chore: custom iat in JWT

ful1e5 · Nov 21, 2023 · 4f56890 · 4f56890
1 parent b90ddf7
commit 4f56890
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/src/utils/auth/token.ts b/src/utils/auth/token.ts
@@ -8,13 +8,13 @@ import { JWTToken } from 'bibata/misc';
 const SECRET_KEY = process.env.NEXT_PUBLIC_JWT_SECRET;
 export const genAccessToken = (user?: User) => {
   const token_id = v4();
+  const iat = Math.floor(Date.now() / 1000);
 
-  let payload = { token_id, role: 'ANONYMOUS' };
-  if (user) payload = { ...user, token_id };
+  let payload = { iat, token_id, role: 'ANONYMOUS' };
+  if (user) payload = { iat, token_id, ...user };
 
   const token = jwt.sign(payload, process.env.NEXT_PUBLIC_JWT_SECRET, {
-    algorithm: 'HS256',
-    expiresIn: 360
+    algorithm: 'HS256'
   });
 
   return {