refactor: enhance JWT generation methods and update .env.example comments for clarity

Author: lposen

example/.env.example

@@ -20,7 +20,7 @@ ITBL_API_KEY=replace_this_with_your_iterable_api_key
 # Your JWT Secret, created when making your API key (see above)
 ITBL_JWT_SECRET=replace_this_with_your_jwt_secret
 # Is your api token JWT Enabled?
-# Defaults to true
+# Must be set to 'true' to enable JWT authentication
 ITBL_IS_JWT_ENABLED=true
 
 # Your Iterable user ID or email address

example/ios/IterableJwtGenerator.swift

@@ -10,6 +10,11 @@ import Foundation
 
 @objcMembers public final class IterableJwtGenerator: NSObject {
 
+  private struct Header: Encodable {
+    let alg = "HS256"
+    let typ = "JWT"
+  }
+
   /// Base64 URL encode without padding (URL-safe base64 encoding for JWT)
   private static func urlEncodedBase64(_ data: Data) -> String {
     let base64 = data.base64EncodedString()
@@ -20,24 +25,12 @@ import Foundation
       .replacingOccurrences(of: "=", with: "")
   }
 
-  public static func generateJwtForEmail(secret: String, iat: Int, exp: Int, email: String)
-    -> String
-  {
-    struct Header: Encodable {
-      let alg = "HS256"
-      let typ = "JWT"
-    }
-
-    struct Payload: Encodable {
-      var email = ""
-      var iat = Int(Date().timeIntervalSince1970)
-      var exp = Int(Date().timeIntervalSince1970) + 60
-
-    }
+  /// Generic JWT generation helper that works with any Encodable payload
+  private static func generateJwt<T: Encodable>(secret: String, payload: T) -> String {
     let headerJsonData = try! JSONEncoder().encode(Header())
     let headerBase64 = urlEncodedBase64(headerJsonData)
 
-    let payloadJsonData = try! JSONEncoder().encode(Payload(email: email, iat: iat, exp: exp))
+    let payloadJsonData = try! JSONEncoder().encode(payload)
     let payloadBase64 = urlEncodedBase64(payloadJsonData)
 
     let toSign = Data((headerBase64 + "." + payloadBase64).utf8)
@@ -54,38 +47,28 @@ import Foundation
     return ""
   }
 
-  public static func generateJwtForUserId(secret: String, iat: Int, exp: Int, userId: String)
+  public static func generateJwtForEmail(secret: String, iat: Int, exp: Int, email: String)
     -> String
   {
-    struct Header: Encodable {
-      let alg = "HS256"
-      let typ = "JWT"
-    }
-
     struct Payload: Encodable {
-      var userId = ""
-      var iat = Int(Date().timeIntervalSince1970)
-      var exp = Int(Date().timeIntervalSince1970) + 60
-
+      var email: String
+      var iat: Int
+      var exp: Int
     }
-    let headerJsonData = try! JSONEncoder().encode(Header())
-    let headerBase64 = urlEncodedBase64(headerJsonData)
 
-    let payloadJsonData = try! JSONEncoder().encode(Payload(userId: userId, iat: iat, exp: exp))
-    let payloadBase64 = urlEncodedBase64(payloadJsonData)
-
-    let toSign = Data((headerBase64 + "." + payloadBase64).utf8)
-
-    if #available(iOS 13.0, *) {
-      let privateKey = SymmetricKey(data: Data(secret.utf8))
-      let signature = HMAC<SHA256>.authenticationCode(for: toSign, using: privateKey)
-      let signatureBase64 = urlEncodedBase64(Data(signature))
-
-      let token = [headerBase64, payloadBase64, signatureBase64].joined(separator: ".")
+    return generateJwt(secret: secret, payload: Payload(email: email, iat: iat, exp: exp))
+  }
 
-      return token
+  public static func generateJwtForUserId(secret: String, iat: Int, exp: Int, userId: String)
+    -> String
+  {
+    struct Payload: Encodable {
+      var userId: String
+      var iat: Int
+      var exp: Int
     }
-    return ""
+
+    return generateJwt(secret: secret, payload: Payload(userId: userId, iat: iat, exp: exp))
   }
 
   public static func generateToken(

example/src/hooks/useIterableApp.tsx

@@ -235,7 +235,8 @@ export const IterableAppProvider: FunctionComponent<
           return Promise.reject(err);
         });
     },
-    [getUserId, apiKey, login, getJwtToken]
+    // eslint-disable-next-line react-hooks/exhaustive-deps
+    [getUserId, apiKey, login, getJwtToken, userId]
   );
 
   const logout = useCallback(() => {