fix: cookies sent to us don't include the expiry time, so we need to parse from thr jwt echo it.

2024-03-20 14:56:18 -04:00 · 2024-03-20 14:56:18 -04:00 · 4a3028f61a
parent da19a2e287
commit 4a3028f61a
1 changed files with 13 additions and 1 deletions
--- a/account/jwt.go
+++ b/account/jwt.go
@ -143,10 +143,22 @@ func EchoAuthCookie(jc jape.Context, apiName string) {
 			continue
 		}

+		unverified, _, err := jwt.NewParser().ParseUnverified(cookies[0].Value, &jwt.RegisteredClaims{})
+		if err != nil {
+			http.Error(jc.ResponseWriter, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		exp, err := unverified.Claims.GetExpirationTime()
+		if err != nil {
+			http.Error(jc.ResponseWriter, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
 		http.SetCookie(jc.ResponseWriter, &http.Cookie{
 			Name:     cookies[0].Name,
 			Value:    cookies[0].Value,
-			Expires:  cookies[0].Expires,
+			Expires:  exp.Time,
 			Secure:   true,
 			HttpOnly: true,
 			Path:     "/",