From 9dc7a790cc0ad40f06ff70139712a9c92770cc56 Mon Sep 17 00:00:00 2001
From: Raymond <101374892+raymonable@users.noreply.github.com>
Date: Wed, 13 Aug 2025 05:15:16 -0400
Subject: [PATCH] Session Token Revitalization (#167)

---
 src/main/java/icu/samnyan/aqua/net/components/JWT.kt    | 7 ++++++-
 src/main/java/icu/samnyan/aqua/net/db/AquaNetSession.kt | 4 +++-
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/main/java/icu/samnyan/aqua/net/components/JWT.kt b/src/main/java/icu/samnyan/aqua/net/components/JWT.kt
index 41d9a275..1524b7a1 100644
--- a/src/main/java/icu/samnyan/aqua/net/components/JWT.kt
+++ b/src/main/java/icu/samnyan/aqua/net/components/JWT.kt
@@ -6,6 +6,7 @@ import icu.samnyan.aqua.net.db.AquaNetUser
 import icu.samnyan.aqua.net.db.AquaNetUserRepo
 import icu.samnyan.aqua.net.db.SessionToken
 import icu.samnyan.aqua.net.db.SessionTokenRepo
+import icu.samnyan.aqua.net.db.getTokenExpiry
 import io.jsonwebtoken.JwtParser
 import io.jsonwebtoken.Jwts
 import io.jsonwebtoken.security.Keys
@@ -63,7 +64,7 @@ class JWT(
     @Transactional
     fun gen(user: AquaNetUser): Str {
         val activeTokens = sessionRepo.findByAquaNetUserAuId(user.auId)
-            .sortedByDescending { it.expiry }.drop(4) // the cap is 5, but we append a new token after the fact
+            .sortedByDescending { it.expiry }.drop(9) // the cap is 10, but we append a new token after the fact
         if (activeTokens.isNotEmpty()) {
             sessionRepo.deleteAll(activeTokens)
         }
@@ -96,6 +97,10 @@ class JWT(
                     sessionRepo.delete(token)
                     return null
                 }
+
+                sessionRepo.save(token.apply{
+                    expiry = getTokenExpiry()
+                })
             }
 
             return token?.aquaNetUser
diff --git a/src/main/java/icu/samnyan/aqua/net/db/AquaNetSession.kt b/src/main/java/icu/samnyan/aqua/net/db/AquaNetSession.kt
index 9ddbf668..f4f3c724 100644
--- a/src/main/java/icu/samnyan/aqua/net/db/AquaNetSession.kt
+++ b/src/main/java/icu/samnyan/aqua/net/db/AquaNetSession.kt
@@ -7,6 +7,8 @@ import java.io.Serializable
 import java.time.Instant
 import java.util.UUID
 
+fun getTokenExpiry() = Instant.now().plusSeconds(7 * 86400)
+
 @Entity
 @Table(name = "aqua_net_session")
 class SessionToken(
@@ -16,7 +18,7 @@ class SessionToken(
 
     // Token creation time
     @Column(nullable = false)
-    var expiry: Instant = Instant.now().plusSeconds(14 * 86400),
+    var expiry: Instant = getTokenExpiry(),
 
     // Linking to the AquaNetUser
     @ManyToOne