core/auth/jwtcodec.py

from datetime import datetime
import time
import jwt
from base.exceptions import ExpiredToken, InvalidToken
from validations.auth import TokenPayload
from settings import JWT_ALGORITHM, JWT_SECRET_KEY


class JWTCodec:
    @staticmethod
    def encode(user_id: int, exp: datetime) -> str:
        issued = int(time.mktime(datetime.now().timetuple()))
        print('[jwtcodec] issued at %r' % issued)
        expires = time.mktime(exp.timetuple())
        print('[jwtcodec] expires at %r' % expires)
        payload = {
            "user_id": user_id,
            # "user_email": user.email,  # less secure
            # "device": device,  # no use cases
            "exp": expires,
            "iat": issued,
            "iss": "discours"
        }
        try:
            return jwt.encode(payload, JWT_SECRET_KEY, JWT_ALGORITHM)
        except Exception as e:
            print('[jwtcodec] JWT encode error %r' % e)

    @staticmethod
    def decode(token: str, verify_exp: bool = True) -> TokenPayload:
        try:
            payload = jwt.decode(
                token,
                key=JWT_SECRET_KEY,
                options={
                    "verify_exp": verify_exp,
                    # "verify_signature": False
                },
                algorithms=[JWT_ALGORITHM],
                issuer="discours"
            )
            r = TokenPayload(**payload)
            print('[jwtcodec] debug payload %r' % r)
            return r
        except jwt.ExpiredSignatureError:
            raise ExpiredToken('check token lifetime')
        except jwt.InvalidTokenError:
            raise InvalidToken('token is not valid')
        except jwt.InvalidSignatureError:
            raise InvalidToken('token is not valid')
        except jwt.InvalidIssuedAtError:
            raise ExpiredToken('check token issued time')
wip: redis, sqlalchemy, structured, etc 2021-06-28 09:08:09 +00:00			`from datetime import datetime`
date-encode 2022-10-31 21:05:10 +00:00			`import time`
wip: redis, sqlalchemy, structured, etc 2021-06-28 09:08:09 +00:00			`import jwt`
debug-jwt 2022-10-31 21:17:00 +00:00			`from base.exceptions import ExpiredToken, InvalidToken`
jwt-decode-debug 2022-10-31 18:38:41 +00:00			`from validations.auth import TokenPayload`
wip: redis, sqlalchemy, structured, etc 2021-06-28 09:08:09 +00:00			`from settings import JWT_ALGORITHM, JWT_SECRET_KEY`


wip refactoring: reactions, storages isolated 2022-07-21 11:58:50 +00:00			`class JWTCodec:`
format and lint orm 2022-09-03 10:50:14 +00:00			`@staticmethod`
jwt-decode-debug 2022-10-31 18:38:41 +00:00			`def encode(user_id: int, exp: datetime) -> str:`
debug-jwt 2022-10-31 21:17:00 +00:00			`issued = int(time.mktime(datetime.now().timetuple()))`
			`print('[jwtcodec] issued at %r' % issued)`
			`expires = time.mktime(exp.timetuple())`
			`print('[jwtcodec] expires at %r' % expires)`
format and lint orm 2022-09-03 10:50:14 +00:00			`payload = {`
jwt-decode-debug 2022-10-31 18:38:41 +00:00			`"user_id": user_id,`
migration, auth, refactoring, formatting 2022-09-17 18:12:14 +00:00			`# "user_email": user.email, # less secure`
			`# "device": device, # no use cases`
debug-jwt 2022-10-31 21:17:00 +00:00			`"exp": expires,`
			`"iat": issued,`
date-encode 2022-10-31 21:05:10 +00:00			`"iss": "discours"`
format and lint orm 2022-09-03 10:50:14 +00:00			`}`
confirm-token-fix 2022-10-23 09:33:28 +00:00			`try:`
jwt-decode-debug 2022-10-31 18:38:41 +00:00			`return jwt.encode(payload, JWT_SECRET_KEY, JWT_ALGORITHM)`
confirm-token-fix 2022-10-23 09:33:28 +00:00			`except Exception as e:`
			`print('[jwtcodec] JWT encode error %r' % e)`
wip: redis, sqlalchemy, structured, etc 2021-06-28 09:08:09 +00:00
format and lint orm 2022-09-03 10:50:14 +00:00			`@staticmethod`
migration, auth, refactoring, formatting 2022-09-17 18:12:14 +00:00			`def decode(token: str, verify_exp: bool = True) -> TokenPayload:`
confirm-token-fix 2022-10-23 09:33:28 +00:00			`try:`
			`payload = jwt.decode(`
			`token,`
			`key=JWT_SECRET_KEY,`
no-signature-check 2022-10-31 19:53:48 +00:00			`options={`
			`"verify_exp": verify_exp,`
date-encode 2022-10-31 21:05:10 +00:00			`# "verify_signature": False`
no-signature-check 2022-10-31 19:53:48 +00:00			`},`
confirm-token-fix 2022-10-23 09:33:28 +00:00			`algorithms=[JWT_ALGORITHM],`
date-encode 2022-10-31 21:05:10 +00:00			`issuer="discours"`
confirm-token-fix 2022-10-23 09:33:28 +00:00			`)`
jwt-decode-debug 2022-10-31 18:38:41 +00:00			`r = TokenPayload(**payload)`
			`print('[jwtcodec] debug payload %r' % r)`
			`return r`
date-encode 2022-10-31 21:05:10 +00:00			`except jwt.ExpiredSignatureError:`
debug-jwt 2022-10-31 21:17:00 +00:00			`raise ExpiredToken('check token lifetime')`
			`except jwt.InvalidTokenError:`
			`raise InvalidToken('token is not valid')`
			`except jwt.InvalidSignatureError:`
			`raise InvalidToken('token is not valid')`
			`except jwt.InvalidIssuedAtError:`
			`raise ExpiredToken('check token issued time')`