From bfea36118214c18960f810b4fc6c231f3c6c9fdd Mon Sep 17 00:00:00 2001
From: Josh Gachnang <josh@nang.io>
Date: Mon, 6 Dec 2021 16:39:59 -0600
Subject: [PATCH] JWT Fixes (#14)

* Fix not building example

* Allow setting expires in via environment
---
 src/example.ts               | 8 +++-----
 src/mongooseRestFramework.ts | 9 ++++++---
 2 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/src/example.ts b/src/example.ts
index 306bcfc..901baf8 100644
--- a/src/example.ts
+++ b/src/example.ts
@@ -1,16 +1,14 @@
 import chai from "chai";
-import express, {Express} from "express";
+import express from "express";
 import mongoose, {model, Schema} from "mongoose";
 import passportLocalMongoose from "passport-local-mongoose";
-import supertest from "supertest";
 import {tokenPlugin} from ".";
 import {
-  AdminOwnerTransformer,
+  baseUserPlugin,
+  createdDeletedPlugin,
   gooseRestRouter,
   Permissions,
   setupAuth,
-  baseUserPlugin,
-  createdDeletedPlugin,
 } from "./mongooseRestFramework";
 
 const assert = chai.assert;
diff --git a/src/mongooseRestFramework.ts b/src/mongooseRestFramework.ts
index ae760d3..763dc85 100644
--- a/src/mongooseRestFramework.ts
+++ b/src/mongooseRestFramework.ts
@@ -149,16 +149,19 @@ export function checkPermissions<T>(
   return anyTrue;
 }
 
-export function tokenPlugin(schema: Schema) {
+export function tokenPlugin(schema: Schema, options: {expiresIn?: number} = {}) {
   schema.add({token: {type: String, index: true}});
   schema.pre("save", function(next) {
     // Add created when creating the object
     if (!this.token) {
-      const options: any = {
+      const tokenOptions: any = {
         expiresIn: "10h",
       };
+      if ((process.env as any).TOKEN_EXPIRES_IN) {
+        tokenOptions.issuer = (process.env as any).TOKEN_EXPIRES_IN;
+      }
       if ((process.env as any).TOKEN_ISSUER) {
-        options.issuer = (process.env as any).TOKEN_ISSUER;
+        tokenOptions.issuer = (process.env as any).TOKEN_ISSUER;
       }
       this.token = jwt.sign({id: this._id.toString()}, (process.env as any).TOKEN_SECRET, options);
     }