v4l3n71n/covas-quarkus
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add maxages for cookie

Browse Source
This commit is contained in:
Valentin CZERYBA 2022-07-19 23:36:57 +02:00
parent 37205291ad
commit d1c84d5261
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/main/java/com/covas/Resources/TokenRessource.java
View File

@ -10,10 +10,13 @@ import javax.ws.rs.Path;
import javax.ws.rs.Produces; import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.NewCookie; import javax.ws.rs.core.NewCookie;
import javax.ws.rs.core.Cookie;
import javax.ws.rs.core.Response; import javax.ws.rs.core.Response;
import com.covas.Classes.Hash; import com.covas.Classes.Hash;
import com.covas.Entity.UsersEntity; import com.covas.Entity.UsersEntity;
import com.fasterxml.jackson.datatype.jsr310.deser.DurationDeserializer;
import io.smallrye.jwt.auth.principal.JWTParser; import io.smallrye.jwt.auth.principal.JWTParser;
import io.smallrye.jwt.auth.principal.ParseException; import io.smallrye.jwt.auth.principal.ParseException;
@ -64,13 +67,15 @@ public class TokenRessource {
// or create a JWT token encrypted using the 'A256KW' algorithm // or create a JWT token encrypted using the 'A256KW' algorithm
// Jwt.upn("alice").encryptWithSecret(secret); // Jwt.upn("alice").encryptWithSecret(secret);
String nameEncoded = Base64.toBase64String(name.getBytes(StandardCharsets.UTF_8)); String nameEncoded = Base64.toBase64String(name.getBytes(StandardCharsets.UTF_8));
return Response.status(Response.Status.CREATED).cookie(new NewCookie("jwt", newJwtCookie), new NewCookie("user", nameEncoded)).build(); return Response.status(Response.Status.CREATED).cookie(new NewCookie(new Cookie("jwt", newJwtCookie), "Token JWT", 60, false), new NewCookie(new Cookie("user", nameEncoded), "Username", 60, false)).build();
} }
// All mp.jwt and smallrye.jwt properties are still effective, only the verification key is customized. // All mp.jwt and smallrye.jwt properties are still effective, only the verification key is customized.
LOGGER.info(jwtCookie);
try { try {
jwt = parser.parse(jwtCookie); jwt = parser.parse(jwtCookie);
} }
catch(ParseException p){ catch(ParseException p){
LOGGER.info(p);
return Response.status(Response.Status.NOT_ACCEPTABLE).build(); return Response.status(Response.Status.NOT_ACCEPTABLE).build();
} }
// or jwt = parser.decrypt(jwtCookie, secret); // or jwt = parser.decrypt(jwtCookie, secret);