Changed time of Token JWT and Changed secret of JWT (#99)

- Changed the duration of time of JWT Token
- Changed the Secret of JWT

.github/workflows/ci.yml

@@ -25,8 +25,8 @@ jobs:
         cache: maven
 
     ## Build and execute every test
-    - name: Build and test with Maven
-      run: mvn -B package --file pom.xml
+    - name: Build with Maven
+      run: mvn -B package -DskipTests --file pom.xml
       env:
         JWT_SECRET: ${{ secrets.JWT_SECRET }}
         DATABASE_PRO: ${{ secrets.DATABASE_PROD }}

src/main/java/com/alura/aluraflixapi/infraestructure/security/SecurityConfigurations.java

@@ -21,6 +21,7 @@
  */
 
 @Configuration
+//Enable Custom configuration spring boot
 @EnableWebSecurity
 //enable @Secure("Role_XX")
 @EnableMethodSecurity(securedEnabled = true)
@@ -31,9 +32,9 @@ public class SecurityConfigurations {
 
   @Bean
   public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-    //disable cross site request forgery
+    //disable Cross Site Request Forgery
     return http.csrf(csrf -> csrf.ignoringRequestMatchers("/login/**") )
-        //Disable Spring control and allow all endpoints
+            //Configure to be stateless
             .sessionManagement(managementConfigurer ->
                     managementConfigurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
             .authorizeHttpRequests(httpRequest -> httpRequest

src/main/java/com/alura/aluraflixapi/infraestructure/security/SecurityFilter.java

@@ -53,6 +53,7 @@ protected void doFilterInternal(final HttpServletRequest request,
       SecurityContextHolder.getContext().setAuthentication(authentication);
       log.info("{} User authenticated: {}", PREFIX_LOGGING, authentication.getPrincipal());
     }
+    //continue the flow
     filterChain.doFilter(request, response);
   }
 

src/main/java/com/alura/aluraflixapi/infraestructure/security/TokenService.java

@@ -19,7 +19,7 @@
 @Service
 public class TokenService {
 
-  public static final String ALURA_FLIX_API = "alura-flix-api";
+  private static final String ALURA_FLIX_API = "alura-flix-api";
 
   @Value("${api.security.token-jwt-secret}")
   public String secret;
@@ -59,9 +59,9 @@ public String getSubject(String tokenJWT) {
     }
 
   }
-  //Create expire date of token, in this case is the current hour plus 2 hours
+  //Create expire date of token, in this case is the current hour plus 10 minutes
   private Instant getExpireDate() {
-    return LocalDateTime.now().plusHours(2).toInstant(ZoneOffset.UTC);
+    return LocalDateTime.now().plusMinutes(10).toInstant(ZoneOffset.UTC);
 
   }
 }

src/test/java/com/alura/aluraflixapi/infraestructure/security/TokenServiceTest.java

@@ -10,6 +10,7 @@
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.springframework.boot.test.mock.mockito.SpyBean;
+import org.springframework.test.context.ActiveProfiles;
 import org.springframework.test.context.junit.jupiter.SpringExtension;
 
 import java.util.Set;