From d07227822f26164ba8dee5798a0f675d09995079 Mon Sep 17 00:00:00 2001 From: "Jingwei.Zhang" Date: Wed, 14 Jun 2023 16:27:38 +0800 Subject: [PATCH] feat: add jwt expire check 1. Check jwt expire by the time_expired value in the cookie, if current time is bigger than the time_expired value, the request's header will not has the X-Auth-Token, then the skyline-api will return 401. 2. update cypress command to use time_expired cookie Change-Id: I4a33649d3dbf630e36bcdee71462b4796e17f714 --- .../notes/Add-JWT-Expire-Check-c4dce4d269782a8c.yaml | 4 ++++ src/client/client/request.js | 10 +++++++++- test/e2e/support/commands.js | 12 ++++++++++-- test/e2e/support/index.js | 2 +- 4 files changed, 24 insertions(+), 4 deletions(-) create mode 100644 releasenotes/notes/Add-JWT-Expire-Check-c4dce4d269782a8c.yaml diff --git a/releasenotes/notes/Add-JWT-Expire-Check-c4dce4d269782a8c.yaml b/releasenotes/notes/Add-JWT-Expire-Check-c4dce4d269782a8c.yaml new file mode 100644 index 00000000..df1e8183 --- /dev/null +++ b/releasenotes/notes/Add-JWT-Expire-Check-c4dce4d269782a8c.yaml @@ -0,0 +1,4 @@ +--- +features: + - | + Check the JWT expire by the `time_expired` in the cookie for each request. diff --git a/src/client/client/request.js b/src/client/client/request.js index 91d96c17..953094e5 100644 --- a/src/client/client/request.js +++ b/src/client/client/request.js @@ -17,6 +17,8 @@ import { getLocalStorageItem } from 'utils/local-storage'; import { isEmpty } from 'lodash'; import qs from 'qs'; import { v4 as uuidv4 } from 'uuid'; +import moment from 'moment'; +import cookie from 'utils/cookie'; const METHODS = ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'COPY']; /** @@ -53,7 +55,13 @@ export class HttpRequest { addToken(config) { const keystoneToken = getLocalStorageItem('keystone_token') || ''; - if (keystoneToken) { + const timeExpiredStr = cookie('time_expired'); + let tokenIsValid = false; + if (timeExpiredStr) { + const now = moment().valueOf(); + tokenIsValid = now < timeExpiredStr * 1000; + } + if (keystoneToken && tokenIsValid) { config.headers['X-Auth-Token'] = keystoneToken; } } diff --git a/test/e2e/support/commands.js b/test/e2e/support/commands.js index 3530f0fc..2d491916 100644 --- a/test/e2e/support/commands.js +++ b/test/e2e/support/commands.js @@ -37,6 +37,7 @@ Cypress.Commands.add( (visitUrl = '', switchToAdmin = false, isAdmin = false) => { cy.setLanguage(); const switchProject = switchToAdmin; + cy.setCookie('time_expired', Cypress.config('timeExpired') || ''); if (isAdmin) { if (Cypress.config('adminToken')) { cy.setCookie('session', Cypress.config('adminSession')); @@ -74,12 +75,17 @@ Cypress.Commands.add( method: 'POST', }).then((res) => { const { body: resBody, headers } = res; - const [sk] = headers['set-cookie']; + const [sessionCookie, ...rest] = headers['set-cookie']; + const timeCookie = rest[rest.length - 1]; + const getCookieValue = (sk) => sk.split(';')[0].split('='); // eslint-disable-next-line no-unused-vars - const [_, session] = sk.split(';')[0].split('='); + const session = getCookieValue(sessionCookie)[1]; + const timeExpired = getCookieValue(timeCookie)[1] || ''; const { keystone_token } = resBody || {}; cy.setCookie('session', session); cy.setCookie('X-Auth-Token', keystone_token); + cy.setCookie('time_expired', timeExpired); + Cypress.config('timeExpired', timeExpired); if (isAdmin) { Cypress.config('adminToken', keystone_token); Cypress.config('adminSession', session); @@ -103,8 +109,10 @@ Cypress.Commands.add( Cypress.Commands.add('clearToken', () => { cy.setCookie('session', ''); cy.setCookie('X-Auth-Token', ''); + cy.setCookie('time_expired', ''); Cypress.config('token', null); Cypress.config('adminToken', null); + Cypress.config('timeExpired', null); }); Cypress.Commands.add('loginAdmin', (visitUrl = '', switchToAdmin = false) => { diff --git a/test/e2e/support/index.js b/test/e2e/support/index.js index 5603affc..b1a52297 100644 --- a/test/e2e/support/index.js +++ b/test/e2e/support/index.js @@ -39,7 +39,7 @@ import 'cypress-file-upload'; require('cypress-downloadfile/lib/downloadFileCommand'); Cypress.Cookies.defaults({ - preserve: ['session', 'X-Auth-Token', 'shouldSkip'], + preserve: ['session', 'X-Auth-Token', 'shouldSkip', 'time_expired'], }); Cypress.on(