diff options
| author |  Chris Lovering <[email protected]> | 2024-08-27 23:59:00 +0100 |
|---|---|---|
| committer | Chris Lovering <[email protected]> | 2024-08-27 23:59:00 +0100 |
| commit | fbe63f3b7b4b05b9033c0434ea4f6f1dfe86a7d6 (patch) | |
| tree | c08656b328723958035810d3a39866021eebee3b | |
| parent | Use a generic JWTClaim class for respones (diff) | |
Allow refreshing of JWTs
| -rw-r--r-- | thallium-backend/src/dto/__init__.py | 3 | ||||
| -rw-r--r-- | thallium-backend/src/routes/login.py | 22 |
2 files changed, 21 insertions, 4 deletions
diff --git a/thallium-backend/src/dto/__init__.py b/thallium-backend/src/dto/__init__.py index ca4cb29..e38135e 100644 --- a/thallium-backend/src/dto/__init__.py +++ b/thallium-backend/src/dto/__init__.py @@ -1,10 +1,11 @@ -from .login import PasswordReset, UserClaim, UserLogin, VoucherClaim, VoucherLogin +from .login import JWTClaim, PasswordReset, UserClaim, UserLogin, VoucherClaim, VoucherLogin from .templates import Template, TemplateWithVariant, Variant from .users import User, UserPermission from .vouchers import Voucher __all__ = ( "LoginData", + "JWTClaim", "User", "UserPermission", "Voucher", diff --git a/thallium-backend/src/routes/login.py b/thallium-backend/src/routes/login.py index 3a4f6f1..530553a 100644 --- a/thallium-backend/src/routes/login.py +++ b/thallium-backend/src/routes/login.py @@ -1,11 +1,12 @@ import logging +from datetime import UTC, datetime import argon2 -from fastapi import APIRouter, HTTPException +from fastapi import APIRouter, Depends, HTTPException, Request from sqlalchemy import and_, select -from src.auth import build_jwt -from src.dto import PasswordReset, UserClaim, UserLogin, VoucherClaim, VoucherLogin +from src.auth import TokenAuth, build_jwt +from src.dto import JWTClaim, PasswordReset, UserClaim, UserLogin, VoucherClaim, VoucherLogin from src.orm import User as DBUser, Voucher as DBVoucher from src.settings import DBSession @@ -89,6 +90,21 @@ async def handle_user_login(login_payload: UserLogin, db: DBSession) -> UserClai ) [email protected]("/refresh-token", dependencies=[Depends(TokenAuth(allow_regular_users=True, allow_vouchers=True))]) +async def refresh_jwt(request: Request) -> JWTClaim: + """Return a new JWT with a fresh 30 minute window.""" + if hasattr(request.state, "user"): + user: DBUser = request.state.user + subject = user.id + user_type = "user" + elif hasattr(request.state, "voucher"): + voucher: DBVoucher = request.state.voucher + subject = voucher.id + user_type = "voucher" + + return {"jwt": build_jwt(subject, user_type)} + + @router.post("/voucher-login") async def handle_voucher_login(login_payload: VoucherLogin, db: DBSession) -> VoucherClaim: """Return a signed JWT if the given voucher is present in the database.""" |