From d5c9e8d73e796ee2ae39a63d31d0a98878f1f5ce Mon Sep 17 00:00:00 2001
From: Luke <luke.miller.drss@gmail.com>
Date: Fri, 8 Oct 2021 13:54:31 -0500
Subject: [PATCH] Add check to refreshApiKeyExpiryTime to not refresh long
 lived keys

---
 backend/src/data/ApiLogins.ts | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/backend/src/data/ApiLogins.ts b/backend/src/data/ApiLogins.ts
index ab8779d0..09052ec1 100644
--- a/backend/src/data/ApiLogins.ts
+++ b/backend/src/data/ApiLogins.ts
@@ -90,10 +90,21 @@ export class ApiLogins extends BaseRepository {
     const [loginId, token] = apiKey.split(".");
     if (!loginId || !token) return;
 
+    const updated_time =  moment().utc().add(LOGIN_EXPIRY_TIME, "ms");
+
+    const login = await this.apiLogins
+      .createQueryBuilder()
+      .where("id = :id", { id: loginId })
+      .getOne();
+    
+     if(!login) return;
+
+    if(moment.utc(login.expires_at).isSameOrAfter(updated_time)) return;
+
     await this.apiLogins.update(
       { id: loginId },
       {
-        expires_at: moment().utc().add(LOGIN_EXPIRY_TIME, "ms").format(DBDateFormat),
+        expires_at: updated_time.format(DBDateFormat)
       },
     );
   }