From 709c87799c4fa854256ee05de9d1bfe5ec3d5fd0 Mon Sep 17 00:00:00 2001
From: Henrique Dias <hacdias@gmail.com>
Date: Wed, 2 Jan 2019 13:36:12 +0000
Subject: [PATCH] reload auth token

License: MIT
Signed-off-by: Henrique Dias <hacdias@gmail.com>
---
 frontend     |  2 +-
 http/auth.go | 16 +++++++++++++++-
 http/http.go |  1 +
 3 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/frontend b/frontend
index 14a936a2..eb33671e 160000
--- a/frontend
+++ b/frontend
@@ -1 +1 @@
-Subproject commit 14a936a2932d342b9dbc162de1cde9a38036b3d2
+Subproject commit eb33671e572daddf57a3bbdf47e3f09865e27837
diff --git a/http/auth.go b/http/auth.go
index fd51e1d1..e84e94a2 100644
--- a/http/auth.go
+++ b/http/auth.go
@@ -129,10 +129,24 @@ func (e *Env) auth(next http.HandlerFunc) http.HandlerFunc {
 			return
 		}
 
+		if !tk.VerifyExpiresAt(time.Now().Add(time.Hour).Unix(), true) {
+			// TODO: chek if user info was modified
+			w.Header().Add("X-Renew-Token", "true")
+		}
+
 		nextWithUser(w, r, tk.User.ID)
 	}
 }
 
+func (e *Env) renew(w http.ResponseWriter, r *http.Request) {
+	user, ok := e.getUser(w, r)
+	if !ok {
+		return
+	}
+
+	e.printToken(w, r, user)
+}
+
 func (e *Env) printToken(w http.ResponseWriter, r *http.Request, user *types.User) {
 	claims := &authToken{
 		User: userInfo{
@@ -144,7 +158,7 @@ func (e *Env) printToken(w http.ResponseWriter, r *http.Request, user *types.Use
 			Commands:     user.Commands,
 		},
 		StandardClaims: jwt.StandardClaims{
-			ExpiresAt: time.Now().Add(time.Hour * 24).Unix(),
+			ExpiresAt: time.Now().Add(time.Hour * 2).Unix(),
 			Issuer:    "File Browser",
 		},
 	}
diff --git a/http/http.go b/http/http.go
index 6a5d64b2..dfc775d6 100644
--- a/http/http.go
+++ b/http/http.go
@@ -45,6 +45,7 @@ func Handler(e *Env) http.Handler {
 	api := r.PathPrefix("/api").Subrouter()
 	api.HandleFunc("/login", e.loginHandler)
 	api.HandleFunc("/signup", e.signupHandler)
+	api.HandleFunc("/renew", e.auth(e.renew))
 
 	users := api.PathPrefix("/users").Subrouter()
 	users.HandleFunc("", e.auth(e.usersGetHandler)).Methods("GET")