feat: fix calculation of token invalidation #3077
|
@ -3,7 +3,7 @@ import {useRouter} from 'vue-router'
|
|||
import {useEventListener} from '@vueuse/core'
|
||||
|
||||
import {useAuthStore} from '@/stores/auth'
|
||||
import {MILLISECONDS_A_HOUR, SECONDS_A_HOUR} from '@/constants/date'
|
||||
import {MILLISECONDS_A_SECOND, SECONDS_A_HOUR} from '@/constants/date'
|
||||
|
||||
const SECONDS_TOKEN_VALID = 60 * SECONDS_A_HOUR
|
||||
|
||||
|
@ -24,11 +24,14 @@ export function useRenewTokenOnFocus() {
|
|||
return
|
||||
}
|
||||
|
||||
const expiresIn = (userInfo.value !== null ? userInfo.value.exp : 0) - new Date().valueOf() / MILLISECONDS_A_HOUR
|
||||
const nowInSeconds = new Date().getTime() / MILLISECONDS_A_SECOND
|
||||
konrad marked this conversation as resolved
|
||||
const expiresIn = userInfo.value !== null
|
||||
dpschen marked this conversation as resolved
dpschen
commented
I tried to make this part easier to understand. I tried to make this part easier to understand.
|
||||
? userInfo.value.exp - nowInSeconds
|
||||
: 0
|
||||
|
||||
// If the token expiry is negative, it is already expired and we have no choice but to redirect
|
||||
// the user to the login page
|
||||
if (expiresIn < 0) {
|
||||
if (expiresIn <= 0) {
|
||||
dpschen marked this conversation as resolved
dpschen
commented
I'm unsure about this. Even though very unlikely I understood this as we allow tokens that are only valid another second. Would probably be best to have some buffer here. I'm unsure about this. Even though very unlikely I understood this as we allow tokens that are only valid another second. Would probably be best to have some buffer here.
konrad
commented
I think it does not matter much to have that buffer but it's fine to leave it in. I think it does not matter much to have that buffer but it's fine to leave it in.
|
||||
await authStore.checkAuth()
|
||||
await router.push({name: 'user.login'})
|
||||
return
|
||||
|
|
Reference in New Issue
Block a user
MILLISECONDS_A_HOUR
is wrong. It was originally the value1000
which isMILLISECONDS_A_HOUR
.Why do we need that constant anyway if we're only dealing with milliseconds -> seconds here?
1000
wouldn't explain why we divide through it.The constant has the explanation in its name. but the real reason for me is mostly to be consequent. One should probably not touch the code if one doesn't know the metric 'milli'.
That makes sense.