Set different expiry for access and refresh tokens

.env_example

@@ -2,7 +2,8 @@ DATABASE_URI=file:data.db
 LOG_FILE_PATH=
 SENTRY_DSN=
 JWT_SECRET=SECRET_CHANGE_ME
-JWT_EXPIRY=604800
+JWT_ACCESS_EXPIRY=604800
+JWT_REFRESH_EXPIRY=172800
 LND_ADDRESS=
 LND_MACAROON_HEX=
 LND_CERT_HEX=

README.md

@@ -30,7 +30,8 @@ vim .env # edit your config
 
 + `DATABASE_URI`: The URI for the database. If you want to use SQLite use for example: `file:data.db`
 + `JWT_SECRET`: We use [JWT](https://jwt.io/) for access tokens. Configure your secret here
-+ `JWT_EXPIRY`: How long the access tokens should be valid (in seconds)
++ `JWT_ACCESS_EXPIRY`: How long the access tokens should be valid (in seconds, default 2 days)
++ `JWT_REFRESH_EXPIRY`: How long the refresh tokens should be valid (in seconds, default 7 days)
 + `LND_ADDRESS`: LND gRPC address (with port) (e.g. localhost:10009)
 + `LND_MACAROON_HEX`: LND macaroon (hex)
 + `LND_CERT_HEX`: LND certificate (hex)

integration_tests/util.go

@@ -37,11 +37,12 @@ func LndHubTestServiceInit(lndClientMock lnd.LightningClientWrapper) (svc *servi
 	//make sure the datbase is empty every time you run the test suite
 	dbUri := "postgresql://user:password@localhost/lndhub?sslmode=disable"
 	c := &service.Config{
-		DatabaseUri:    dbUri,
-		JWTSecret:      []byte("SECRET"),
-		JWTExpiry:      3600,
-		LNDAddress:     lnd1RegtestAddress,
-		LNDMacaroonHex: lnd1RegtestMacaroonHex,
+		DatabaseUri:           dbUri,
+		JWTSecret:             []byte("SECRET"),
+		JWTAccessTokenExpiry:  3600,
+		JWTRefreshTokenExpiry: 3600,
+		LNDAddress:            lnd1RegtestAddress,
+		LNDMacaroonHex:        lnd1RegtestMacaroonHex,
 	}
 	dbConn, err := db.Open(c.DatabaseUri)
 	if err != nil {

lib/service/config.go

@@ -1,14 +1,15 @@
 package service
 
 type Config struct {
-	DatabaseUri    string `envconfig:"DATABASE_URI" required:"true"`
-	SentryDSN      string `envconfig:"SENTRY_DSN"`
-	LogFilePath    string `envconfig:"LOG_FILE_PATH"`
-	JWTSecret      []byte `envconfig:"JWT_SECRET" required:"true"`
-	JWTExpiry      int    `envconfig:"JWT_EXPIRY" default:"604800"` // in seconds
-	LNDAddress     string `envconfig:"LND_ADDRESS" required:"true"`
-	LNDMacaroonHex string `envconfig:"LND_MACAROON_HEX" required:"true"`
-	LNDCertHex     string `envconfig:"LND_CERT_HEX"`
-	CustomName     string `envconfig:"CUSTOM_NAME"`
-	Port           int    `envconfig:"PORT" default:"3000"`
+	DatabaseUri           string `envconfig:"DATABASE_URI" required:"true"`
+	SentryDSN             string `envconfig:"SENTRY_DSN"`
+	LogFilePath           string `envconfig:"LOG_FILE_PATH"`
+	JWTSecret             []byte `envconfig:"JWT_SECRET" required:"true"`
+	JWTRefreshTokenExpiry int    `envconfig:"JWT_REFRESH_EXPIRY" default:"604800"` // in seconds, 7 days
+	JWTAccessTokenExpiry  int    `envconfig:"JWT_ACCESS_EXPIRY" default:"172800"`  // in seconds, 2 days
+	LNDAddress            string `envconfig:"LND_ADDRESS" required:"true"`
+	LNDMacaroonHex        string `envconfig:"LND_MACAROON_HEX" required:"true"`
+	LNDCertHex            string `envconfig:"LND_CERT_HEX"`
+	CustomName            string `envconfig:"CUSTOM_NAME"`
+	Port                  int    `envconfig:"PORT" default:"3000"`
 }

lib/service/service.go

@@ -52,12 +52,12 @@ func (svc *LndhubService) GenerateToken(ctx context.Context, login, password, in
 		}
 	}
 
-	accessToken, err = tokens.GenerateAccessToken(svc.Config.JWTSecret, svc.Config.JWTExpiry, &user)
+	accessToken, err = tokens.GenerateAccessToken(svc.Config.JWTSecret, svc.Config.JWTAccessTokenExpiry, &user)
 	if err != nil {
 		return "", "", err
 	}
 
-	refreshToken, err = tokens.GenerateRefreshToken(svc.Config.JWTSecret, svc.Config.JWTExpiry, &user)
+	refreshToken, err = tokens.GenerateRefreshToken(svc.Config.JWTSecret, svc.Config.JWTRefreshTokenExpiry, &user)
 	if err != nil {
 		return "", "", err
 	}