generating a new refresh token when it's close to expiryv0.24.0

2 files changed, 27 insertions, 2 deletions

diff --git a/auth/controller.go b/auth/controller.go
index c5c931a..86c0b2c 100644
--- a/auth/controller.go
+++ b/auth/controller.go
@@ -109,7 +109,7 @@ func handleSignIn(ctx *gin.Context) {
 		RefreshClaims{
 			jwt.RegisteredClaims{
 				IssuedAt:  jwt.NewNumericDate(time.Now()),
-				ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour * 6)),
+				ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour * 60)),
 			},
 			u.ID,
 			u.TokenVersion,
@@ -197,7 +197,32 @@ func handleRefresh(ctx *gin.Context) {
 		return
 	}
 
+	var refreshToken string
+	eat := claims.ExpiresAt.Unix()
+	if eat != 0 && eat < time.Now().Add(time.Hour * 6).Unix() {
+		// if refresh token expires in less than 6 hours, get a new one
+	  refreshToken, err = jwt.NewWithClaims(jwt.SigningMethodHS256,
+	  	RefreshClaims{
+	  		jwt.RegisteredClaims{
+	  			IssuedAt:  jwt.NewNumericDate(time.Now()),
+	  			ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour * 60)),
+	  		},
+	  		u.ID,
+	  		u.TokenVersion,
+	  	},
+	  ).SignedString(REFRESH_KEY)
+	  if err != nil {
+	  	// TODO: handle potential errors
+	  	ctx.Error(err)
+	  	ctx.Abort()
+	  	return
+	  }
+  } else {
+		refreshToken = req.RefreshToken
+	}
+
 	ctx.JSON(http.StatusOK, gin.H{
 		"auth_token": authToken,
+		"refresh_token": refreshToken,
 	})
 }
diff --git a/main.go b/main.go
index ec24e12..8dc0c7d 100644
--- a/main.go
+++ b/main.go
@@ -38,7 +38,7 @@ import (
 	"log"
 )
 
-const OPENBILLS_VERSION = "v0.23.1"
+const OPENBILLS_VERSION = "v0.24.0"
 
 func init() {
 	if !viper.GetBool("debug_mode") {