refactor: remove mobile auth secrets (#1915)

* refactor: remove AUTH_TOKEN_JWT_SECRET

* refactor: remove REFRESH_TOKEN_JWT_SECRET

Author: pyphilia

.github/workflows/deploy-prod.yml

@@ -98,7 +98,6 @@ jobs:
             DB_CONNECTION_POOL_SIZE=${{ vars.DB_CONNECTION_POOL_SIZE }}
             APPS_JWT_SECRET=${{ secrets.APPS_JWT_SECRET }}
             APPS_PUBLISHER_ID=${{ secrets.APPS_PUBLISHER_ID }}
-            AUTH_TOKEN_JWT_SECRET=${{ secrets.AUTH_TOKEN_JWT_SECRET }}
             CLIENT_HOST=${{ vars.CLIENT_HOST }}
             COOKIE_DOMAIN=${{ vars.COOKIE_DOMAIN }}
             CORS_ORIGIN_REGEX=${{ secrets.CORS_ORIGIN_REGEX }}
@@ -133,7 +132,6 @@ jobs:
             PUBLIC_URL=${{ secrets.PUBLIC_URL }}
             RECAPTCHA_SECRET_ACCESS_KEY=${{ secrets.RECAPTCHA_SECRET_ACCESS_KEY }}
             REDIS_CONNECTION=${{ secrets.REDIS_CONNECTION }}
-            REFRESH_TOKEN_JWT_SECRET=${{ secrets.REFRESH_TOKEN_JWT_SECRET }}
             S3_FILE_ITEM_ACCESS_KEY_ID=${{ secrets.S3_FILE_ITEM_ACCESS_KEY_ID }}
             S3_FILE_ITEM_BUCKET=${{ vars.S3_FILE_ITEM_BUCKET }}
             FILE_STORAGE_TYPE=${{ vars.FILE_STORAGE_TYPE }}

.github/workflows/deploy-stage.yml

@@ -98,7 +98,6 @@ jobs:
             DB_CONNECTION_POOL_SIZE=${{ vars.DB_CONNECTION_POOL_SIZE }}
             APPS_JWT_SECRET=${{ secrets.APPS_JWT_SECRET }}
             APPS_PUBLISHER_ID=${{ secrets.APPS_PUBLISHER_ID }}
-            AUTH_TOKEN_JWT_SECRET=${{ secrets.AUTH_TOKEN_JWT_SECRET }}
             CLIENT_HOST=${{ vars.CLIENT_HOST }}
             COOKIE_DOMAIN=${{ vars.COOKIE_DOMAIN }}
             CORS_ORIGIN_REGEX=${{ secrets.CORS_ORIGIN_REGEX }}
@@ -134,7 +133,6 @@ jobs:
             PUBLIC_URL=${{ secrets.PUBLIC_URL }}
             RECAPTCHA_SECRET_ACCESS_KEY=${{ secrets.RECAPTCHA_SECRET_ACCESS_KEY }}
             REDIS_CONNECTION=${{ secrets.REDIS_CONNECTION }}
-            REFRESH_TOKEN_JWT_SECRET=${{ secrets.REFRESH_TOKEN_JWT_SECRET }}
             S3_FILE_ITEM_ACCESS_KEY_ID=${{ secrets.S3_FILE_ITEM_ACCESS_KEY_ID }}
             S3_FILE_ITEM_BUCKET=${{ vars.S3_FILE_ITEM_BUCKET }}
             FILE_STORAGE_TYPE=${{ vars.FILE_STORAGE_TYPE }}

.github/workflows/test.yml

@@ -19,7 +19,6 @@ env:
   APPS_JWT_SECRET: 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
   APPS_PUBLISHER_ID: 9c9cea73-f3b7-48a3-aa6e-ead82c0685e7 # mock uuid
   GRAASPER_CREATOR_ID: bbbf7cac-6139-45e4-8fbf-4cf767b50b29 # mock uuid
-  AUTH_TOKEN_JWT_SECRET: 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
   COOKIE_DOMAIN: localhost
   CLIENT_HOST: http://localhost:3114
   DB_PASSWORD: docker
@@ -42,7 +41,6 @@ env:
   MAILER_CONNECTION: smtp://username:password@localhost:1025
   RECAPTCHA_SECRET_ACCESS_KEY: 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
   REDIS_CONNECTION: 'redis://localhost:6379'
-  REFRESH_TOKEN_JWT_SECRET: 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
   S3_FILE_ITEM_ACCESS_KEY_ID: graasp-user
   S3_FILE_ITEM_BUCKET: graasp
   FILE_STORAGE_TYPE: s3

API Collections/Auth/Mobile/Auth.bru

@@ -130,10 +130,6 @@ SECURE_SESSION_SECRET_KEY=<secret-key>
 
 # JWT secret (can use the same command as for SECURE_SESSION_SECRET_KEY)
 JWT_SECRET=<secret-key>
-# Auth JWT secret (can use the same command as for SECURE_SESSION_SECRET_KEY)
-AUTH_TOKEN_JWT_SECRET=<secret-key>
-# Refresh JWT secret (can use the same command as for SECURE_SESSION_SECRET_KEY)
-REFRESH_TOKEN_JWT_SECRET=<secret-key>
 # Password reset JWT secret (can use the same command as for SECURE_SESSION_SECRET_KEY)
 PASSWORD_RESET_JWT_SECRET=<secret-key>
 # Email change JWT secret (can use the same command as for SECURE_SESSION_SECRET_KEY)

API Collections/Auth/Mobile/Refresh Token.bru

@@ -57,8 +57,6 @@ x-core_environment: &core_environment
   #    npx @fastify/secure-session > secret-key && node -e "let fs=require('fs'),file=path.join(__dirname, 'secret-key');console.log(fs.readFileSync(file).toString('hex'));fs.unlinkSync(file)"
   SECURE_SESSION_SECRET_KEY: # replace by your own data
   JWT_SECRET: # replace by your own data
-  AUTH_TOKEN_JWT_SECRET: # replace by your own data
-  REFRESH_TOKEN_JWT_SECRET: # replace by your own data
   PASSWORD_RESET_JWT_SECRET: # replace by your own data
   EMAIL_CHANGE_JWT_SECRET: # replace by your own data
   APPS_JWT_SECRET: # replace by your own data

API Collections/Auth/Mobile/Register.bru

@@ -32,15 +32,3 @@ export const EMAIL_CHANGE_JWT_EXPIRATION_IN_MINUTES = 1440; // 24 hours
 
 /** Graasp apps authentication */
 export const APPS_JWT_SECRET = requiredEnvVar('APPS_JWT_SECRET');
-
-// TODO: remove mobile auth variables as it is deprecated and not supported anymore
-/**
- * Mobile auth
- */
-export const AUTH_TOKEN_JWT_SECRET = requiredEnvVar('AUTH_TOKEN_JWT_SECRET');
-/** Auth token expiration, in minutes */
-export const AUTH_TOKEN_EXPIRATION_IN_MINUTES = 10080; // 7 days
-
-export const REFRESH_TOKEN_JWT_SECRET = requiredEnvVar('REFRESH_TOKEN_JWT_SECRET');
-/** Refresh token expiration, in minutes */
-export const REFRESH_TOKEN_EXPIRATION_IN_MINUTES = 86400; // 60 days