aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2023-06-28 17:17:20 +0200
committerKim Alvefur <zash@zash.se>2023-06-28 17:17:20 +0200
commitb6e5085b6a5fd13131dfe54114e2271e0b5ea277 (patch)
tree49f1e4508976e8e4af530bde0db49bb51cde4207
parenta7bbeac47e2bbb86f823775e047615534481c2f2 (diff)
downloadprosody-b6e5085b6a5fd13131dfe54114e2271e0b5ea277.tar.gz
prosody-b6e5085b6a5fd13131dfe54114e2271e0b5ea277.zip
mod_http_file_share: Set slot token TTL so util.jwt validates expiry
Overrides the util.jwt default of 1h with the intended TTL of 10 minutes. Because util.jwt now has its own expiry checks, so the 'expiry' field is no longer used and can thus be removed.
-rw-r--r--plugins/mod_http_file_share.lua3
1 files changed, 1 insertions, 2 deletions
diff --git a/plugins/mod_http_file_share.lua b/plugins/mod_http_file_share.lua
index bc7962ad..d5f3a058 100644
--- a/plugins/mod_http_file_share.lua
+++ b/plugins/mod_http_file_share.lua
@@ -49,7 +49,7 @@ end
local daily_quota = module:get_option_number(module.name .. "_daily_quota", file_size_limit*10); -- 100 MB / day
local total_storage_limit = module:get_option_number(module.name.."_global_quota", unlimited);
-local create_jwt, verify_jwt = require "prosody.util.jwt".init("HS256", secret);
+local create_jwt, verify_jwt = require"prosody.util.jwt".init("HS256", secret, secret, { default_ttl = 600 });
local access = module:get_option_set(module.name .. "_access", {});
@@ -182,7 +182,6 @@ function get_authz(slot, uploader, filename, filesize, filetype)
-- slot properties
slot = slot;
- expires = expiry >= 0 and (os.time()+expiry) or nil;
-- file properties
filename = filename;
filesize = filesize;