discours.io/core
5
0
Fork 0
Code Pull Requests Actions Projects Activity

more-secure

Browse Source
This commit is contained in:
tonyrewin 2022-11-01 00:25:25 +03:00
parent af2b94eca4
commit c035df9dc2
3 changed files with 9 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
auth/jwtcodec.py
View File

@ -2,20 +2,20 @@ from datetime import datetime
import time import time
import jwt import jwt
from base.exceptions import ExpiredToken, InvalidToken from base.exceptions import ExpiredToken, InvalidToken
from validations.auth import TokenPayload from validations.auth import TokenPayload, AuthInput
from settings import JWT_ALGORITHM, JWT_SECRET_KEY from settings import JWT_ALGORITHM, JWT_SECRET_KEY
class JWTCodec: class JWTCodec:
@staticmethod @staticmethod
def encode(user_id: int, exp: datetime) -> str: def encode(user: AuthInput, exp: datetime) -> str:
issued = int(time.mktime(datetime.now().timetuple())) issued = int(time.mktime(datetime.now().timetuple()))
print('[jwtcodec] issued at %r' % issued) print('[jwtcodec] issued at %r' % issued)
expires = time.mktime(exp.timetuple()) expires = int(time.mktime(exp.timetuple()))
print('[jwtcodec] expires at %r' % expires) print('[jwtcodec] expires at %r' % expires)
payload = { payload = {
"user_id": user_id, "user_id": user.id,
# "user_email": user.email, # less secure "username": user.email or user.phone,
# "device": device, # no use cases # "device": device, # no use cases
"exp": expires, "exp": expires,
"iat": issued, "iat": issued,

4
auth/tokenstorage.py
View File

@ -22,7 +22,7 @@ class TokenStorage:
async def create_onetime(user: AuthInput) -> str: async def create_onetime(user: AuthInput) -> str:
life_span = ONETIME_TOKEN_LIFE_SPAN life_span = ONETIME_TOKEN_LIFE_SPAN
exp = datetime.utcnow() + timedelta(seconds=life_span) exp = datetime.utcnow() + timedelta(seconds=life_span)
one_time_token = JWTCodec.encode(user.id, exp) one_time_token = JWTCodec.encode(user, exp)
await save(f"{user.id}-{one_time_token}", life_span) await save(f"{user.id}-{one_time_token}", life_span)
return one_time_token return one_time_token
@ -30,7 +30,7 @@ class TokenStorage:
async def create_session(user: AuthInput) -> str: async def create_session(user: AuthInput) -> str:
life_span = SESSION_TOKEN_LIFE_SPAN life_span = SESSION_TOKEN_LIFE_SPAN
exp = datetime.utcnow() + timedelta(seconds=life_span) exp = datetime.utcnow() + timedelta(seconds=life_span)
session_token = JWTCodec.encode(user.id, exp) session_token = JWTCodec.encode(user, exp)
await save(f"{user.id}-{session_token}", life_span) await save(f"{user.id}-{session_token}", life_span)
return session_token return session_token

3
validations/auth.py
View File

@ -6,7 +6,8 @@ from pydantic import BaseModel
class AuthInput(BaseModel): class AuthInput(BaseModel):
id: Optional[int] id: Optional[int]
username: Optional[Text] email: Optional[Text]
phone: Optional[Text]
password: Optional[Text] password: Optional[Text]