mirrors/pocket-id
1
0
Fork 0
mirror of https://github.com/pocket-id/pocket-id.git synced 2026-02-12 01:44:06 +00:00
Code Activity

fix: for one-time access tokens and signup tokens, pass TTLs instead of absolute expiration date (#855)

Browse Source
This commit is contained in:
Alessandro (Ale) Segala
2025-08-21 23:02:56 -07:00
committed by GitHub
parent 49f0fa423c
commit 7ab0fd3028
12 changed files with 205 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
frontend/src/lib/components/one-time-link-modal.svelte
View File

@@ -36,8 +36,7 @@
async function createLoginCode() {
try {
const expiration = new Date(Date.now() + availableExpirations[selectedExpiration] * 1000);
code = await userService.createOneTimeAccessToken(expiration, userId!);
code = await userService.createOneTimeAccessToken(userId!, availableExpirations[selectedExpiration]);
oneTimeLink = `${page.url.origin}/lc/${code}`;
} catch (e) {
axiosErrorToast(e);
@@ -46,8 +45,7 @@
async function sendLoginCodeEmail() {
try {
const expiration = new Date(Date.now() + availableExpirations[selectedExpiration] * 1000);
await userService.requestOneTimeAccessEmailAsAdmin(userId!, expiration);
await userService.requestOneTimeAccessEmailAsAdmin(userId!, availableExpirations[selectedExpiration]);
toast.success(m.login_code_email_success());
onOpenChange(false);
} catch (e) {
@@ -81,7 +79,7 @@
value={Object.keys(availableExpirations)[0]}
onValueChange={(v) => (selectedExpiration = v! as keyof typeof availableExpirations)}
>
<Select.Trigger id="expiration" class="h-9 w-full">
<Select.Trigger id="expiration" class="w-full h-9">
{selectedExpiration}
</Select.Trigger>
<Select.Content>
@@ -111,7 +109,7 @@
<p class="text-3xl font-code">{code}</p>
</CopyToClipboard>
<div class="text-muted-foreground my-2 flex items-center justify-center gap-3">
<div class="flex items-center justify-center gap-3 my-2 text-muted-foreground">
<Separator />
<p class="text-xs text-nowrap">{m.or_visit()}</p>
<Separator />

3
frontend/src/lib/components/signup/signup-token-modal.svelte
View File

@@ -37,8 +37,7 @@
async function createSignupToken() {
try {
const expiration = new Date(Date.now() + availableExpirations[selectedExpiration] * 1000);
signupToken = await userService.createSignupToken(expiration, usageLimit);
signupToken = await userService.createSignupToken(availableExpirations[selectedExpiration], usageLimit);
signupLink = `${page.url.origin}/st/${signupToken}`;
if (onTokenCreated) {

12
frontend/src/lib/services/user-service.ts
View File

@@ -75,17 +75,17 @@ export default class UserService extends APIService {
cachedProfilePicture.bustCache(userId);
}
async createOneTimeAccessToken(expiresAt: Date, userId: string) {
async createOneTimeAccessToken(userId: string = 'me', ttl?: string|number) {
const res = await this.api.post(`/users/${userId}/one-time-access-token`, {
userId,
expiresAt
ttl,
});
return res.data.token;
}
async createSignupToken(expiresAt: Date, usageLimit: number) {
async createSignupToken(ttl: string|number, usageLimit: number) {
const res = await this.api.post(`/signup-tokens`, {
expiresAt,
ttl,
usageLimit
});
return res.data.token;
@@ -100,8 +100,8 @@ export default class UserService extends APIService {
await this.api.post('/one-time-access-email', { email, redirectPath });
}
async requestOneTimeAccessEmailAsAdmin(userId: string, expiresAt: Date) {
await this.api.post(`/users/${userId}/one-time-access-email`, { expiresAt });
async requestOneTimeAccessEmailAsAdmin(userId: string, ttl: string|number) {
await this.api.post(`/users/${userId}/one-time-access-email`, { ttl });
}
async updateUserGroups(id: string, userGroupIds: string[]) {

5
frontend/src/routes/settings/account/login-code-modal.svelte
View File

@@ -22,9 +22,8 @@
$effect(() => {
if (show) {
const expiration = new Date(Date.now() + 15 * 60 * 1000);
userService
.createOneTimeAccessToken(expiration, 'me')
.createOneTimeAccessToken('me')
.then((c) => {
code = c;
loginCodeLink = page.url.origin + '/lc/' + code;
@@ -54,7 +53,7 @@
<CopyToClipboard value={code!}>
<p class="text-3xl font-code">{code}</p>
</CopyToClipboard>
<div class="text-muted-foreground my-2 flex items-center justify-center gap-3">
<div class="flex items-center justify-center gap-3 my-2 text-muted-foreground">
<Separator />
<p class="text-xs text-nowrap">{m.or_visit()}</p>
<Separator />