From 42906a03f56f97e3fddc87d8319e7181e2e02bcf Mon Sep 17 00:00:00 2001 From: Igor Lobanov Date: Mon, 14 Nov 2022 00:38:06 +0100 Subject: [PATCH] token exp datetime fix --- auth/jwtcodec.py | 4 ++-- auth/tokenstorage.py | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/auth/jwtcodec.py b/auth/jwtcodec.py index 42aef563..5a6cfa4d 100644 --- a/auth/jwtcodec.py +++ b/auth/jwtcodec.py @@ -41,11 +41,11 @@ class JWTCodec: r = TokenPayload(**payload) print('[jwtcodec] debug payload %r' % r) return r + except jwt.InvalidIssuedAtError: + raise ExpiredToken('check token issued time') except jwt.ExpiredSignatureError: raise ExpiredToken('check token lifetime') except jwt.InvalidTokenError: raise InvalidToken('token is not valid') except jwt.InvalidSignatureError: raise InvalidToken('token is not valid') - except jwt.InvalidIssuedAtError: - raise ExpiredToken('check token issued time') diff --git a/auth/tokenstorage.py b/auth/tokenstorage.py index aa60c6b3..2c84ca67 100644 --- a/auth/tokenstorage.py +++ b/auth/tokenstorage.py @@ -1,4 +1,4 @@ -from datetime import datetime, timedelta +from datetime import datetime, timedelta, timezone from auth.jwtcodec import JWTCodec from validations.auth import AuthInput @@ -21,7 +21,7 @@ class TokenStorage: @staticmethod async def create_onetime(user: AuthInput) -> str: life_span = ONETIME_TOKEN_LIFE_SPAN - exp = datetime.utcnow() + timedelta(seconds=life_span) + exp = datetime.now(tz=timezone.utc) + timedelta(seconds=life_span) one_time_token = JWTCodec.encode(user, exp) await save(f"{user.id}-{one_time_token}", life_span) return one_time_token @@ -29,7 +29,7 @@ class TokenStorage: @staticmethod async def create_session(user: AuthInput) -> str: life_span = SESSION_TOKEN_LIFE_SPAN - exp = datetime.utcnow() + timedelta(seconds=life_span) + exp = datetime.now(tz=timezone.utc) + timedelta(seconds=life_span) session_token = JWTCodec.encode(user, exp) await save(f"{user.id}-{session_token}", life_span) return session_token