Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug: User JWT has no expiry #35

Open
Veivel opened this issue Jul 14, 2024 · 0 comments
Open

Bug: User JWT has no expiry #35

Veivel opened this issue Jul 14, 2024 · 0 comments
Assignees
@Veivel

Comments

@Veivel
Copy link
Contributor

Veivel commented Jul 14, 2024
edited
Loading

This issue is a:

  • bug report

Current behavior:

If you decode the Bearer token used to make requests to the backend, you will get:
image
(data cropped for obvious reasons)

A quick search through the repository also shows no duration or exp values.

susunjadwal-backend/app/jwt_utils.py

Lines 5 to 13 in 0029867

def encode_token(data):
return jwt.encode(data, app.config["SECRET_KEY"], algorithm='HS256').decode()
def decode_token(token):
try:
data = jwt.decode(token, app.config["SECRET_KEY"], algorithm='HS256')
except:
return None

susunjadwal-backend/app/utils.py

Lines 11 to 16 in 0029867

def generate_token(user_id, major_id):
token = encode_token({
'user_id': str(user_id),
'major_id': str(major_id),
})
return token

Requested behavior:

Generate every token with an expiry date.

Why this behavior is better:

Don't think this needs any explanation.
https://gist.github.com/soulmachine/b368ce7292ddd7f91c15accccc02b8df

Note

If anyone wants to fix this, feel free to do so :)
@Veivel Veivel self-assigned this Jul 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Veivel Veivel

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Veivel