Adjusted token expiration

7 years ago · 64b60d2ad1
parent 819496853f
commit 64b60d2ad1
2 changed files with 11 additions and 10 deletions
--- a/cookie_api/app.py
+++ b/cookie_api/app.py
@ -1,9 +1,12 @@
-from apistar import Include, Route, http, Command
+from apistar import Include, Route, http, annotate
 from apistar.backends import sqlalchemy_backend
 from apistar.backends.sqlalchemy_backend import Session
 from apistar.frameworks.wsgi import WSGIApp as App
 from apistar.handlers import docs_urls, static_urls
-from apistar.interfaces import Router, Injector
+from apistar.interfaces import Router, Injector, Auth
+
+from apistar_jwt.authentication import JWTAuthentication
+from apistar_jwt.exceptions import AuthenticationFailed

 from cookie_api.render import JSONRenderer
 from cookie_api.commands import commands
@ -12,13 +15,15 @@ from cookie_api.models.schema import Base, Cookie
 from .auth import auth_routes, auth_components


-def get_state(injector: Injector):
+@annotate(authentication=[JWTAuthentication()])
+def get_state(injector: Injector, auth: Auth):
    state = injector.state
    d = dict()
    for k, v in state.items():
        d[k] = str(v)
    return d

+
 def get_cookies(session: Session):
    cookies = session.query(Cookie).all()
    # result = [{"id": cookie.id,
@ -43,7 +48,6 @@ def get_cookie(session: Session, id):
    return cookie.to_dict()


-# @annotate(authentication=[JWTAuthentication()])
 def create_cookie(session: Session, json_data: http.RequestData, route: Router):
    cookie = Cookie(name=json_data['name'],
                    recipe_url=json_data['recipe_url'],
--- a/cookie_api/auth.py
+++ b/cookie_api/auth.py
@ -29,7 +29,7 @@ def login(settings: Settings, json_data: http.RequestData, session: Session):
    SECRET = settings['JWT'].get('SECRET')

    payload = {
-        'exp': dt.datetime.utcnow() + dt.timedelta(days=0, seconds=5),
+        'exp': dt.datetime.utcnow() + dt.timedelta(days=0, minutes=60),
        'iat': dt.datetime.utcnow(),
        'sub': user.id
    }
@ -42,10 +42,7 @@ def login(settings: Settings, json_data: http.RequestData, session: Session):
        'auth_token': token
    }

-    headers = {
-        'Authorization': 'Bearer {}'.format(token)
-    }
-    return http.Response(data, status=200, headers=headers)
+    return data


 routes = [