Appwrite/appwrite
1
0
Fork 0
mirror of https://github.com/appwrite/appwrite.git synced 2026-05-26 13:51:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

linter

Browse Source
This commit is contained in:
Evan
2025-08-15 17:35:49 -07:00
parent eec62752ed
commit 3a9353a78b
2 changed files with 9 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/Appwrite/Utopia/Response/Model/ResourceToken.php
+5 -5
View File
@@ -63,13 +63,13 @@ class ResourceToken extends Model
{
$expire = $document->getAttribute('expire');
$now = new \DateTime();
// Calculate expiration timestamp for JWT
$expTimestamp = null;
if ($expire !== null) {
$expiryDate = new \DateTime($expire);
$secondsUntilExpiry = $expiryDate->getTimestamp() - $now->getTimestamp();
// If token is expired, set expiration to 1 minute from now
// We check for actual expiry later on route hooks for validation
if ($secondsUntilExpiry <= 0) {
@@ -81,19 +81,19 @@ class ResourceToken extends Model
// Use maxAge as fallback, but rely on exp in payload for actual expiration
$jwt = new JWT(System::getEnv('_APP_OPENSSL_KEY_V1'), 'HS256', PHP_INT_MAX, 10);
$payload = [
'tokenId' => $document->getId(),
'resourceId' => $document->getAttribute('resourceId'),
'resourceType' => $document->getAttribute('resourceType'),
'resourceInternalId' => $document->getAttribute('resourceInternalId'),
];
// Set explicit expiration in JWT payload if we have an expiry date
if ($expTimestamp !== null) {
$payload['exp'] = $expTimestamp;
}
$secret = $jwt->encode($payload);
$document->setAttribute('secret', $secret);
tests/e2e/Services/Tokens/TokensConsoleClientTest.php
+4 -4
View File
@@ -126,17 +126,17 @@ class TokensConsoleClientTest extends Scope
$this->assertEquals(201, $expiredToken['headers']['status-code']);
$this->assertEquals('files', $expiredToken['body']['resourceType']);
// Verify that the JWT is generated without causing a 500 error
$this->assertNotEmpty($expiredToken['body']['secret']);
// Parse the JWT to verify expiration is set correctly for expired tokens
$jwtParts = explode('.', $expiredToken['body']['secret']);
$this->assertCount(3, $jwtParts, 'JWT should have 3 parts');
$payload = json_decode(base64_decode($jwtParts[1]), true);
$this->assertArrayHasKey('exp', $payload, 'JWT payload should contain exp field');
// For expired tokens, exp should be set to a short time in the future (around 1 minute)
$now = time();
$this->assertGreaterThan($now, $payload['exp'], 'JWT exp should be in the future even for expired tokens');