more-secure

2022-11-01 00:25:25 +03:00 · 2022-11-01 00:25:25 +03:00 · c035df9dc2
commit c035df9dc2
parent af2b94eca4
3 changed files with 9 additions and 8 deletions
--- a/auth/jwtcodec.py
+++ b/auth/jwtcodec.py
@ -2,20 +2,20 @@ from datetime import datetime
 import time
 import jwt
 from base.exceptions import ExpiredToken, InvalidToken
-from validations.auth import TokenPayload
+from validations.auth import TokenPayload, AuthInput
 from settings import JWT_ALGORITHM, JWT_SECRET_KEY


 class JWTCodec:
    @staticmethod
-    def encode(user_id: int, exp: datetime) -> str:
+    def encode(user: AuthInput, exp: datetime) -> str:
        issued = int(time.mktime(datetime.now().timetuple()))
        print('[jwtcodec] issued at %r' % issued)
-        expires = time.mktime(exp.timetuple())
+        expires = int(time.mktime(exp.timetuple()))
        print('[jwtcodec] expires at %r' % expires)
        payload = {
-            "user_id": user_id,
-            # "user_email": user.email,  # less secure
+            "user_id": user.id,
+            "username": user.email or user.phone,
            # "device": device,  # no use cases
            "exp": expires,
            "iat": issued,
--- a/auth/tokenstorage.py
+++ b/auth/tokenstorage.py
@ -22,7 +22,7 @@ class TokenStorage:
    async def create_onetime(user: AuthInput) -> str:
        life_span = ONETIME_TOKEN_LIFE_SPAN
        exp = datetime.utcnow() + timedelta(seconds=life_span)
-        one_time_token = JWTCodec.encode(user.id, exp)
+        one_time_token = JWTCodec.encode(user, exp)
        await save(f"{user.id}-{one_time_token}", life_span)
        return one_time_token

@ -30,7 +30,7 @@ class TokenStorage:
    async def create_session(user: AuthInput) -> str:
        life_span = SESSION_TOKEN_LIFE_SPAN
        exp = datetime.utcnow() + timedelta(seconds=life_span)
-        session_token = JWTCodec.encode(user.id, exp)
+        session_token = JWTCodec.encode(user, exp)
        await save(f"{user.id}-{session_token}", life_span)
        return session_token

--- a/validations/auth.py
+++ b/validations/auth.py
@ -6,7 +6,8 @@ from pydantic import BaseModel

 class AuthInput(BaseModel):
    id: Optional[int]
-    username: Optional[Text]
+    email: Optional[Text]
+    phone: Optional[Text]
    password: Optional[Text]