From 77da2468ce87c8cae85c5e02776427e00bf22034 Mon Sep 17 00:00:00 2001 From: Pawan Jain Date: Wed, 27 Nov 2024 21:55:06 +0530 Subject: [PATCH] feat(application-generic): add SUBSCRIBER_WIDGET_JWT_EXPIRATION_TIME env variable (#7105) Co-authored-by: Dima Grossman --- apps/api/src/.example.env | 2 ++ apps/api/src/config/env.validators.ts | 1 + apps/worker/src/.example.env | 2 ++ apps/worker/src/config/env.validators.ts | 2 +- docker/community/.env.example | 2 ++ docker/community/docker-compose.yml | 2 ++ .../src/services/auth/community.auth.service.ts | 3 ++- 7 files changed, 12 insertions(+), 2 deletions(-) diff --git a/apps/api/src/.example.env b/apps/api/src/.example.env index 9602a31fe4f..e52163da0b3 100644 --- a/apps/api/src/.example.env +++ b/apps/api/src/.example.env @@ -87,3 +87,5 @@ TUNNEL_BASE_ADDRESS= PLAIN_SUPPORT_KEY='PLAIN_SUPPORT_KEY' PLAIN_IDENTITY_VERIFICATION_SECRET_KEY='PLAIN_IDENTITY_VERIFICATION_SECRET_KEY' NOVU_INTERNAL_SECRET_KEY= +# expressed in seconds or a string describing a time span [zeit/ms](https://github.com/zeit/ms.js). Eg: 60, "2 days", "10h", "7d" +SUBSCRIBER_WIDGET_JWT_EXPIRATION_TIME='15 days' diff --git a/apps/api/src/config/env.validators.ts b/apps/api/src/config/env.validators.ts index 3fde5408cd5..706179b815e 100644 --- a/apps/api/src/config/env.validators.ts +++ b/apps/api/src/config/env.validators.ts @@ -41,6 +41,7 @@ export const envValidators = { LEGACY_STAGING_DASHBOARD_URL: url({ default: undefined }), API_ROOT_URL: url(), NOVU_INVITE_TEAM_MEMBER_NUDGE_TRIGGER_IDENTIFIER: str({ default: undefined }), + SUBSCRIBER_WIDGET_JWT_EXPIRATION_TIME: str({ default: '15 days' }), // Novu Cloud third party services ...(processEnv.IS_SELF_HOSTED !== 'true' && diff --git a/apps/worker/src/.example.env b/apps/worker/src/.example.env index 1328ac6c1ee..3e936c036b1 100644 --- a/apps/worker/src/.example.env +++ b/apps/worker/src/.example.env @@ -77,3 +77,5 @@ BROADCAST_QUEUE_CHUNK_SIZE=100 MULTICAST_QUEUE_CHUNK_SIZE=100 API_ROOT_URL=http://localhost:3000 +# expressed in seconds or a string describing a time span [zeit/ms](https://github.com/zeit/ms.js). Eg: 60, "2 days", "10h", "7d" +SUBSCRIBER_WIDGET_JWT_EXPIRATION_TIME='15 days' diff --git a/apps/worker/src/config/env.validators.ts b/apps/worker/src/config/env.validators.ts index b6177c17b48..837f9568f44 100644 --- a/apps/worker/src/config/env.validators.ts +++ b/apps/worker/src/config/env.validators.ts @@ -57,7 +57,7 @@ export const envValidators = { STRIPE_API_KEY: str({ default: undefined }), NOTIFICATION_RETENTION_DAYS: num({ default: DEFAULT_NOTIFICATION_RETENTION_DAYS }), API_ROOT_URL: url(), - + SUBSCRIBER_WIDGET_JWT_EXPIRATION_TIME: str({ default: '15 days' }), // Feature Flags ...Object.keys(FeatureFlagsKeysEnum).reduce( (acc, key) => { diff --git a/docker/community/.env.example b/docker/community/.env.example index e83cdfc3972..e987a5c79f2 100644 --- a/docker/community/.env.example +++ b/docker/community/.env.example @@ -2,6 +2,8 @@ # YOU MUST CHANGE THESE BEFORE GOING INTO PRODUCTION # used as a secret to verify the JWT token signature JWT_SECRET=your-secret +# expressed in seconds or a string describing a time span [zeit/ms](https://github.com/zeit/ms.js). Eg: 60, "2 days", "10h", "7d" +SUBSCRIBER_WIDGET_JWT_EXPIRATION_TIME="15 days" # used to encrypt/decrypt the provider credentials STORE_ENCRYPTION_KEY= diff --git a/docker/community/docker-compose.yml b/docker/community/docker-compose.yml index b15831ec23e..1fd7a984106 100644 --- a/docker/community/docker-compose.yml +++ b/docker/community/docker-compose.yml @@ -81,6 +81,7 @@ services: AWS_SECRET_ACCESS_KEY: ${AWS_SECRET_ACCESS_KEY} JWT_SECRET: ${JWT_SECRET} STORE_ENCRYPTION_KEY: ${STORE_ENCRYPTION_KEY} + SUBSCRIBER_WIDGET_JWT_EXPIRATION_TIME: ${SUBSCRIBER_WIDGET_JWT_EXPIRATION_TIME} SENTRY_DSN: ${SENTRY_DSN} NEW_RELIC_APP_NAME: ${NEW_RELIC_APP_NAME} NEW_RELIC_LICENSE_KEY: ${NEW_RELIC_LICENSE_KEY} @@ -118,6 +119,7 @@ services: AWS_ACCESS_KEY_ID: ${AWS_ACCESS_KEY_ID} AWS_SECRET_ACCESS_KEY: ${AWS_SECRET_ACCESS_KEY} STORE_ENCRYPTION_KEY: ${STORE_ENCRYPTION_KEY} + SUBSCRIBER_WIDGET_JWT_EXPIRATION_TIME: ${SUBSCRIBER_WIDGET_JWT_EXPIRATION_TIME} SENTRY_DSN: ${SENTRY_DSN} NEW_RELIC_APP_NAME: ${NEW_RELIC_APP_NAME} NEW_RELIC_LICENSE_KEY: ${NEW_RELIC_LICENSE_KEY} diff --git a/libs/application-generic/src/services/auth/community.auth.service.ts b/libs/application-generic/src/services/auth/community.auth.service.ts index 0ff2cbc5694..c542eef3bcb 100644 --- a/libs/application-generic/src/services/auth/community.auth.service.ts +++ b/libs/application-generic/src/services/auth/community.auth.service.ts @@ -223,7 +223,8 @@ export class CommunityAuthService implements IAuthService { subscriberId: subscriber.subscriberId, }, { - expiresIn: '15 day', + expiresIn: + process.env.SUBSCRIBER_WIDGET_JWT_EXPIRATION_TIME || '15 days', issuer: 'novu_api', audience: 'widget_user', },