command": "Warning",
      "Microsoft.AspNetCore.Authentication": "Trace"
    }
  },
--- a/API/appsettings.json
+++ b/API/appsettings.json
@ -5,6 +5,7 @@
  "Logging": {
    "LogLevel": {
      "Default": "Information",
+      "Microsoft.EntityFrameworkCore.Database.Command": "Warning",
      "Microsoft.AspNetCore": "Warning",
      "Microsoft.AspNetCore.HttpLogging.HttpLoggingMiddleware": "Trace"
    }
--- a/ci/.drone.yml
+++ b/ci/.drone.yml
@ -38,7 +38,7 @@ steps:
      - echo "$PRIVATE_KEY" > ~/.ssh/id_rsa
      - chmod 0600 ~/.ssh
      - chmod 0500 ~/.ssh/id_rsa*
-      - rsync -avz -e "ssh -p 80 -o 'StrictHostKeyChecking=no'" ci/deploy_staging_server.sh iqball@maxou.dev:/srv/www/iqball/$DRONE_BRANCH
+      - rsync -avz -e "ssh -p 80 -o 'StrictHostKeyChecking=no'" ci/deploy_staging_server.sh iqball@maxou.dev:/srv/www/iqball/$DRONE_BRANCH/
      - ssh -p 80 -o 'StrictHostKeyChecking=no' iqball@maxou.dev "chmod +x /srv/www/iqball/$DRONE_BRANCH/deploy_staging_server.sh && /srv/www/iqball/$DRONE_BRANCH/deploy_staging_server.sh $(echo $DRONE_BRANCH | tr / _) $DRONE_COMMIT_SHA"
    
 #   Deploy the production database and server on codefirst