From 14d2ece80d9a4db5fd8e6b6aea961c64c38056ac Mon Sep 17 00:00:00 2001
From: Anthony Castelli <neueanthony@me.com>
Date: Thu, 27 Apr 2017 16:15:19 -0700
Subject: [PATCH] jwt: Handle the verification of the expiration claim properly

---
 Sources/App/Models/User.swift | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Sources/App/Models/User.swift b/Sources/App/Models/User.swift
index b71dcdf..2b52b9b 100644
--- a/Sources/App/Models/User.swift
+++ b/Sources/App/Models/User.swift
@@ -62,7 +62,7 @@ extension User {
 
             // Verify the token
             try receivedJWT.verifySignature(using: HS256(key: Authentication.AccessTokenSigningKey.makeBytes()))
-            if receivedJWT.verifyClaims([ExpirationTimeClaim(Date() + Authentication.Length)]) {
+            if receivedJWT.verifyClaims([ExpirationTimeClaim(Date())]) {
                 guard let userId = receivedJWT.payload.object?[SubjectClaim.name]?.string else { throw IncorrectCredentialsError() }
                 user = try User.query().filter("id", userId).first()
             } else {