From 75aa2abef76c5dfa73e9698bedcbf4a78743a555 Mon Sep 17 00:00:00 2001
From: ArielLeyva <msomnium.info@gmail.com>
Date: Mon, 15 Sep 2025 23:03:06 -0400
Subject: [PATCH] Retrieve token expiration time from jwt-decode instead of
 sending it from the backend

---
 frontend/src/types/user.d.ts |  7 +------
 frontend/src/utils/auth.ts   | 19 ++++++++-----------
 http/auth.go                 |  9 ++-------
 3 files changed, 11 insertions(+), 24 deletions(-)

diff --git a/frontend/src/types/user.d.ts b/frontend/src/types/user.d.ts
index c8c1e38e..ddd6cb26 100644
--- a/frontend/src/types/user.d.ts
+++ b/frontend/src/types/user.d.ts
@@ -63,9 +63,4 @@ interface IRegexp {
   raw: string;
 }
 
-type UserTheme = "light" | "dark" | "";
-
-interface SessionToken {
-  token: string;
-  expiresAt: string;
-}
\ No newline at end of file
+type UserTheme = "light" | "dark" | "";
\ No newline at end of file
diff --git a/frontend/src/utils/auth.ts b/frontend/src/utils/auth.ts
index 0ac285db..114b5edb 100644
--- a/frontend/src/utils/auth.ts
+++ b/frontend/src/utils/auth.ts
@@ -5,24 +5,23 @@ import { jwtDecode } from "jwt-decode";
 import { baseURL, noAuth } from "./constants";
 import { StatusError } from "@/api/utils";
 
-export function parseToken(body: SessionToken) {
+export function parseToken(token: string) {
   // falsy or malformed jwt will throw InvalidTokenError
-  const data = jwtDecode<JwtPayload & { user: IUser }>(body.token);
+  const data = jwtDecode<JwtPayload & { user: IUser }>(token);
 
-  document.cookie = `auth=${body.token}; Path=/; SameSite=Strict;`;
+  document.cookie = `auth=${token}; Path=/; SameSite=Strict;`;
 
-  localStorage.setItem("jwt", body.token);
+  localStorage.setItem("jwt", token);
 
   const authStore = useAuthStore();
-  authStore.jwt = body.token;
+  authStore.jwt = token;
   authStore.setUser(data.user);
 
-  const expiresAt = new Date(body.expiresAt);
-
   if (authStore.logoutTimer) {
     clearTimeout(authStore.logoutTimer);
   }
 
+  const expiresAt = new Date(data.exp! * 1000);
   authStore.setLogoutTimer(
     window.setTimeout(() => {
       logout();
@@ -56,12 +55,11 @@ export async function login(
     body: JSON.stringify(data),
   });
 
+  const body = await res.text();
 
   if (res.status === 200) {
-    const body = await res.json();
     parseToken(body);
   } else {
-    const body = await res.text();
     throw new StatusError(
       body || `${res.status} ${res.statusText}`,
       res.status
@@ -77,12 +75,11 @@ export async function renew(jwt: string) {
     },
   });
 
+  const body = await res.text();
 
   if (res.status === 200) {
-    const body = await res.json();
     parseToken(body);
   } else {
-    const body = await res.text();
     throw new StatusError(
       body || `${res.status} ${res.statusText}`,
       res.status
diff --git a/http/auth.go b/http/auth.go
index aaed0d02..0ecaed14 100644
--- a/http/auth.go
+++ b/http/auth.go
@@ -214,13 +214,8 @@ func printToken(w http.ResponseWriter, _ *http.Request, d *data, user *users.Use
 		return http.StatusInternalServerError, err
 	}
 
-	response := map[string]interface{}{
-		"token":     signed,
-		"expiresAt": claims.ExpiresAt.Time.Format(time.RFC3339), // fecha en string ISO 8601
-	}
-
-	w.Header().Set("Content-Type", "application/json")
-	if err := json.NewEncoder(w).Encode(response); err != nil {
+	w.Header().Set("Content-Type", "text/plain")
+	if _, err := w.Write([]byte(signed)); err != nil {
 		return http.StatusInternalServerError, err
 	}
 	return 0, nil