From 8a342daef9e422cd50f9fb51a4e5afab55ab951c Mon Sep 17 00:00:00 2001
From: Vishal Banthia <vishal.banthia.vb@gmail.com>
Date: Thu, 3 Dec 2015 02:08:26 +0900
Subject: [PATCH] remove default expiry in jwt token

---
 lib/units/auth/ldap.js         |  3 +++
 lib/units/auth/mock.js         |  3 +++
 lib/units/auth/oauth2/index.js |  3 +++
 lib/units/websocket/index.js   | 16 +++++++---------
 lib/util/jwtutil.js            | 14 +++++++++-----
 5 files changed, 25 insertions(+), 14 deletions(-)

diff --git a/lib/units/auth/ldap.js b/lib/units/auth/ldap.js
index 209ace6a..bbe3a079 100644
--- a/lib/units/auth/ldap.js
+++ b/lib/units/auth/ldap.js
@@ -82,6 +82,9 @@ module.exports = function(options) {
               , name: user.cn
               }
             , secret: options.secret
+            , header: {
+                exp: Date.now() + 24 * 3600
+              }
             })
             res.status(200)
               .json({
diff --git a/lib/units/auth/mock.js b/lib/units/auth/mock.js
index 5fb77b95..d0025ec4 100644
--- a/lib/units/auth/mock.js
+++ b/lib/units/auth/mock.js
@@ -74,6 +74,9 @@ module.exports = function(options) {
               , name: req.body.name
               }
             , secret: options.secret
+            , header: {
+                exp: Date.now() + 24 * 3600
+              }
             })
             res.status(200)
               .json({
diff --git a/lib/units/auth/oauth2/index.js b/lib/units/auth/oauth2/index.js
index cbf6a36c..6931bdfc 100644
--- a/lib/units/auth/oauth2/index.js
+++ b/lib/units/auth/oauth2/index.js
@@ -39,6 +39,9 @@ module.exports = function(options) {
             , name: req.user.email.split('@', 1).join('')
             }
           , secret: options.secret
+          , header: {
+              exp: Date.now() + 24 * 3600
+            }
           })
         }))
       }
diff --git a/lib/units/websocket/index.js b/lib/units/websocket/index.js
index 883ff45f..bdb4e931 100644
--- a/lib/units/websocket/index.js
+++ b/lib/units/websocket/index.js
@@ -337,15 +337,13 @@ module.exports = function(options) {
           dbapi.resetUserSettings(user.email)
         })
         .on('user.keys.accessToken.generate', function(data) {
-          var expiry = Date.now() + 100 * 365 * 24 * 3600
-            , jwt = jwtutil.encode({
-                payload: {
-                  email: user.email
-                , name: user.name
-                }
-              , secret: options.secret
-              , expiry: expiry
-            })
+          var jwt = jwtutil.encode({
+            payload: {
+              email: user.email
+            , name: user.name
+            }
+          , secret: options.secret
+          })
 
           var tokenId = uuid.v4()
             , title = data.title
diff --git a/lib/util/jwtutil.js b/lib/util/jwtutil.js
index b5079bd1..35d1f5a4 100644
--- a/lib/util/jwtutil.js
+++ b/lib/util/jwtutil.js
@@ -1,17 +1,21 @@
 var assert = require('assert')
 var jws = require('jws')
+var _ = require('lodash')
 
 module.exports.encode = function(options) {
   assert.ok(options.payload, 'payload required')
   assert.ok(options.secret, 'secret required')
 
-  var expiry = options.expiry || Date.now() + 24 * 3600
+  var header = {
+    alg: 'HS256'
+  }
+
+  if (options.header) {
+    header = _.merge(header, options.header)
+  }
 
   return jws.sign({
-    header: {
-      alg: 'HS256'
-    , exp: expiry
-    }
+    header: header
   , payload: options.payload
   , secret: options.secret
   })