NotificationsYou must be signed in to change notification settings
Fork1.1k
Star11.4k

Commit5f56829

committed

chore: make cli session keys respect--session-duration

1 parent9da6467 commit5f56829Copy full SHA for 5f56829

File tree

2 files changed

+39

-5

lines changed

coderd
- apikey.go
- apikey_test.go

2 files changed

+39

-5

lines changed

`‎coderd/apikey.go‎`

Lines changed: 0 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -125,16 +125,11 @@ func (api API) postAPIKey(rw http.ResponseWriter, r http.Request) {`
`125`	`125`	`ctx:=r.Context()`
`126`	`126`	`user:=httpmw.UserParam(r)`
`127`	`127`
`128`		`-lifeTime:=time.Hour247`
`129`	`128`	`cookie,_,err:=api.createAPIKey(ctx, apikey.CreateParams{`
`130`	`129`	`UserID:user.ID,`
`131`	`130`	`DefaultLifetime:api.DeploymentValues.Sessions.DefaultDuration.Value(),`
`132`	`131`	`LoginType:database.LoginTypePassword,`
`133`	`132`	`RemoteAddr:r.RemoteAddr,`
`134`		`-// All api generated keys will last 1 week. Browser login tokens have`
`135`		`-// a shorter life.`
`136`		`-ExpiresAt:dbtime.Now().Add(lifeTime),`
`137`		`-LifetimeSeconds:int64(lifeTime.Seconds()),`
`138`	`133`	`})`
`139`	`134`	`iferr!=nil {`
`140`	`135`	`httpapi.Write(ctx,rw,http.StatusInternalServerError, codersdk.Response{`

`‎coderd/apikey_test.go‎`

Lines changed: 39 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -224,3 +224,42 @@ func TestAPIKey_Deleted(t *testing.T) {`
`224`	`224`	`require.ErrorAs(t,err,&apiErr)`
`225`	`225`	`require.Equal(t,http.StatusBadRequest,apiErr.StatusCode())`
`226`	`226`	`}`
	`227`	`+`
	`228`	`+funcTestAPIKey_Refresh(t*testing.T) {`
	`229`	`+t.Parallel()`
	`230`	`+`
	`231`	`+db,pubsub:=dbtestutil.NewDB(t)`
	`232`	`+client:=coderdtest.New(t,&coderdtest.Options{`
	`233`	`+Database:db,`
	`234`	`+Pubsub:pubsub,`
	`235`	`+})`
	`236`	`+owner:=coderdtest.CreateFirstUser(t,client)`
	`237`	`+`
	`238`	`+ctx,cancel:=context.WithTimeout(context.Background(),testutil.WaitLong)`
	`239`	`+defercancel()`
	`240`	`+`
	`241`	`+token,err:=client.CreateAPIKey(ctx,owner.UserID.String())`
	`242`	`+require.NoError(t,err)`
	`243`	`+split:=strings.Split(token.Key,"-")`
	`244`	`+apiKey1,err:=db.GetAPIKeyByID(ctx,split[0])`
	`245`	`+require.NoError(t,err)`
	`246`	`+require.Equal(t,int64(86400),apiKey1.LifetimeSeconds,"default should be 24 hours")`
	`247`	`+`
	`248`	`+err=db.UpdateAPIKeyByID(ctx, database.UpdateAPIKeyByIDParams{`
	`249`	`+ID:apiKey1.ID,`
	`250`	`+LastUsed:apiKey1.LastUsed,`
	`251`	`+// Cross the no-refresh threshold`
	`252`	`+ExpiresAt:apiKey1.ExpiresAt.Add(time.Hour*-2),`
	`253`	`+IPAddress:apiKey1.IPAddress,`
	`254`	`+})`
	`255`	`+require.NoError(t,err,"update login key")`
	`256`	`+`
	`257`	`+// Refresh the token`
	`258`	`+client.SetSessionToken(token.Key)`
	`259`	`+_,err=client.User(ctx,codersdk.Me)`
	`260`	`+require.NoError(t,err)`
	`261`	`+`
	`262`	`+apiKey2,err:=client.APIKeyByID(ctx,owner.UserID.String(),split[0])`
	`263`	`+require.NoError(t,err)`
	`264`	`+require.True(t,apiKey2.ExpiresAt.After(apiKey1.ExpiresAt),"token should have a later expiry")`
	`265`	`+}`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit5f56829

File tree

2 files changed

2 files changed

`‎coderd/apikey.go‎`

`‎coderd/apikey_test.go‎`

0 commit comments