@igxjs/node-components 1.0.13 → 1.0.14

package/README.md

@@ -78,7 +78,7 @@ flexRouter.mount(app, '');
 import { JwtManager } from '@igxjs/node-components';
 
 // Constructor uses UPPERCASE naming with JWT_ prefix
-const jwt = new JwtManager({ SESSION_AGE: 64800000 });
+const jwt = new JwtManager({ JWT_EXPIRATION_TIME: 64800 });
 const SECRET = process.env.JWT_SECRET;
 
 // Create token (encrypt method uses camelCase for per-call options)
@@ -127,7 +127,7 @@ Uses traditional server-side session cookies. When a user authenticates via SSO,
 
 **Configuration:**
 - `SESSION_MODE`: `SessionMode.SESSION` (default) - Uses session-based authentication
-- `SESSION_AGE`: Session timeout in milliseconds (default: 64800000)
+- `SESSION_AGE`: Session timeout in seconds (default: 64800 = 18 hours)
 - `REDIS_URL`: Redis connection string for session storage
 
 **Auth Methods:**
@@ -182,7 +182,7 @@ fetch('/api/protected', {
 | `SSO_SUCCESS_URL` | string | - | Redirect URL after successful login (token mode) |
 | `SSO_FAILURE_URL` | string | - | Redirect URL after failed login (token mode) |
 | `SESSION_MODE` | string | `SessionMode.SESSION` | Authentication mode: `SessionMode.SESSION` or `SessionMode.TOKEN` |
-| `SESSION_AGE` | number | 64800000 | Session timeout in milliseconds |
+| `SESSION_AGE` | number | 64800 | Session timeout in seconds (default: 64800 = 18 hours) |
 | `SESSION_COOKIE_PATH` | string | `'/'` | Session cookie path |
 | `SESSION_SECRET` | string | - | Session/JWT secret key |
 | `SESSION_PREFIX` | string | `'ibmid:'` | Redis session/key prefix |

package/components/session.js

@@ -58,7 +58,7 @@ export class SessionConfig {
   /** @type {string} */
   SSO_FAILURE_URL;
 
-  /** @type {number} Session age in milliseconds */
+  /** @type {number} Session age in seconds (default: 64800 = 18 hours) */
   SESSION_AGE;
   /**
    * @type {string} Session cookie path
@@ -181,8 +181,8 @@ export class SessionManager {
     this.#config = {
       // Session Mode
       SESSION_MODE: config.SESSION_MODE || SessionMode.SESSION,
-      // Session
-      SESSION_AGE: config.SESSION_AGE || 64800000,
+      // Session - SESSION_AGE is now in seconds (default: 64800 = 18 hours)
+      SESSION_AGE: config.SESSION_AGE || 64800,
       SESSION_COOKIE_PATH: config.SESSION_COOKIE_PATH || '/',
       SESSION_SECRET: config.SESSION_SECRET,
       SESSION_PREFIX: config.SESSION_PREFIX || 'ibmid:',
@@ -253,6 +253,15 @@ export class SessionManager {
     return this.#config.SESSION_KEY;
   }
 
+  /**
+   * Get session age in milliseconds (for express-session cookie maxAge)
+   * @returns {number} Returns the session age in milliseconds
+   * @private
+   */
+  #getSessionAgeInMilliseconds() {
+    return Math.round(this.#config.SESSION_AGE * 1000);
+  }
+
   /**
    * Get Redis key for token storage
    * @param {string} email User email
@@ -300,7 +309,8 @@ export class SessionManager {
   async #generateAndStoreToken(user) {
     // Generate unique token ID for this device/session
     const tid = crypto.randomUUID();
-    const ttlSeconds = Math.floor(this.#config.SESSION_AGE / 1000);
+    // SESSION_AGE is already in seconds
+    const ttlSeconds = this.#config.SESSION_AGE;
     // Create JWT token with only email and tid (minimal payload)
     const token = await this.#jwtManager.encrypt(
       { email: user.email, tid },
@@ -489,7 +499,7 @@ export class SessionManager {
       return res.json({
         token: newToken,
         user,
-        expiresIn: Math.floor(this.#config.SESSION_AGE / 1000),
+        expiresIn: this.#config.SESSION_AGE, // Already in seconds
         tokenType: 'Bearer'
       });
     } catch (error) {
@@ -667,7 +677,10 @@ export class SessionManager {
    */
   async setup(app, updateUser) {
     this.#redisManager = new RedisManager();
-    this.#jwtManager = new JwtManager(this.#config);
+    this.#jwtManager = new JwtManager({
+      ...this.#config,
+      JWT_EXPIRATION_TIME: this.#config.SESSION_AGE, // SESSION_AGE is already in seconds
+    });
     // Identity Provider Request
     this.#idpRequest = axios.create({
       baseURL: this.#config.SSO_ENDPOINT_URL,
@@ -686,7 +699,7 @@ export class SessionManager {
     // Redis Session
     this.#logger.log('### Using Redis as the Session Store ###');
     return session({
-      cookie: { maxAge: this.#config.SESSION_AGE, path: this.#config.SESSION_COOKIE_PATH, sameSite: false },
+      cookie: { maxAge: this.#getSessionAgeInMilliseconds(), path: this.#config.SESSION_COOKIE_PATH, sameSite: false },
       store: new RedisStore({ client: this.#redisManager.getClient(), prefix: this.#config.SESSION_PREFIX, disableTouch: true }),
       resave: false, saveUninitialized: false,
       secret: this.#config.SESSION_SECRET,
@@ -702,7 +715,7 @@ export class SessionManager {
     this.#logger.log('### Using Memory as the Session Store ###');
     const MemoryStore = memStore(session);
     return session({
-      cookie: { maxAge: this.#config.SESSION_AGE, path: this.#config.SESSION_COOKIE_PATH, sameSite: false },
+      cookie: { maxAge: this.#getSessionAgeInMilliseconds(), path: this.#config.SESSION_COOKIE_PATH, sameSite: false },
       store: new MemoryStore({}),
       resave: false, saveUninitialized: false,
       secret: this.#config.SESSION_SECRET,

package/index.d.ts

@@ -122,9 +122,9 @@ export interface SessionConfig {
   SESSION_MODE?: string;
 
   /** 
-   * Session expiration time in milliseconds
-   * @example 3600000 (1 hour) or 86400000 (24 hours)
-   * @default 3600000 (1 hour)
+   * Session expiration time in seconds
+   * @example 3600 (1 hour) or 86400 (24 hours) or 64800 (18 hours)
+   * @default 64800 (18 hours)
    */
   SESSION_AGE?: number;
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@igxjs/node-components",
-  "version": "1.0.13",
+  "version": "1.0.14",
   "description": "Node components for igxjs",
   "main": "index.js",
   "type": "module",