fixed issues

src/main/environment/common_ci.properties

@@ -6,5 +6,4 @@ [email protected]_API_BASE_URL@
 callcentre-server-ip=@env.CALLCENTRE_SERVER_IP@
 ### Redis IP
 spring.data.redis.host=localhost
-jwt.secret=@JWT_SECRET_KEY@
-
+jwt.secret=@env.JWT_SECRET_KEY@

src/main/environment/common_dev.properties

@@ -9,5 +9,5 @@ common-api-url=<Enter your socket address here>/commonapi-v1.0/
 
 ### Redis IP
 spring.data.redis.host=localhost
-jwt.secret=@JWT_SECRET_KEY@
+jwt.secret=
 

src/main/environment/common_example.properties

@@ -9,4 +9,4 @@ common-api-url=<Enter your socket address here>/commonapi-v1.0/
 
 ### Redis IP
 spring.data.redis.host=localhost
-jwt.secret=@JWT_SECRET_KEY@
+jwt.secret=

src/main/environment/common_test.properties

@@ -10,5 +10,5 @@ callcentre-server-ip=10.208.122.99
 common-api-url=<Enter your socket address here>/commonapi-v1.0/
 ### Redis IP
 spring.data.redis.host=localhost
-jwt.secret=@JWT_SECRET_KEY@
+jwt.secret=
 

src/main/java/com/iemr/inventory/utils/CookieUtil.java

@@ -24,16 +24,6 @@ public Optional<String> getCookieValue(HttpServletRequest request, String cookie
 		return Optional.empty();
 	}
 
-	public void addJwtTokenToCookie(String Jwttoken, HttpServletResponse response) {
-		// Create a new cookie with the JWT token
-		Cookie cookie = new Cookie("Jwttoken", Jwttoken);
-		cookie.setHttpOnly(true); // Prevent JavaScript access for security
-		// cookie.setSecure(true); // Ensure the cookie is sent only over HTTPS
-		cookie.setMaxAge(60 * 60 * 24); // 1 day expiration time
-		cookie.setPath("/"); // Make the cookie available for the entire application
-		response.addCookie(cookie); // Add the cookie to the response
-	}
-
 	public String getJwtTokenFromCookie(HttpServletRequest request) {
 		return Arrays.stream(request.getCookies()).filter(cookie -> "Jwttoken".equals(cookie.getName()))
 				.map(Cookie::getValue).findFirst().orElse(null);

src/main/java/com/iemr/inventory/utils/JwtAuthenticationUtil.java

@@ -69,19 +69,13 @@ public boolean validateUserIdAndJwtToken(String jwtToken) throws IEMRException {
 			}
 
 			String userId = claims.get("userId", String.class);
-			String tokenUsername = jwtUtil.extractUsername(jwtToken);
 
 			// Fetch user based on userId from the database or cache
 			M_User user = userLoginRepo.getUserByUserID(Long.parseLong(userId));
 			if (user == null) {
 				throw new IEMRException("Invalid User ID.");
 			}
 
-			// Check if the token's username matches the user retrieved by userId
-			if (!user.getUserName().equalsIgnoreCase(tokenUsername)) {
-				throw new IEMRException("JWT token and User ID mismatch.");
-			}
-
 			return true; // Valid userId and JWT token
 		} catch (Exception e) {
 			logger.error("Validation failed: " + e.getMessage(), e);

src/main/java/com/iemr/inventory/utils/JwtUserIdValidationFilter.java

@@ -103,6 +103,8 @@ private String getJwtTokenFromCookies(HttpServletRequest request) {
 	private void clearUserIdCookie(HttpServletResponse response) {
 		Cookie cookie = new Cookie("userId", null);
 		cookie.setPath("/");
+		cookie.setHttpOnly(true);
+		cookie.setSecure(true);
 		cookie.setMaxAge(0); // Invalidate the cookie
 		response.addCookie(cookie);
 	}

src/main/java/com/iemr/inventory/utils/JwtUtil.java

@@ -18,7 +18,7 @@ public class JwtUtil {
 	@Value("${jwt.secret}")
 	private String SECRET_KEY;
 
-	private static final long EXPIRATION_TIME = 24 * 60 * 60 * 1000; // 1 day in milliseconds
+	private static final long EXPIRATION_TIME = 24L * 60 * 60 * 1000; // 1 day in milliseconds
 
 	// Generate a key using the secret
 	private Key getSigningKey() {