increase login exopiration to 72hrs

2017-05-11 15:14:57 +02:00 · 2017-05-11 15:14:57 +02:00 · 2becc92b31
parent 11e80be2aa
commit 2becc92b31
2 changed files with 4 additions and 3 deletions
--- a/api/routes/authenticate.js
+++ b/api/routes/authenticate.js
@ -29,11 +29,11 @@ authenticate.route('/')
          res.send(user);
        } else {
          // authentication failed
-          res.status(401).send('Username or password is incorrect');
+          res.status(codes.unauthorized).send('Username or password is incorrect');
        }
      })
      .catch((err) => {
-        res.status(400).send(err);
+        res.status(codes.wrongrequest).send(err);
      });
  })

@ -47,7 +47,7 @@ let authCheck = (username, password) => {
  AppUserModel.findOne({username: username}, (err, user) => {
    if (err) deferred.reject(err.name + ': ' + err.message);

-    const diff = 60 * 24; // time till expiration [minutes]
+    const diff = 3 * 60 * 24; // time till expiration [minutes]

    if (user && bcrypt.compareSync(password, user.password)) {
      // authentication successful
--- a/api/routes/http-codes.js
+++ b/api/routes/http-codes.js
@ -10,6 +10,7 @@ module.exports = {
  created: 201,
  nocontent: 204,
  wrongrequest: 400,
+  unauthorized: 401,
  forbidden: 403,
  notfound: 404,
  wrongmethod: 405,