From b6e5085b6a5fd13131dfe54114e2271e0b5ea277 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Wed, 28 Jun 2023 17:17:20 +0200 Subject: mod_http_file_share: Set slot token TTL so util.jwt validates expiry Overrides the util.jwt default of 1h with the intended TTL of 10 minutes. Because util.jwt now has its own expiry checks, so the 'expiry' field is no longer used and can thus be removed. --- plugins/mod_http_file_share.lua | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'plugins') diff --git a/plugins/mod_http_file_share.lua b/plugins/mod_http_file_share.lua index bc7962ad..d5f3a058 100644 --- a/plugins/mod_http_file_share.lua +++ b/plugins/mod_http_file_share.lua @@ -49,7 +49,7 @@ end local daily_quota = module:get_option_number(module.name .. "_daily_quota", file_size_limit*10); -- 100 MB / day local total_storage_limit = module:get_option_number(module.name.."_global_quota", unlimited); -local create_jwt, verify_jwt = require "prosody.util.jwt".init("HS256", secret); +local create_jwt, verify_jwt = require"prosody.util.jwt".init("HS256", secret, secret, { default_ttl = 600 }); local access = module:get_option_set(module.name .. "_access", {}); @@ -182,7 +182,6 @@ function get_authz(slot, uploader, filename, filesize, filetype) -- slot properties slot = slot; - expires = expiry >= 0 and (os.time()+expiry) or nil; -- file properties filename = filename; filesize = filesize; -- cgit v1.2.3