created separate events JWT access secret

packages/altair-api/.env.example

@@ -1,4 +1,5 @@
 JWT_ACCESS_SECRET=
+EVENTS_JWT_ACCESS_SECRET=
 JWT_REFRESH_SECRET=
 GOOGLE_OAUTH_CLIENT_ID=
 GOOGLE_OAUTH_CLIENT_SECRET=

packages/altair-api/src/app.controller.ts

@@ -4,7 +4,7 @@ import { Request, Response } from 'express';
 import { PrismaService } from 'nestjs-prisma';
 import { map, Subject } from 'rxjs';
 import { AppService } from './app.service';
-import { ShortJwtAuthGuard } from './auth/guards/short-jwt-auth.guard';
+import { EventsJwtAuthGuard } from './auth/guards/events-jwt-auth.guard';
 import { EVENTS } from './common/events';
 
 @Controller()
@@ -20,7 +20,7 @@ export class AppController {
  return res.redirect('https://altairgraphql.dev');
  }
 
- @UseGuards(ShortJwtAuthGuard)
+ @UseGuards(EventsJwtAuthGuard)
  @Sse('events')
  handleUserEvents(@Req() req: Request) {
  const subject$ = new Subject();

packages/altair-api/src/auth/auth.controller.ts

@@ -50,7 +50,7 @@ export class AuthController {
 
  @Get('slt')
  @UseGuards(JwtAuthGuard)
- getShortlivedToken(@Req() req: Request) {
- return { slt: this.authService.getShortLivedToken(req.user.id) };
+ getShortlivedEventsToken(@Req() req: Request) {
+ return { slt: this.authService.getShortLivedEventsToken(req.user.id) };
  }
 }

packages/altair-api/src/auth/auth.module.ts

@@ -8,7 +8,7 @@ import { PasswordService } from './password/password.service';
 import { JwtStrategy } from './strategies/jwt.strategy';
 import { AuthController } from './auth.controller';
 import { GoogleStrategy } from './strategies/google.strategy';
-import { ShortJwtStrategy } from './strategies/jwt-short.strategy';
+import { EventsJwtStrategy } from './strategies/events-jwt.strategy';
 import { StripeService } from 'src/stripe/stripe.service';
 import { UserService } from './user/user.service';
 import { UserController } from './user/user.controller';
@@ -32,7 +32,7 @@ import { UserController } from './user/user.controller';
  providers: [
  AuthService,
  JwtStrategy,
- ShortJwtStrategy,
+ EventsJwtStrategy,
  GoogleStrategy,
  PasswordService,
  StripeService,

packages/altair-api/src/auth/auth.service.ts

@@ -113,13 +113,14 @@ export class AuthService {
  }
 
  /**
- * Generates a short-lived token for the purpose of event connection
+ * Generates a short-lived events token for the purpose of event connection
  */
- getShortLivedToken(userId: string): string {
+ getShortLivedEventsToken(userId: string): string {
  const securityConfig = this.configService.get<SecurityConfig>('security');
  return this.jwtService.sign(
  { userId },
  {
+ secret: this.configService.get<string>('EVENTS_JWT_ACCESS_SECRET'),
  expiresIn: securityConfig.shortExpiresIn,
  }
  );

packages/altair-api/src/auth/guards/short-jwt-auth.guard.ts → packages/altair-api/src/auth/guards/events-jwt-auth.guard.ts

@@ -2,4 +2,4 @@ import { Injectable } from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
 
 @Injectable()
-export class ShortJwtAuthGuard extends AuthGuard('short-jwt') {}
+export class EventsJwtAuthGuard extends AuthGuard('events-jwt') {}

packages/altair-api/src/auth/strategies/jwt-short.strategy.ts → packages/altair-api/src/auth/strategies/events-jwt.strategy.ts

@@ -7,14 +7,17 @@ import { AuthService } from '../auth.service';
 import { JwtDto } from '../models/jwt.dto';
 
 @Injectable()
-export class ShortJwtStrategy extends PassportStrategy(Strategy, 'short-jwt') {
+export class EventsJwtStrategy extends PassportStrategy(
+ Strategy,
+ 'events-jwt'
+) {
  constructor(
  private readonly authService: AuthService,
  readonly configService: ConfigService
  ) {
  super({
  jwtFromRequest: ExtractJwt.fromUrlQueryParameter('slt'),
- secretOrKey: configService.get('JWT_ACCESS_SECRET'),
+ secretOrKey: configService.get('EVENTS_JWT_ACCESS_SECRET'),
  });
  }