-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathsession.py
More file actions
37 lines (31 loc) · 1.29 KB
/
session.py
File metadata and controls
37 lines (31 loc) · 1.29 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
"""Minimal JWT session manager for OAuth2 (internal).
This module avoids any import-time side effects and provides helpers to create
and verify short-lived JWTs for user sessions.
"""
from typing import Any, Dict
from datetime import datetime, timedelta, timezone
import jwt
class SessionManager:
def __init__(self, secret_key: str, algorithm: str = "HS256") -> None:
self.secret_key = secret_key
self.algorithm = algorithm
def create_session_token(
self, user: Dict[str, Any], *, expires_in_seconds: int = 86400
) -> str:
now = datetime.now(tz=timezone.utc)
payload = {
"sub": str(user.get("id")),
"login": user.get("login"),
"iat": int(now.timestamp()),
"exp": int((now + timedelta(seconds=expires_in_seconds)).timestamp()),
"type": "session",
}
token = jwt.encode(payload, self.secret_key, algorithm=self.algorithm)
if isinstance(token, bytes):
token = token.decode("utf-8")
return token
def verify_session_token(self, token: str) -> Dict[str, Any]:
data = jwt.decode(token, self.secret_key, algorithms=[self.algorithm])
if data.get("type") != "session":
raise jwt.InvalidTokenError("Invalid token type")
return data