softwaremagico · softwaremagico · Jun 2, 2024 · Jun 2, 2024
diff --git a/backend/kendo-tournament-rest/src/main/java/com/softwaremagico/kt/rest/security/AuthApi.java b/backend/kendo-tournament-rest/src/main/java/com/softwaremagico/kt/rest/security/AuthApi.java
@@ -204,7 +204,7 @@ public ResponseEntity<IAuthenticatedUser> loginAsGuest(@RequestBody AuthGuestReq
                         .orElseThrow(() -> new GuestDisabledException(this.getClass(),
                                 String.format("User '%s' not found!", AuthenticatedUserProvider.GUEST_USER)));
                 final long jwtExpiration = jwtTokenUtil.getJwtGuestExpirationTime();
-                final String jwtToken = jwtTokenUtil.generateAccessToken(user, ip);
+                final String jwtToken = jwtTokenUtil.generateAccessToken(user, ip, jwtExpiration);
 
                 //Guest user can only access to non-locked tournaments.
                 final Tournament tournament = tournamentProvider.get(request.getTournamentId()).orElseThrow(() ->
@@ -239,7 +239,8 @@ public ResponseEntity<IAuthenticatedUser> getToken(@RequestBody TemporalToken te
         final ZonedDateTime zdt = token.getExpiration().atZone(ZoneId.systemDefault());
         final long milliseconds = zdt.toInstant().toEpochMilli();
 
-        final String jwtToken = jwtTokenUtil.generateAccessToken(token.getParticipant(), ip);
+        final long jwtExpiration = jwtTokenUtil.getJwtParticipantExpirationTime();
+        final String jwtToken = jwtTokenUtil.generateAccessToken(token.getParticipant(), ip, jwtExpiration);
 
         return ResponseEntity.ok()
                 .header(HttpHeaders.AUTHORIZATION, jwtToken)

diff --git a/...kendo-tournament-rest/src/main/java/com/softwaremagico/kt/rest/security/JwtTokenUtil.java b/...kendo-tournament-rest/src/main/java/com/softwaremagico/kt/rest/security/JwtTokenUtil.java
@@ -59,10 +59,12 @@ public class JwtTokenUtil {
     private final String jwtSecret;
     private final long jwtExpiration;
     private final long jwtGuestExpiration;
+    private final long jwtParticipantExpiration;
 
     @Autowired
     public JwtTokenUtil(@Value("${jwt.secret:#{null}}") String jwtSecret, @Value("${jwt.expiration}") String jwtExpiration,
                         @Value("${jwt.guest.expiration:null}") String jwtGuestExpiration,
+                        @Value("${jwt.participant.expiration:null}") String jwtParticipantExpiration,
                         NetworkController networkController) {
         this.networkController = networkController;
 
@@ -96,6 +98,19 @@ public JwtTokenUtil(@Value("${jwt.secret:#{null}}") String jwtSecret, @Value("${
             }
         }
         this.jwtGuestExpiration = calculatedGuestJwtExpiration;
+
+        //If not set, participant expiration is the same that the standard one.
+        long calculatedParticipantJwtExpiration;
+        if (jwtParticipantExpiration == null) {
+            calculatedParticipantJwtExpiration = this.jwtExpiration;
+        } else {
+            try {
+                calculatedParticipantJwtExpiration = Long.parseLong(jwtParticipantExpiration);
+            } catch (NumberFormatException e) {
+                calculatedParticipantJwtExpiration = this.jwtExpiration;
+            }
+        }
+        this.jwtParticipantExpiration = calculatedParticipantJwtExpiration;
     }
 
     private String generateRandomSecret() {
@@ -107,11 +122,15 @@ private String generateRandomSecret() {
 
 
     public String generateAccessToken(IAuthenticatedUser user, String userIp) {
+        return generateAccessToken(user, userIp, jwtExpiration);
+    }
+
+    public String generateAccessToken(IAuthenticatedUser user, String userIp, Long expirationTime) {
         return Jwts.builder()
                 .setSubject(String.format("%s,%s,%s,%s", user.getId(), user.getUsername(), userIp, networkController.getHostMac()))
                 .setIssuer(JWT_ISSUER)
                 .setIssuedAt(new Date())
-                .setExpiration(new Date(System.currentTimeMillis() + jwtExpiration)) // 1 week
+                .setExpiration(new Date(System.currentTimeMillis() + expirationTime)) // 1 week
                 .signWith(SignatureAlgorithm.HS512, jwtSecret)
                 .compact();
     }
@@ -129,6 +148,10 @@ public long getJwtGuestExpirationTime() {
         return (System.currentTimeMillis() + jwtGuestExpiration);
     }
 
+    public long getJwtParticipantExpirationTime() {
+        return (System.currentTimeMillis() + jwtParticipantExpiration);
+    }
+
     public String getUserId(String token) {
         final Claims claims = Jwts.parser()
                 .setSigningKey(jwtSecret)

diff --git a/backend/kendo-tournament-rest/src/main/resources/application.properties b/backend/kendo-tournament-rest/src/main/resources/application.properties
@@ -52,7 +52,8 @@ spring.main.allow-circular-references=true
 #Security
 database.encryption.key=12345
 jwt.expiration=1200000
-jwt.guest.expiration=3600000
+jwt.guest.expiration=14400000
+jwt.participant.expiration=317098000000
 jwt.secret=
 jwt.ip.check=true
 enable.guest.user=true