chess_rpg_backend/game/services/jwt.py

50 lines
1.4 KiB
Python

import jwt
import pytz
from datetime import datetime
from django.conf import settings
from jwt import ExpiredSignatureError, InvalidSignatureError
TIMEZONE = pytz.timezone("Europe/Moscow")
def sign_jwt(data: dict, t_life: None | int = None) -> str:
"""generate and sign jwt with iat and exp using data from settings"""
iat = int(datetime.now(tz=TIMEZONE).timestamp())
exp = iat + settings.TOKEN_EXP if not t_life else iat + t_life
payload = {"iat": iat, "exp": exp}
for nm, el in data.items():
if nm not in ["iat", "exp"]:
payload[nm] = el
secret = settings.SECRET_KEY
token = jwt.encode(payload=payload, key=secret)
return token
def read_jwt(token: str) -> dict | bool:
"""reads jwt, validates it and return payload if correct"""
header_data = jwt.get_unverified_header(token)
secret = settings.SECRET_KEY
try:
payload = jwt.decode(token, key=secret, algorithms=[header_data["alg"]])
except ExpiredSignatureError as e:
return False
except InvalidSignatureError as e:
return False
if "exp" not in payload:
return False
if int(datetime.now(tz=TIMEZONE).timestamp()) > payload["exp"]:
return False
payload.pop("iat", None)
payload.pop("exp", None)
return payload
def generate_refresh_token(payload: dict) -> str:
return sign_jwt(payload)