nekomimi.pet
Monorepo for wisp.place. A static site hosting service built on top of the AT Protocol.
wisp.place
make jwk rotation 6 months, fix query to check created_at
+6
-4
+6
-4
apps/main-app/src/lib/oauth-client.ts
+6
-4
apps/main-app/src/lib/oauth-client.ts
···
161
161
await db`
162
162
INSERT INTO oauth_keys (kid, jwk, created_at)
163
163
VALUES (${kid}, ${JSON.stringify(priv)}, EXTRACT(EPOCH FROM NOW()))
164
-
ON CONFLICT (kid) DO UPDATE SET jwk = EXCLUDED.jwk
164
+
ON CONFLICT (kid) DO UPDATE SET
165
+
jwk = EXCLUDED.jwk,
166
+
created_at = EXCLUDED.created_at
165
167
`;
166
168
};
167
169
···
201
203
return await loadPersistedKeys();
202
204
};
203
205
204
-
// Key rotation - rotate keys older than 30 days (monthly rotation)
205
-
const KEY_MAX_AGE = 30 * 24 * 60 * 60; // 30 days in seconds
206
+
// Key rotation - rotate keys older than 6 months
207
+
const KEY_MAX_AGE = 182.5 * 24 * 60 * 60; // ~6 months in seconds
206
208
207
209
export const rotateKeysIfNeeded = async (): Promise<boolean> => {
208
210
const now = Math.floor(Date.now() / 1000);
···
221
223
return false;
222
224
}
223
225
224
-
logger.info(`[KeyRotation] Found ${oldKeys.length} key(s) older than 30 days, rotating oldest key`);
226
+
logger.info(`[KeyRotation] Found ${oldKeys.length} key(s) older than 6 months, rotating oldest key`);
225
227
226
228
// Rotate the oldest key
227
229
const oldestKey = oldKeys[0];