From 1dd27b616957f1f6255e650f400850367bccc1e2 Mon Sep 17 00:00:00 2001
From: Ethan Paul <e@enp.one>
Date: Sun, 23 Feb 2020 02:00:13 -0500
Subject: [PATCH] Fix misnamed domain auth enable fields

Add missing refresh expiration parameter to token model
---
 keyosk/database/domain.py | 12 ++++++------
 keyosk/database/token.py  |  3 +++
 2 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/keyosk/database/domain.py b/keyosk/database/domain.py
index c7de81a..c45b5b0 100644
--- a/keyosk/database/domain.py
+++ b/keyosk/database/domain.py
@@ -20,10 +20,10 @@ class Domain(KeyoskBaseModel):
                             purpose
     :attribute contact: Contact link for the domain
     :attribute enabled: Whether the domain is enabled for authentication
-    :attribute enable_password: Whether to allow accounts to authenticate using the
-                                client-set authentication secret
-    :attribute enable_autopassword: Whether to allow accounts to authenticate using the
-                                    server-set authentication secret
+    :attribute enable_client_set_auth: Whether to allow accounts to authenticate using
+                                       the client-set authentication secret
+    :attribute enable_server_set_auth: Whether to allow accounts to authenticate using
+                                       the server-set authentication secret
     :attribute lifespan_access: Number of seconds that an issued JWT access token should
                                 be valid for
     :attribute lifespan_refresh: Number of seconds an an issued JWT refresh token should
@@ -47,8 +47,8 @@ class Domain(KeyoskBaseModel):
     description = peewee.CharField(null=True)
     contact = peewee.CharField(null=True)
     enabled = peewee.BooleanField(null=False)
-    enable_password = peewee.BooleanField(null=False)
-    enable_autopassword = peewee.BooleanField(null=False)
+    enable_client_set_auth = peewee.BooleanField(null=False)
+    enable_server_set_auth = peewee.BooleanField(null=False)
     enable_refresh = peewee.BooleanField(null=False)
     lifespan_access = peewee.IntegerField(null=False)
     lifespan_refresh = peewee.IntegerField(null=False)
diff --git a/keyosk/database/token.py b/keyosk/database/token.py
index d5c6ba2..2c3c7e0 100644
--- a/keyosk/database/token.py
+++ b/keyosk/database/token.py
@@ -25,6 +25,8 @@ class Token(KeyoskBaseModel):
     :attribute revoked: Whether the token has been revoked
     :attribute refresh: Refresh token attached to the issued access token; can be
                         ``None`` if refresh tokens are disabled for the domain
+    :attribute refresh_expires: Datetime indicating when the refresh token, if used,
+                                expires
     :property claims: Claims generated for the token
 
     .. note:: Settings and parameters may be changed on linked records. However, the
@@ -42,6 +44,7 @@ class Token(KeyoskBaseModel):
     expires = peewee.DateTimeField(null=False)
     revoked = peewee.BooleanField(null=False)
     refresh = peewee.CharField(null=True)
+    refresh_expires = peewee.DateTimeField(null=True)
     _claims = peewee.CharField(null=False)
 
     @property