From 3770be4274eb98fec6c30ee0d9d6a2a01e1d4b07 Mon Sep 17 00:00:00 2001
From: clauspeterhuebner <hr.softwarelab@t-online.de>
Date: Wed, 23 Apr 2025 16:23:18 +0200
Subject: [PATCH] set validUntil in DisbersementLink by exp-claim of
 jwt-payload

---
 backend/src/graphql/model/DisbursementLink.ts       |  6 ++++++
 .../src/graphql/resolver/TransactionLinkResolver.ts | 13 ++++++++++---
 2 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/backend/src/graphql/model/DisbursementLink.ts b/backend/src/graphql/model/DisbursementLink.ts
index 87167d79a..d0c090cd5 100644
--- a/backend/src/graphql/model/DisbursementLink.ts
+++ b/backend/src/graphql/model/DisbursementLink.ts
@@ -26,6 +26,9 @@ export class DisbursementLink {
     this.amount = new Decimal(disbursementPayload.amount)
     this.memo = disbursementPayload.memo
     this.code = disbursementPayload.redeemcode
+    if (disbursementPayload.exp) {
+      this.validUntil = new Date(disbursementPayload.exp)
+    }
   }
 
   @Field(() => Community)
@@ -48,4 +51,7 @@ export class DisbursementLink {
 
   @Field(() => String)
   code: string
+
+  @Field(() => Date)
+  validUntil: Date
 }
diff --git a/backend/src/graphql/resolver/TransactionLinkResolver.ts b/backend/src/graphql/resolver/TransactionLinkResolver.ts
index 0eee2c991..d577b0bf2 100644
--- a/backend/src/graphql/resolver/TransactionLinkResolver.ts
+++ b/backend/src/graphql/resolver/TransactionLinkResolver.ts
@@ -190,7 +190,9 @@ export class TransactionLinkResolver {
         )
         if (
           decodedPayload != null &&
-          decodedPayload.tokentype === DisbursementJwtPayloadType.REDEEM_ACTIVATION_TYPE
+          decodedPayload.tokentype === DisbursementJwtPayloadType.REDEEM_ACTIVATION_TYPE &&
+          decodedPayload.exp &&
+          decodedPayload.exp > new Date().getTime()
         ) {
           const disburseJwtPayload = new DisbursementJwtPayloadType(
             decodedPayload.sendercommunityuuid as string,
@@ -224,7 +226,9 @@ export class TransactionLinkResolver {
           let verifiedPayload: DisbursementJwtPayloadType | null = null
           if (
             jwtPayload != null &&
-            jwtPayload.tokentype === DisbursementJwtPayloadType.REDEEM_ACTIVATION_TYPE
+            jwtPayload.tokentype === DisbursementJwtPayloadType.REDEEM_ACTIVATION_TYPE &&
+            jwtPayload.exp &&
+            jwtPayload.exp > new Date().getTime()
           ) {
             verifiedPayload = new DisbursementJwtPayloadType(
               jwtPayload.sendercommunityuuid as string,
@@ -265,7 +269,10 @@ export class TransactionLinkResolver {
           )
           return disbursementLink
         } else {
-          throw new LogError('Redeem with wrong type of JWT-Token! decodedPayload=', decodedPayload)
+          throw new LogError(
+            'Redeem with wrong type of JWT-Token or expired! decodedPayload=',
+            decodedPayload,
+          )
         }
       }
     }