From a908d20dcd59b7dfef7d6fbedc4b20226e3ca824 Mon Sep 17 00:00:00 2001
From: Gani Georgiev <gani.georgiev@gmail.com>
Date: Thu, 25 Aug 2022 10:57:50 +0300
Subject: [PATCH] increased max allowed token duration

---
 core/settings.go      |  2 +-
 core/settings_test.go | 12 ++++++++++--
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/core/settings.go b/core/settings.go
index f76f013b..de9cfe24 100644
--- a/core/settings.go
+++ b/core/settings.go
@@ -223,7 +223,7 @@ type TokenConfig struct {
 func (c TokenConfig) Validate() error {
 	return validation.ValidateStruct(&c,
 		validation.Field(&c.Secret, validation.Required, validation.Length(30, 300)),
-		validation.Field(&c.Duration, validation.Required, validation.Min(5), validation.Max(31536000)),
+		validation.Field(&c.Duration, validation.Required, validation.Min(5), validation.Max(63072000)),
 	)
 }
 
diff --git a/core/settings_test.go b/core/settings_test.go
index 6155d62f..c186589b 100644
--- a/core/settings_test.go
+++ b/core/settings_test.go
@@ -224,15 +224,23 @@ func TestTokenConfigValidate(t *testing.T) {
 		// invalid data
 		{
 			core.TokenConfig{
-				Secret:   "test",
+				Secret:   strings.Repeat("a", 5),
 				Duration: 4,
 			},
 			true,
 		},
+		// valid secret but invalid duration
+		{
+			core.TokenConfig{
+				Secret:   strings.Repeat("a", 30),
+				Duration: 63072000 + 1,
+			},
+			true,
+		},
 		// valid data
 		{
 			core.TokenConfig{
-				Secret:   "testtesttesttesttesttesttestte",
+				Secret:   strings.Repeat("a", 30),
 				Duration: 100,
 			},
 			false,