Spaces:
Sleeping
Sleeping
fixed verification for refresh token
Browse files- app.py +1 -1
- tokenManagement.py +3 -3
app.py
CHANGED
|
@@ -365,7 +365,7 @@ def refresh_access_token(refresh_token:Token, authorization: str = Header(...)):
|
|
| 365 |
|
| 366 |
# Here, you would validate the token (e.g., check with a JWT library)
|
| 367 |
decoded_user_id,decoded_access_token = decode_jwt(token)
|
| 368 |
-
is_valid = verify_refresh_access_token(db_uri=MONGO_URI, user_id=decoded_user_id, access_token=decoded_access_token)
|
| 369 |
if is_valid != True: # Example check
|
| 370 |
raise HTTPException(status_code=401, detail="Invalid token")
|
| 371 |
new_access_token = create_accessToken(db_uri=MONGO_URI,user_id=decoded_user_id,refresh_token=refresh_token.refreshToken)
|
|
|
|
| 365 |
|
| 366 |
# Here, you would validate the token (e.g., check with a JWT library)
|
| 367 |
decoded_user_id,decoded_access_token = decode_jwt(token)
|
| 368 |
+
is_valid = verify_refresh_access_token(db_uri=MONGO_URI, user_id=decoded_user_id, access_token=decoded_access_token,refresh_token=refresh_token.refreshToken)
|
| 369 |
if is_valid != True: # Example check
|
| 370 |
raise HTTPException(status_code=401, detail="Invalid token")
|
| 371 |
new_access_token = create_accessToken(db_uri=MONGO_URI,user_id=decoded_user_id,refresh_token=refresh_token.refreshToken)
|
tokenManagement.py
CHANGED
|
@@ -145,7 +145,7 @@ def verify_access_token(db_uri: str, user_id: str, access_token: str) -> bool:
|
|
| 145 |
pass
|
| 146 |
return False
|
| 147 |
|
| 148 |
-
def verify_refresh_access_token(db_uri: str, user_id: str, access_token: str) -> bool:
|
| 149 |
|
| 150 |
current_time = datetime.datetime.now()
|
| 151 |
"""
|
|
@@ -155,13 +155,13 @@ def verify_refresh_access_token(db_uri: str, user_id: str, access_token: str) ->
|
|
| 155 |
client = MongoClient(db_uri)
|
| 156 |
db = client["crayonics"]
|
| 157 |
collection = db["RefreshToken"]
|
| 158 |
-
docs = collection.find({"user_id":user_id,"previous_access_token":access_token})
|
| 159 |
for doc in docs:
|
| 160 |
|
| 161 |
if doc==None:
|
| 162 |
return False
|
| 163 |
else:
|
| 164 |
-
if str(doc['
|
| 165 |
streaks_doc={}
|
| 166 |
streaks_doc['user_id'] = str(user_id)
|
| 167 |
streaks_manager(db_uri=db_uri,document=streaks_doc)
|
|
|
|
| 145 |
pass
|
| 146 |
return False
|
| 147 |
|
| 148 |
+
def verify_refresh_access_token(db_uri: str, user_id: str, access_token: str,refresh_token:str) -> bool:
|
| 149 |
|
| 150 |
current_time = datetime.datetime.now()
|
| 151 |
"""
|
|
|
|
| 155 |
client = MongoClient(db_uri)
|
| 156 |
db = client["crayonics"]
|
| 157 |
collection = db["RefreshToken"]
|
| 158 |
+
docs = collection.find({"_id":ObjectId(refresh_token),"user_id":user_id,"previous_access_token":access_token})
|
| 159 |
for doc in docs:
|
| 160 |
|
| 161 |
if doc==None:
|
| 162 |
return False
|
| 163 |
else:
|
| 164 |
+
if str(doc['previous_access_token']) == access_token:
|
| 165 |
streaks_doc={}
|
| 166 |
streaks_doc['user_id'] = str(user_id)
|
| 167 |
streaks_manager(db_uri=db_uri,document=streaks_doc)
|