reactioncommerce · tedraykov · May 19, 2023 · May 19, 2023 · sujithvn · Jun 16, 2023
diff --git a/.changeset/smooth-jokes-attend.md b/.changeset/smooth-jokes-attend.md
@@ -0,0 +1,5 @@
+---
+"@reactioncommerce/api-plugin-authentication": minor
+---
+
+Add accounts js env var configuration (jwt expiration time comfig, returnTokensAfterResetPassword config)
diff --git a/packages/api-plugin-authentication/src/config.js b/packages/api-plugin-authentication/src/config.js
@@ -1,10 +1,13 @@
 import envalid from "envalid";
 
-const { str } = envalid;
+const { str, bool } = envalid;
 
 export default envalid.cleanEnv(
   process.env,
   {
+    ACCOUNTS_JS_RETURN_TOKENS_AFTER_RESET_PASSWORD: bool({ default: false }),
+    ACCOUNTS_JS_ACCESS_TOKEN_EXPIRES_IN: str({ default: "90m" }),
+    ACCOUNTS_JS_REFRESH_TOKEN_EXPIRES_IN: str({ default: "30d" }),
     PASSWORD_RESET_PATH_FRAGMENT: str({ default: "?resetToken=" }),
     STORE_URL: str({ devDefault: "http://localhost:4000" }),
     TOKEN_SECRET: str({ default: "UPDATE_THIS_SECRET" })

diff --git a/packages/api-plugin-authentication/src/util/accountServer.js b/packages/api-plugin-authentication/src/util/accountServer.js
@@ -14,7 +14,15 @@ export default async (app) => {
   if (accountsServer && accountsGraphQL) {
     return { accountsServer, accountsGraphQL };
   }
-  const { MONGO_URL, PASSWORD_RESET_PATH_FRAGMENT, STORE_URL, TOKEN_SECRET } = config;
+  const {
+    ACCOUNTS_JS_RETURN_TOKENS_AFTER_RESET_PASSWORD,
+    ACCOUNTS_JS_ACCESS_TOKEN_EXPIRES_IN,
+    ACCOUNTS_JS_REFRESH_TOKEN_EXPIRES_IN,
+    MONGO_URL,
+    PASSWORD_RESET_PATH_FRAGMENT,
+    STORE_URL,
+    TOKEN_SECRET
+  } = config;
   const { context } = app;
 
   const client = await mongoConnectWithRetry(MONGO_URL);
@@ -26,12 +34,22 @@ export default async (app) => {
     idProvider: () => mongoose.Types.ObjectId().toString()
   });
 
-  const password = new AccountsPassword();
+  const password = new AccountsPassword({
+    returnTokensAfterResetPassword: ACCOUNTS_JS_RETURN_TOKENS_AFTER_RESET_PASSWORD
+  });
 
   accountsServer = new AccountsServer(
     {
       siteUrl: STORE_URL,
       tokenSecret: TOKEN_SECRET,
+      tokenConfigs: {
+        accessToken: {
+          expiresIn: ACCOUNTS_JS_ACCESS_TOKEN_EXPIRES_IN
+        },
+        refreshToken: {
+          expiresIn: ACCOUNTS_JS_REFRESH_TOKEN_EXPIRES_IN
+        }
+      },
       db: accountsMongo,
       enableAutologin: true,
       ambiguousErrorMessages: false,