fix: jwt - expiresIn to ms

ifpb · Oct 12, 2024 · 3445897 · 3445897
1 parent c93c7d0
commit 3445897
Show file tree

Hide file tree

Showing 5 changed files with 9 additions and 6 deletions.
diff --git a/public/codes/expressjs/invest-app-auth/src/routes.js b/public/codes/expressjs/invest-app-auth/src/routes.js
@@ -176,7 +176,7 @@ router.post('/signin', async (req, res) => {
       const token = jwt.sign(
         { userId },
         process.env.JWT_SECRET,
-        { expiresIn: 3600 } // 1h
+        { expiresIn: 3600000 } // 1h
       );
 
       return res.json({ auth: true, token });

diff --git a/public/codes/expressjs/invest-app-email/src/routes.js b/public/codes/expressjs/invest-app-email/src/routes.js
@@ -291,7 +291,7 @@ router.post(
         const token = jwt.sign(
           { userId },
           process.env.JWT_SECRET,
-          { expiresIn: 3600 } // 1h
+          { expiresIn: 3600000 } // 1h
         );
 
         return res.json({ auth: true, token });

diff --git a/public/codes/expressjs/invest-app-upload/src/routes.js b/public/codes/expressjs/invest-app-upload/src/routes.js
@@ -341,7 +341,7 @@ router.post(
         const token = jwt.sign(
           { userId },
           process.env.JWT_SECRET,
-          { expiresIn: 3600 } // 1h
+          { expiresIn: 3600000 } // 1h
         );
 
         return res.json({ auth: true, token });

diff --git a/public/codes/expressjs/invest-app-validation/src/routes.js b/public/codes/expressjs/invest-app-validation/src/routes.js
@@ -287,7 +287,7 @@ router.post(
         const token = jwt.sign(
           { userId },
           process.env.JWT_SECRET,
-          { expiresIn: 3600 } // 1h
+          { expiresIn: 3600000 } // 1h
         );
 
         return res.json({ auth: true, token });

diff --git a/src/content/classnotes/expressjs/auth/index.mdx b/src/content/classnotes/expressjs/auth/index.mdx
@@ -47,7 +47,7 @@ jwt.sign(
 jwt.sign(
   { userId: 1 },
   'secret',
-  { expiresIn: 3600 } // 1h
+  { expiresIn: 3600000 } // 1h
 );
 //=> eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOjEsImlhdCI6MTcyODc0Njc4NiwiZXhwIjoxNzI4NzUwMzg2fQ.V1eHtVYWaI5Rji8wd4onYIGqdTGlm6NAmUeIiw6G7Gw
 
@@ -66,7 +66,7 @@ jwt.sign(
 jwt.sign(
   { userId: 1 },
   'abc',
-  { expiresIn: 3600 } // 1h
+  { expiresIn: 3600000 } // { expiresIn: '1h' }
 );
 //=> eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOjEsImlhdCI6MTcyODc0ODQ5NywiZXhwIjoxNzI4NzUyMDk3fQ.0m_bFbC337WRu0bqlabUJ1hN-hNwOXVJUHKBbSdmz7s
 
@@ -83,6 +83,7 @@ Observações:
 
 - `iat` (`Issued At` ou `Gerado em`) é o timestamp de quando o token foi gerado;
 - A `signature` é gerado pela assinatura do `header.payload` + `privateKey` ([HMAC-SHA256 Hash Generator](https://www.devglan.com/online-tools/hmac-sha256-online));
+- expiresIn: expressed in seconds or a string describing a time span [vercel/ms](https://github.com/vercel/ms).
 
 Decode: jwt.verify(token, privateKey)
 
@@ -116,6 +117,8 @@ jwt.verify(
 //=> { userId: 1, iat: 1728746786, exp: 1728750386 }
 ```
 
+> Sabendo que o `privateKey` é `secret`, gere um novo token para o usuário de `id` igual a `2` com `1h` de expiração.
+
 ## Middleware
 
 ```text