Getting same token for every request

go-chi / jwtauth

JWT authentication middleware for Go HTTP services

MIT License

541 stars 91 forks source link

Getting same token for every request #57

Closed sahilpaudel-pe closed 3 years ago

sahilpaudel-pe commented 3 years ago

module.go

func (oM *OracleModule) Init(ctx context.Context, serverConfig serverConfig.ServerConfig) {
    // token init
    oM.tokenAuth = jwtauth.New("HS256", []byte(oM.config.JwtSecretKey), nil)
}

user.go

tokenString := oM.GenerateJwtToken(respBody["email"].(string), respBody["name"].(string))

Here the tokenString is giving same token everytime. Is this expected?

yieniggu commented 1 year ago

same thing here, returns the same token every time for a given account

pkieltyka commented 1 year ago

@yieniggu perhaps add a nonce inside of your claims ..? or "iat" ,etc..

yieniggu commented 1 year ago

yeah, just solved by setting expiration

func (app *Config) newJSONToken (user_id string, username string, email string) string {
    claims := map[string]interface{}{"user_id": user_id, "username": username, "email": email}

    jwtauth.SetExpiry(claims, time.Now().Add(time.Hour * 2))

    _, tokenString, _ := app.TokenAuth.Encode(claims)

    return tokenString

}