From c035df9dc265572f120e70bfc35c7bb17aa39fac Mon Sep 17 00:00:00 2001
From: tonyrewin <anton.rewin@gmail.com>
Date: Tue, 1 Nov 2022 00:25:25 +0300
Subject: [PATCH] more-secure

---
 auth/jwtcodec.py     | 10 +++++-----
 auth/tokenstorage.py |  4 ++--
 validations/auth.py  |  3 ++-
 3 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/auth/jwtcodec.py b/auth/jwtcodec.py
index 4d077fc8..53a6de90 100644
--- a/auth/jwtcodec.py
+++ b/auth/jwtcodec.py
@@ -2,20 +2,20 @@ from datetime import datetime
 import time
 import jwt
 from base.exceptions import ExpiredToken, InvalidToken
-from validations.auth import TokenPayload
+from validations.auth import TokenPayload, AuthInput
 from settings import JWT_ALGORITHM, JWT_SECRET_KEY
 
 
 class JWTCodec:
     @staticmethod
-    def encode(user_id: int, exp: datetime) -> str:
+    def encode(user: AuthInput, exp: datetime) -> str:
         issued = int(time.mktime(datetime.now().timetuple()))
         print('[jwtcodec] issued at %r' % issued)
-        expires = time.mktime(exp.timetuple())
+        expires = int(time.mktime(exp.timetuple()))
         print('[jwtcodec] expires at %r' % expires)
         payload = {
-            "user_id": user_id,
-            # "user_email": user.email,  # less secure
+            "user_id": user.id,
+            "username": user.email or user.phone,
             # "device": device,  # no use cases
             "exp": expires,
             "iat": issued,
diff --git a/auth/tokenstorage.py b/auth/tokenstorage.py
index 3802eb6b..aa60c6b3 100644
--- a/auth/tokenstorage.py
+++ b/auth/tokenstorage.py
@@ -22,7 +22,7 @@ class TokenStorage:
     async def create_onetime(user: AuthInput) -> str:
         life_span = ONETIME_TOKEN_LIFE_SPAN
         exp = datetime.utcnow() + timedelta(seconds=life_span)
-        one_time_token = JWTCodec.encode(user.id, exp)
+        one_time_token = JWTCodec.encode(user, exp)
         await save(f"{user.id}-{one_time_token}", life_span)
         return one_time_token
 
@@ -30,7 +30,7 @@ class TokenStorage:
     async def create_session(user: AuthInput) -> str:
         life_span = SESSION_TOKEN_LIFE_SPAN
         exp = datetime.utcnow() + timedelta(seconds=life_span)
-        session_token = JWTCodec.encode(user.id, exp)
+        session_token = JWTCodec.encode(user, exp)
         await save(f"{user.id}-{session_token}", life_span)
         return session_token
 
diff --git a/validations/auth.py b/validations/auth.py
index f22bdfc8..aef1be3e 100644
--- a/validations/auth.py
+++ b/validations/auth.py
@@ -6,7 +6,8 @@ from pydantic import BaseModel
 
 class AuthInput(BaseModel):
     id: Optional[int]
-    username: Optional[Text]
+    email: Optional[Text]
+    phone: Optional[Text]
     password: Optional[Text]