Infra
/
lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix TTL calculation for API keys

This commit is contained in:
Jasmine Schladen 2021-02-16 17:54:57 -08:00
parent 9f4e26a961
commit e9860ee72a
1 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
lemur/auth/service.py
View File

@ -75,7 +75,7 @@ def create_token(user, aid=None, ttl=None):
if ttl == -1: if ttl == -1:
del payload["exp"] del payload["exp"]
else: else:
payload["exp"] = ttl payload["exp"] = datetime.utcnow() + timedelta(days=ttl)
token = jwt.encode(payload, current_app.config["LEMUR_TOKEN_SECRET"]) token = jwt.encode(payload, current_app.config["LEMUR_TOKEN_SECRET"])
return token return token
@ -116,9 +116,8 @@ def login_required(f):
return dict(message="Token has been revoked"), 403 return dict(message="Token has been revoked"), 403
if access_key.ttl != -1: if access_key.ttl != -1:
current_time = datetime.utcnow() current_time = datetime.utcnow()
expired_time = datetime.fromtimestamp( # API key uses days
access_key.issued_at + access_key.ttl expired_time = datetime.fromtimestamp(access_key.issued_at) + timedelta(days=access_key.ttl)
)
if current_time >= expired_time: if current_time >= expired_time:
return dict(message="Token has expired"), 403 return dict(message="Token has expired"), 403