fix: move iat inside payload

internxt · Jan 9, 2024 · 7a54d69 · 7a54d69
1 parent 8fb078e
commit 7a54d69
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 10 deletions.
diff --git a/src/modules/auth/jwt.strategy.spec.ts b/src/modules/auth/jwt.strategy.spec.ts
@@ -41,7 +41,7 @@ describe('Jwt strategy', () => {
     jest.spyOn(userUseCases, 'getUser').mockResolvedValue(user);
 
     await expect(
-      strategy.validate({ payload: { uuid: 'anyUuid' }, iat: tokenIat }),
+      strategy.validate({ payload: { uuid: 'anyUuid', iat: tokenIat } }),
     ).rejects.toThrow(UnauthorizedException);
   });
 
@@ -55,7 +55,7 @@ describe('Jwt strategy', () => {
     jest.spyOn(userUseCases, 'getUser').mockResolvedValue(user);
 
     await expect(
-      strategy.validate({ payload: { uuid: 'anyUuid' }, iat: tokenIat }),
+      strategy.validate({ payload: { uuid: 'anyUuid', iat: tokenIat } }),
     ).resolves.toBe(user);
   });
 
@@ -67,7 +67,7 @@ describe('Jwt strategy', () => {
     jest.spyOn(userUseCases, 'getUser').mockResolvedValue(user);
 
     await expect(
-      strategy.validate({ payload: { uuid: 'anyUuid' }, iat: tokenIat }),
+      strategy.validate({ payload: { uuid: 'anyUui', iat: tokenIat } }),
     ).resolves.toBe(user);
   });
 
@@ -91,7 +91,7 @@ describe('Jwt strategy', () => {
       .mockResolvedValue(owner);
 
     await expect(
-      strategy.validate({ payload: { uuid: anyUuid }, iat: tokenIat }),
+      strategy.validate({ payload: { uuid: anyUuid, iat: tokenIat } }),
     ).resolves.toBe(owner);
 
     expect(getUserSpy).toHaveBeenCalledWith(anyUuid);

diff --git a/src/modules/auth/jwt.strategy.ts b/src/modules/auth/jwt.strategy.ts
@@ -37,7 +37,7 @@ export class JwtStrategy extends PassportStrategy(Strategy, strategyId) {
       if (!payload.payload || !payload.payload.uuid) {
         throw new UnauthorizedException('Old token version detected');
       }
-      const { uuid } = payload.payload;
+      const { uuid, iat } = payload.payload;
       const user = await this.userUseCases.getUser(uuid);
       if (!user) {
         throw new UnauthorizedException();
@@ -48,10 +48,7 @@ export class JwtStrategy extends PassportStrategy(Strategy, strategyId) {
 
       const tokenOlderThanLastPasswordChangedAt =
         user.lastPasswordChangedAt &&
-        !isTokenIatGreaterThanDate(
-          new Date(user.lastPasswordChangedAt),
-          payload.iat,
-        );
+        !isTokenIatGreaterThanDate(new Date(user.lastPasswordChangedAt), iat);
 
       if (
         !userWithoutLastPasswordChangedAt &&

diff --git a/src/modules/user/user.usecase.ts b/src/modules/user/user.usecase.ts
@@ -533,8 +533,8 @@ export class UserUseCases {
           user: userData.bridgeUser,
           pass: userData.userId,
         },
+        iat: getTokenDefaultIat(),
       },
-      iat: getTokenDefaultIat(),
     };
   }