Changed time of Token JWT and Changed secret of JWT

- Changed the duration of time of JWT Token - Changed the Secret of JWT
LauroSilveira · Feb 8, 2024 · ad4d141 · ad4d141
1 parent 492061c
commit ad4d141
Show file tree

Hide file tree

Showing 5 changed files with 10 additions and 4 deletions.
diff --git a/src/main/java/com/alura/aluraflixapi/infraestructure/security/SecurityConfigurations.java b/src/main/java/com/alura/aluraflixapi/infraestructure/security/SecurityConfigurations.java
@@ -21,6 +21,7 @@
  */
 
 @Configuration
+//Enable Custom configuration spring boot
 @EnableWebSecurity
 //enable @Secure("Role_XX")
 @EnableMethodSecurity(securedEnabled = true)
@@ -31,9 +32,9 @@ public class SecurityConfigurations {
 
   @Bean
   public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-    //disable cross site request forgery
+    //disable Cross Site Request Forgery
     return http.csrf(csrf -> csrf.ignoringRequestMatchers("/login/**") )
-        //Disable Spring control and allow all endpoints
+            //Configure to be stateless
             .sessionManagement(managementConfigurer ->
                     managementConfigurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
             .authorizeHttpRequests(httpRequest -> httpRequest

diff --git a/src/main/java/com/alura/aluraflixapi/infraestructure/security/SecurityFilter.java b/src/main/java/com/alura/aluraflixapi/infraestructure/security/SecurityFilter.java
@@ -53,6 +53,7 @@ protected void doFilterInternal(final HttpServletRequest request,
       SecurityContextHolder.getContext().setAuthentication(authentication);
       log.info("{} User authenticated: {}", PREFIX_LOGGING, authentication.getPrincipal());
     }
+    //continue the flow
     filterChain.doFilter(request, response);
   }
 

diff --git a/src/main/java/com/alura/aluraflixapi/infraestructure/security/TokenService.java b/src/main/java/com/alura/aluraflixapi/infraestructure/security/TokenService.java
@@ -59,9 +59,9 @@ public String getSubject(String tokenJWT) {
     }
 
   }
-  //Create expire date of token, in this case is the current hour plus 2 hours
+  //Create expire date of token, in this case is the current hour plus 10 minutes
   private Instant getExpireDate() {
-    return LocalDateTime.now().plusHours(2).toInstant(ZoneOffset.UTC);
+    return LocalDateTime.now().plusMinutes(10).toInstant(ZoneOffset.UTC);
 
   }
 }
diff --git a/src/test/java/com/alura/aluraflixapi/infraestructure/security/TokenServiceTest.java b/src/test/java/com/alura/aluraflixapi/infraestructure/security/TokenServiceTest.java
@@ -10,6 +10,7 @@
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.springframework.boot.test.mock.mockito.SpyBean;
+import org.springframework.test.context.ActiveProfiles;
 import org.springframework.test.context.junit.jupiter.SpringExtension;
 
 import java.util.Set;
@@ -18,6 +19,7 @@
 import static org.assertj.core.api.Assertions.assertThat;
 
 @ExtendWith(SpringExtension.class)
+@ActiveProfiles("test")
 class TokenServiceTest {
 
     @SpyBean

diff --git a/src/test/resources/application-test.yml b/src/test/resources/application-test.yml
@@ -2,6 +2,8 @@ server:
   port: 8080
 
 spring:
+  profiles:
+    active: "test"
   application:
     name: alura-flix-api
   data: