core/auth/jwtcodec.py

from datetime import datetime, timezone

import jwt
from pydantic import BaseModel

from auth.exceptions import ExpiredToken, InvalidToken
from settings import JWT_ALGORITHM, JWT_SECRET_KEY


class TokenPayload(BaseModel):
    user_id: str
    username: str
    exp: datetime
    iat: datetime
    iss: str


class JWTCodec:
    @staticmethod
    def encode(user, exp: datetime) -> str:
        payload = {
            "user_id": user.id,
            "username": user.email or user.phone,
            "exp": exp,
            "iat": datetime.now(tz=timezone.utc),
            "iss": "discours",
        }
        try:
            return jwt.encode(payload, JWT_SECRET_KEY, JWT_ALGORITHM)
        except Exception as e:
            print("[auth.jwtcodec] JWT encode error %r" % e)

    @staticmethod
    def decode(token: str, verify_exp: bool = True):
        r = None
        payload = None
        try:
            payload = jwt.decode(
                token,
                key=JWT_SECRET_KEY,
                options={
                    "verify_exp": verify_exp,
                    # "verify_signature": False
                },
                algorithms=[JWT_ALGORITHM],
                issuer="discours",
            )
            r = TokenPayload(**payload)
            # print('[auth.jwtcodec] debug token %r' % r)
            return r
        except jwt.InvalidIssuedAtError:
            print("[auth.jwtcodec] invalid issued at: %r" % payload)
            raise ExpiredToken("check token issued time")
        except jwt.ExpiredSignatureError:
            print("[auth.jwtcodec] expired signature %r" % payload)
            raise ExpiredToken("check token lifetime")
        except jwt.InvalidTokenError:
            raise InvalidToken("token is not valid")
        except jwt.InvalidSignatureError:
            raise InvalidToken("token is not valid")
lint 2023-10-26 20:38:31 +00:00			`from datetime import datetime, timezone`
configured isort, black, flake8 2023-10-30 21:00:55 +00:00
lint 2023-10-26 20:38:31 +00:00			`import jwt`
merged-hub 2024-11-01 12:06:21 +00:00			`from pydantic import BaseModel`
configured isort, black, flake8 2023-10-30 21:00:55 +00:00
merged-hub 2024-11-01 12:06:21 +00:00			`from auth.exceptions import ExpiredToken, InvalidToken`
Revert "Feature/lint" 2023-10-26 21:07:35 +00:00			`from settings import JWT_ALGORITHM, JWT_SECRET_KEY`
merged-hub 2024-11-01 12:06:21 +00:00

			`class TokenPayload(BaseModel):`
			`user_id: str`
			`username: str`
			`exp: datetime`
			`iat: datetime`
			`iss: str`
lint 2023-10-26 20:38:31 +00:00
wip: redis, sqlalchemy, structured, etc 2021-06-28 09:08:09 +00:00
wip refactoring: reactions, storages isolated 2022-07-21 11:58:50 +00:00			`class JWTCodec:`
format and lint orm 2022-09-03 10:50:14 +00:00			`@staticmethod`
merged-hub 2024-11-01 12:06:21 +00:00			`def encode(user, exp: datetime) -> str:`
format and lint orm 2022-09-03 10:50:14 +00:00			`payload = {`
more-secure 2022-10-31 21:25:25 +00:00			`"user_id": user.id,`
			`"username": user.email or user.phone,`
try timezones 2022-11-23 14:09:35 +00:00			`"exp": exp,`
refresh-token 2022-11-24 14:31:52 +00:00			`"iat": datetime.now(tz=timezone.utc),`
configured isort, black, flake8 2023-10-30 21:00:55 +00:00			`"iss": "discours",`
format and lint orm 2022-09-03 10:50:14 +00:00			`}`
confirm-token-fix 2022-10-23 09:33:28 +00:00			`try:`
jwt-decode-debug 2022-10-31 18:38:41 +00:00			`return jwt.encode(payload, JWT_SECRET_KEY, JWT_ALGORITHM)`
confirm-token-fix 2022-10-23 09:33:28 +00:00			`except Exception as e:`
configured isort, black, flake8 2023-10-30 21:00:55 +00:00			`print("[auth.jwtcodec] JWT encode error %r" % e)`
wip: redis, sqlalchemy, structured, etc 2021-06-28 09:08:09 +00:00
format and lint orm 2022-09-03 10:50:14 +00:00			`@staticmethod`
merged-hub 2024-11-01 12:06:21 +00:00			`def decode(token: str, verify_exp: bool = True):`
fix-session 2023-01-31 06:57:35 +00:00			`r = None`
auth fix 2023-02-20 16:09:55 +00:00			`payload = None`
confirm-token-fix 2022-10-23 09:33:28 +00:00			`try:`
			`payload = jwt.decode(`
			`token,`
			`key=JWT_SECRET_KEY,`
no-signature-check 2022-10-31 19:53:48 +00:00			`options={`
			`"verify_exp": verify_exp,`
date-encode 2022-10-31 21:05:10 +00:00			`# "verify_signature": False`
no-signature-check 2022-10-31 19:53:48 +00:00			`},`
confirm-token-fix 2022-10-23 09:33:28 +00:00			`algorithms=[JWT_ALGORITHM],`
configured isort, black, flake8 2023-10-30 21:00:55 +00:00			`issuer="discours",`
confirm-token-fix 2022-10-23 09:33:28 +00:00			`)`
jwt-decode-debug 2022-10-31 18:38:41 +00:00			`r = TokenPayload(**payload)`
Feature/notifications (#77) feature - notifications Co-authored-by: Igor Lobanov <igor.lobanov@onetwotrip.com> 2023-10-10 06:35:27 +00:00			`# print('[auth.jwtcodec] debug token %r' % r)`
jwt-decode-debug 2022-10-31 18:38:41 +00:00			`return r`
token exp datetime fix 2022-11-13 23:38:06 +00:00			`except jwt.InvalidIssuedAtError:`
configured isort, black, flake8 2023-10-30 21:00:55 +00:00			`print("[auth.jwtcodec] invalid issued at: %r" % payload)`
			`raise ExpiredToken("check token issued time")`
date-encode 2022-10-31 21:05:10 +00:00			`except jwt.ExpiredSignatureError:`
configured isort, black, flake8 2023-10-30 21:00:55 +00:00			`print("[auth.jwtcodec] expired signature %r" % payload)`
			`raise ExpiredToken("check token lifetime")`
debug-jwt 2022-10-31 21:17:00 +00:00			`except jwt.InvalidTokenError:`
configured isort, black, flake8 2023-10-30 21:00:55 +00:00			`raise InvalidToken("token is not valid")`
debug-jwt 2022-10-31 21:17:00 +00:00			`except jwt.InvalidSignatureError:`
configured isort, black, flake8 2023-10-30 21:00:55 +00:00			`raise InvalidToken("token is not valid")`