From 4a1aa84fa83f9dcc5b45c1fe67577943b99b722a Mon Sep 17 00:00:00 2001
From: ssongliu <73214554+ssongliu@users.noreply.github.com>
Date: Wed, 29 Mar 2023 15:34:13 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E6=94=B9=20jwt=20=E8=B6=85?=
 =?UTF-8?q?=E6=97=B6=E6=97=B6=E9=97=B4=E4=B8=BA=201=20=E5=B0=8F=E6=97=B6?=
 =?UTF-8?q?=20(#437)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 backend/app/service/auth.go |  2 +-
 backend/constant/session.go |  2 +-
 backend/middleware/jwt.go   | 15 ---------------
 backend/utils/jwt/jwt.go    |  4 ++--
 4 files changed, 4 insertions(+), 19 deletions(-)

diff --git a/backend/app/service/auth.go b/backend/app/service/auth.go
index a16f4b342..5bf9aca6a 100644
--- a/backend/app/service/auth.go
+++ b/backend/app/service/auth.go
@@ -118,7 +118,7 @@ func (u *AuthService) generateSession(c *gin.Context, name, authMethod string) (
 		j := jwt.NewJWT()
 		claims := j.CreateClaims(jwt.BaseClaims{
 			Name: name,
-		}, lifeTime)
+		})
 		token, err := j.CreateToken(claims)
 		if err != nil {
 			return nil, err
diff --git a/backend/constant/session.go b/backend/constant/session.go
index 1a55cbf83..446ddfe6a 100644
--- a/backend/constant/session.go
+++ b/backend/constant/session.go
@@ -6,7 +6,7 @@ const (
 
 	AuthMethodJWT = "jwt"
 	JWTHeaderName = "Authorization"
-	JWTBufferTime = 86400
+	JWTBufferTime = 3600
 	JWTIssuer     = "1Panel"
 
 	PasswordExpiredName = "expired"
diff --git a/backend/middleware/jwt.go b/backend/middleware/jwt.go
index e9498ec2e..8adb851d9 100644
--- a/backend/middleware/jwt.go
+++ b/backend/middleware/jwt.go
@@ -1,15 +1,9 @@
 package middleware
 
 import (
-	"strconv"
-	"time"
-
 	"github.com/1Panel-dev/1Panel/backend/app/api/v1/helper"
-	"github.com/1Panel-dev/1Panel/backend/app/repo"
 	"github.com/1Panel-dev/1Panel/backend/constant"
-	"github.com/1Panel-dev/1Panel/backend/global"
 	jwtUtils "github.com/1Panel-dev/1Panel/backend/utils/jwt"
-	"github.com/golang-jwt/jwt/v4"
 
 	"github.com/gin-gonic/gin"
 )
@@ -27,15 +21,6 @@ func JwtAuth() gin.HandlerFunc {
 			helper.ErrorWithDetail(c, constant.CodeErrUnauthorized, constant.ErrTypeInternalServer, err)
 			return
 		}
-		if claims.ExpiresAt.Unix()-time.Now().Unix() < claims.BufferTime {
-			settingRepo := repo.NewISettingRepo()
-			setting, err := settingRepo.Get(settingRepo.WithByKey("SessionTimeout"))
-			if err != nil {
-				global.LOG.Errorf("create operation record failed, err: %v", err)
-			}
-			lifeTime, _ := strconv.Atoi(setting.Value)
-			claims.ExpiresAt = jwt.NewNumericDate(time.Now().Add(time.Second * time.Duration(lifeTime)))
-		}
 		c.Set("claims", claims)
 		c.Set("authMethod", constant.AuthMethodJWT)
 		c.Next()
diff --git a/backend/utils/jwt/jwt.go b/backend/utils/jwt/jwt.go
index 5ebe26f0b..f8c1c1529 100644
--- a/backend/utils/jwt/jwt.go
+++ b/backend/utils/jwt/jwt.go
@@ -38,12 +38,12 @@ func NewJWT() *JWT {
 	}
 }
 
-func (j *JWT) CreateClaims(baseClaims BaseClaims, ttl int) CustomClaims {
+func (j *JWT) CreateClaims(baseClaims BaseClaims) CustomClaims {
 	claims := CustomClaims{
 		BaseClaims: baseClaims,
 		BufferTime: constant.JWTBufferTime,
 		RegisteredClaims: jwt.RegisteredClaims{
-			ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Second * time.Duration(ttl))),
+			ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Second * time.Duration(constant.JWTBufferTime))),
 			Issuer:    constant.JWTIssuer,
 		},
 	}