feat: auth advanced settings UI + reload auth on save

6 years ago · 3caa842d18
4 changed files with 53 additions and 17 deletions
--- a/client/components/admin/admin-auth.vue
+++ b/client/components/admin/admin-auth.vue
@ -20,19 +20,51 @@
            v-tab(v-for='strategy in activeStrategies', :key='strategy.key') {{ strategy.title }}

            v-tab-item(key='settings', :transition='false', :reverse-transition='false')
-              v-card.pa-3(flat, tile)
-                .body-2.grey--text.text--darken-1 Select which authentication strategies to enable:
-                .caption.grey--text.pb-2 Some strategies require additional configuration in their dedicated tab (when selected).
-                v-form
-                  v-checkbox.my-0(
-                    v-for='strategy in strategies'
-                    v-model='strategy.isEnabled'
-                    :key='strategy.key'
-                    :label='strategy.title'
-                    color='primary'
-                    :disabled='strategy.key === `local`'
-                    hide-details
-                  )
+                v-container.pa-3(fluid, grid-list-md)
+                  v-layout(row, wrap)
+                    v-flex(xs12, md6)
+                      .body-2.grey--text.text--darken-1 Select which authentication strategies to enable:
+                      .caption.grey--text.pb-2 Some strategies require additional configuration in their dedicated tab (when selected).
+                      v-form
+                        v-checkbox.my-0(
+                          v-for='strategy in strategies'
+                          v-model='strategy.isEnabled'
+                          :key='strategy.key'
+                          :label='strategy.title'
+                          color='primary'
+                          :disabled='strategy.key === `local`'
+                          hide-details
+                        )
+                    v-flex(xs12, md6)
+                      .pa-3.grey.radius-7(:class='$vuetify.dark ? "darken-4" : "lighten-5"')
+                        .body-2.grey--text.text--darken-1 Advanced Settings
+                        v-text-field.mt-3.md2(
+                          v-model='jwtAudience'
+                          outline
+                          background-color='grey lighten-2'
+                          prepend-icon='account_balance'
+                          label='JWT Audience'
+                          hint='Audience URN used in JWT issued upon login. Usually your domain name. (e.g. urn:your.domain.com)'
+                          persistent-hint
+                        )
+                        v-text-field.mt-3.md2(
+                          v-model='jwtExpiration'
+                          outline
+                          background-color='grey lighten-2'
+                          prepend-icon='schedule'
+                          label='Token Expiration'
+                          hint='The expiration period of a token until it must be renewed. (default: 30m)'
+                          persistent-hint
+                        )
+                        v-text-field.mt-3.md2(
+                          v-model='jwtRenewablePeriod'
+                          outline
+                          background-color='grey lighten-2'
+                          prepend-icon='update'
+                          label='Token Renewal Period'
+                          hint='The maximum period a token can be renewed when expired. (default: 14d)'
+                          persistent-hint
+                        )

            v-tab-item(v-for='(strategy, n) in activeStrategies', :key='strategy.key', :transition='false', :reverse-transition='false')
              v-card.pa-3(flat, tile)
@ -135,7 +167,10 @@ export default {
  data() {
    return {
      groups: [],
-      strategies: []
+      strategies: [],
+      jwtAudience: 'urn:wiki.js',
+      jwtExpiration: '30m',
+      jwtRenewablePeriod: '14d'
    }
  },
  computed: {
--- a/server/core/auth.js
+++ b/server/core/auth.js
@ -73,7 +73,7 @@ module.exports = {
          }
        })
        WIKI.auth.strategies[stg.key] = strategy
-        WIKI.logger.info(`Authentication Strategy ${stg.title}: [ OK ]`)
+        WIKI.logger.info(`Authentication Strategy ${stg.key}: [ OK ]`)
      }
    } catch (err) {
      WIKI.logger.error(`Authentication Strategy: [ FAILED ]`)
--- a/server/graph/resolvers/authentication.js
+++ b/server/graph/resolvers/authentication.js
@ -72,6 +72,7 @@ module.exports = {
            autoEnrollGroups: { v: str.autoEnrollGroups }
          }).where('key', str.key)
        }
+        await WIKI.auth.activateStrategies()
        return {
          responseResult: graphHelper.generateSuccess('Strategies updated successfully')
        }
--- a/server/middlewares/auth.js
+++ b/server/middlewares/auth.js
@ -14,7 +14,7 @@ module.exports = {
      if (err) { return next() }

      // Expired but still valid within 7 days, just renew
-      if (info instanceof jwt.TokenExpiredError && moment().subtract(7, 'days').isBefore(info.expiredAt)) {
+      if (info instanceof jwt.TokenExpiredError && moment().subtract(14, 'days').isBefore(info.expiredAt)) {
        const jwtPayload = jwt.decode(securityHelper.extractJWT(req))
        try {
          const newToken = await WIKI.models.users.refreshToken(jwtPayload.id)
@ -24,7 +24,7 @@ module.exports = {
          if (req.get('content-type') === 'application/json') {
            res.headers('new-jwt', newToken.token)
          } else {
-            res.cookie('jwt', newToken.token, { expires: moment().add(7, 'days').toDate() })
+            res.cookie('jwt', newToken.token, { expires: moment().add(365, 'days').toDate() })
          }
        } catch (err) {
          return next()