JWT token not expiring in provided expiryTime (1 day)
Opened this issue ยท 3 comments
Describe the bug ๐
In auth.service.js, the JWT token is issued and it's expiry is set to be 1 day, but even after a day, the person with the old token is still able to modify profile data.
To Reproduce ๐
Steps to reproduce the behavior:
- Try to change your account info after a day (ie. after expiryTime of token)
- Able to modify profile data
Expected behaviour ๐
Instead, one must not be able to modify account data, even after JWT token should have expired
Desktop (please complete the following information): ๐ป
- Windows 10
- Firefox
- 88.0
Additional context ๐
Related code where we create the JWT token is in:
pbchess/server/src/services/auth.service.js
Lines 28 to 43 in 42ccc48
please assign me this issue
@fave77 please assign me I can work on this
@subhangi2731 You are already assigned to #22. Same person will not be assigned multiple issues as of now.