date-encode

2022-11-01 00:05:10 +03:00 · 2022-11-01 00:05:10 +03:00 · 6c97d39e24
commit 6c97d39e24
parent e9b594703c
2 changed files with 13 additions and 6 deletions
--- a/auth/jwtcodec.py
+++ b/auth/jwtcodec.py
@ -1,7 +1,7 @@
 from datetime import datetime
-
+import time
 import jwt
-
+from base.exceptions import ExpiredToken
 from validations.auth import TokenPayload
 from settings import JWT_ALGORITHM, JWT_SECRET_KEY

@ -14,7 +14,8 @@ class JWTCodec:
            # "user_email": user.email,  # less secure
            # "device": device,  # no use cases
            "exp": exp,
-            "iat": datetime.utcnow()
+            "iat": time.mktime(datetime.now().timetuple()),
+            "iss": "discours"
        }
        try:
            return jwt.encode(payload, JWT_SECRET_KEY, JWT_ALGORITHM)
@ -29,12 +30,13 @@ class JWTCodec:
                key=JWT_SECRET_KEY,
                options={
                    "verify_exp": verify_exp,
-                    "verify_signature": False
+                    # "verify_signature": False
                },
                algorithms=[JWT_ALGORITHM],
+                issuer="discours"
            )
            r = TokenPayload(**payload)
            print('[jwtcodec] debug payload %r' % r)
            return r
-        except Exception as e:
-            print('[jwtcodec] JWT decode error %r' % e)
+        except jwt.ExpiredSignatureError:
+            raise ExpiredToken
--- a/base/exceptions.py
+++ b/base/exceptions.py
@ -6,6 +6,11 @@ class BaseHttpException(GraphQLError):
    message = "500 Server error"


+class ExpiredToken(BaseHttpException):
+    code = 403
+    message = "403 Expired Token"
+
+
 class InvalidToken(BaseHttpException):
    code = 403
    message = "403 Invalid Token"