Skip to content
This repository was archived by the owner on Oct 6, 2023. It is now read-only.

Commit a891016

Browse files
nensornensor
committed
extended basic cookie timeout / session timeout to 45 minutes by request
Signed-off-by: Neal Ensor <[email protected]>
1 parent 97de1c3 commit a891016

File tree

1 file changed

+6
-5
lines changed

1 file changed

+6
-5
lines changed

src/main/java/gov/osti/security/DOECodeCrypt.java

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -11,11 +11,12 @@
1111
import io.jsonwebtoken.Claims;
1212
import io.jsonwebtoken.Jwts;
1313
import io.jsonwebtoken.SignatureAlgorithm;
14-
import java.time.LocalDate;
1514

1615
public class DOECodeCrypt {
1716

1817
private static final SecureRandom random = new SecureRandom();
18+
// set the TIME OUT value in MINUTES
19+
private static final int TIMEOUT_IN_MINUTES = 45;
1920

2021
public static String nextRandomString() {
2122
return new BigInteger(130, random).toString(32);
@@ -27,7 +28,7 @@ public static String nextUniqueString() {
2728
public static String generateLoginJWT(String userID, String xsrfToken) {
2829

2930
Calendar c = Calendar.getInstance();
30-
c.add(Calendar.MINUTE, 30);
31+
c.add(Calendar.MINUTE, TIMEOUT_IN_MINUTES);
3132
return Jwts.builder().setIssuer("doecode").claim("xsrfToken", xsrfToken).setSubject(userID).setExpiration(c.getTime()).signWith(SignatureAlgorithm.HS256,"Secret").compact();
3233

3334

@@ -42,7 +43,7 @@ public static String generateLoginJWT(String userID, String xsrfToken) {
4243
*/
4344
public static String generateConfirmationJwt(String confirmationCode, String email) {
4445
Calendar c = Calendar.getInstance();
45-
c.add(Calendar.MINUTE, 30);
46+
c.add(Calendar.MINUTE, TIMEOUT_IN_MINUTES);
4647
return Jwts.builder().setIssuer("doecode").setId(confirmationCode).setSubject(email).signWith(SignatureAlgorithm.HS256,"Secret").compact();
4748
}
4849

@@ -54,11 +55,11 @@ public static Claims parseJWT(String jwt) {
5455

5556
public static NewCookie generateNewCookie(String accessToken) {
5657
Calendar c = Calendar.getInstance();
57-
c.add(Calendar.MINUTE, 30);
58+
c.add(Calendar.MINUTE, TIMEOUT_IN_MINUTES);
5859

5960
Cookie cookie = new Cookie("accessToken", accessToken, "/", null);
6061

61-
return new NewCookie(cookie, "", 60*30, c.getTime(),false,true);
62+
return new NewCookie(cookie, "", 60*TIMEOUT_IN_MINUTES, c.getTime(),false,true);
6263
}
6364

6465
public static NewCookie invalidateCookie() {

0 commit comments

Comments
 (0)