Skip to content

Commit

Permalink
Merge pull request #399 from DLzer/master
Browse files Browse the repository at this point in the history 
Added typing to avoid overflow warnings
  • Loading branch information
@rishabhpoddar
rishabhpoddar authored Mar 14, 2024
2 parents 0883a0f + 2a13a47 commit c66ee33
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 4 deletions.
3 changes: 3 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

## [unreleased]

## [0.17.5] - 2024-03-14
- Adds a type uint64 to the `accessTokenCookiesExpiryDurationMillis` local variable in `recipe/session/utils.go`. It also removes the redundant `uint64` type forcing needed because of the untyped variable.

## [0.17.4] - 2024-02-08

- Adds `TLSConfig` to SMTP settings.
Expand Down
6 changes: 3 additions & 3 deletions recipe/session/utils.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -239,7 +239,7 @@ func ValidateAndNormaliseUserInput(appInfo supertokens.NormalisedAppinfo, config
return typeNormalisedInput, nil
}

var accessTokenCookiesExpiryDurationMillis = 3153600000000
var accessTokenCookiesExpiryDurationMillis uint64 = 3153600000000

func normaliseSameSiteOrThrowError(sameSite string) (string, error) {
sameSite = strings.TrimSpace(sameSite)
Expand Down Expand Up @@ -301,14 +301,14 @@ func SetAccessTokenInResponse(config sessmodels.TypeNormalisedInput, res http.Re
// This should be safe to do, since this is only the validity of the cookie (set here or on the frontend) but we check the expiration of the JWT anyway.
// Even if the token is expired the presence of the token indicates that the user could have a valid refresh
// Setting them to infinity would require special case handling on the frontend and just adding 100 years seems enough.
setToken(config, res, sessmodels.AccessToken, accessToken, GetCurrTimeInMS()+uint64(accessTokenCookiesExpiryDurationMillis), tokenTransferMethod, request, userContext)
setToken(config, res, sessmodels.AccessToken, accessToken, GetCurrTimeInMS()+accessTokenCookiesExpiryDurationMillis, tokenTransferMethod, request, userContext)

if config.ExposeAccessTokenToFrontendInCookieBasedAuth && tokenTransferMethod == sessmodels.CookieTransferMethod {
// We set the expiration to 100 years, because we can't really access the expiration of the refresh token everywhere we are setting it.
// This should be safe to do, since this is only the validity of the cookie (set here or on the frontend) but we check the expiration of the JWT anyway.
// Even if the token is expired the presence of the token indicates that the user could have a valid refresh
// Setting them to infinity would require special case handling on the frontend and just adding 100 years seems enough.
setToken(config, res, sessmodels.AccessToken, accessToken, GetCurrTimeInMS()+uint64(accessTokenCookiesExpiryDurationMillis), sessmodels.HeaderTransferMethod, request, userContext)
setToken(config, res, sessmodels.AccessToken, accessToken, GetCurrTimeInMS()+accessTokenCookiesExpiryDurationMillis, sessmodels.HeaderTransferMethod, request, userContext)
}
return nil
}
Expand Down
2 changes: 1 addition & 1 deletion supertokens/constants.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ const (
)

// VERSION current version of the lib
const VERSION = "0.17.4"
const VERSION = "0.17.5"

var (
cdiSupported = []string{"3.0"}
Expand Down

0 comments on commit c66ee33

Please sign in to comment.