mirror of
https://github.com/evgen-app/chess_rpg_backend.git
synced 2024-11-22 17:47:11 +03:00
50 lines
1.4 KiB
Python
50 lines
1.4 KiB
Python
import jwt
|
|
import pytz
|
|
|
|
from datetime import datetime
|
|
from django.conf import settings
|
|
from jwt import ExpiredSignatureError, InvalidSignatureError
|
|
|
|
TIMEZONE = pytz.timezone("Europe/Moscow")
|
|
|
|
|
|
def sign_jwt(data: dict, t_life: None | int = None) -> str:
|
|
"""generate and sign jwt with iat and exp using data from settings"""
|
|
iat = int(datetime.now(tz=TIMEZONE).timestamp())
|
|
exp = iat + settings.TOKEN_EXP if not t_life else iat + t_life
|
|
payload = {"iat": iat, "exp": exp}
|
|
for nm, el in data.items():
|
|
if nm not in ["iat", "exp"]:
|
|
payload[nm] = el
|
|
|
|
secret = settings.SECRET_KEY
|
|
token = jwt.encode(payload=payload, key=secret)
|
|
return token
|
|
|
|
|
|
def read_jwt(token: str) -> dict | bool:
|
|
"""reads jwt, validates it and return payload if correct"""
|
|
header_data = jwt.get_unverified_header(token)
|
|
secret = settings.SECRET_KEY
|
|
try:
|
|
payload = jwt.decode(token, key=secret, algorithms=[header_data["alg"]])
|
|
except ExpiredSignatureError as e:
|
|
return False
|
|
except InvalidSignatureError as e:
|
|
return False
|
|
|
|
if "exp" not in payload:
|
|
return False
|
|
|
|
if int(datetime.now(tz=TIMEZONE).timestamp()) > payload["exp"]:
|
|
return False
|
|
|
|
payload.pop("iat", None)
|
|
payload.pop("exp", None)
|
|
|
|
return payload
|
|
|
|
|
|
def generate_refresh_token(payload: dict) -> str:
|
|
return sign_jwt(payload)
|