Skip to content

JWT Expiry #103

New issue
New issue
Open
Open
JWT Expiry#103
Labels
Priority: MediumType: Maintenance
@sergiomercado19

Description

@sergiomercado19
sergiomercado19
opened on Aug 26, 2020

A JWT consists of 3 sections: header, payload and signature. These can be observed in the JWT itself where they are separated by dots: <header>.<payload>.<signature>

The JWT payload has an expiry field that holds an epoch timestamp. Our current JWT is set to expire on the 2020-11-25 at 3:38pm (AEST). Since this is a development JWT it is fine to reset it manually, but once we deploy the JWT expiry should be set dynamically.

Resetting process

  1. Find the JWT in backend/server/constants.go. It is the string after Bearer in the AUTH_TOKEN constant.
  2. Copy it into https://jwt.io/
  3. Place the JWT_SECRET in the signature section of the this tool.
  4. Put the epoch time of the new expiry timestamp you wish to set in the exp field of the JWT payload.
  5. After the Encoded token updates, copy it over to constants.go and replace the old JWT.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Priority: MediumType: Maintenance

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions