Barcode Betty
32 lines
1.1 KiB
Python
32 lines
1.1 KiB
Python
"""JWT token creation and validation."""
|
|
|
|
from datetime import UTC, datetime, timedelta
|
|
from typing import Any, cast
|
|
from uuid import UUID
|
|
|
|
from jose import JWTError, jwt
|
|
|
|
from cartsnitch_api.config import settings
|
|
|
|
|
|
def create_access_token(user_id: UUID) -> str:
|
|
expire = datetime.now(UTC) + timedelta(minutes=settings.jwt_access_token_expire_minutes)
|
|
payload = {"sub": str(user_id), "exp": expire, "type": "access"}
|
|
return cast(str, jwt.encode(payload, settings.jwt_secret_key, algorithm=settings.jwt_algorithm))
|
|
|
|
|
|
def create_refresh_token(user_id: UUID) -> str:
|
|
expire = datetime.now(UTC) + timedelta(days=settings.jwt_refresh_token_expire_days)
|
|
payload = {"sub": str(user_id), "exp": expire, "type": "refresh"}
|
|
return cast(str, jwt.encode(payload, settings.jwt_secret_key, algorithm=settings.jwt_algorithm))
|
|
|
|
|
|
def decode_token(token: str) -> dict:
|
|
try:
|
|
return cast(
|
|
dict[str, Any],
|
|
jwt.decode(token, settings.jwt_secret_key, algorithms=[settings.jwt_algorithm]),
|
|
)
|
|
except JWTError as e:
|
|
raise ValueError(f"Invalid token: {e}") from e
|