59 lines
1.3 KiB
Python
59 lines
1.3 KiB
Python
"""JWT token encoding/decoding utilities."""
|
|
|
|
from datetime import datetime, timedelta
|
|
from typing import Optional
|
|
|
|
from jose import JWTError, jwt
|
|
|
|
from app.config import settings
|
|
|
|
|
|
def create_access_token(data: dict, expires_delta: Optional[timedelta] = None) -> str:
|
|
"""
|
|
Create JWT access token.
|
|
|
|
Args:
|
|
data: Data to encode in token (user_id, login, etc.)
|
|
expires_delta: Token expiration time (default: from settings)
|
|
|
|
Returns:
|
|
Encoded JWT token
|
|
"""
|
|
to_encode = data.copy()
|
|
|
|
if expires_delta:
|
|
expire = datetime.utcnow() + expires_delta
|
|
else:
|
|
expire = datetime.utcnow() + timedelta(minutes=settings.JWT_EXPIRE_MINUTES)
|
|
|
|
to_encode.update({"exp": int(expire.timestamp())})
|
|
|
|
encoded_jwt = jwt.encode(
|
|
to_encode,
|
|
settings.JWT_SECRET_KEY,
|
|
algorithm=settings.JWT_ALGORITHM
|
|
)
|
|
|
|
return encoded_jwt
|
|
|
|
|
|
def decode_access_token(token: str) -> Optional[dict]:
|
|
"""
|
|
Decode and validate JWT token.
|
|
|
|
Args:
|
|
token: JWT token to decode
|
|
|
|
Returns:
|
|
Decoded token payload or None if invalid
|
|
"""
|
|
try:
|
|
payload = jwt.decode(
|
|
token,
|
|
settings.JWT_SECRET_KEY,
|
|
algorithms=[settings.JWT_ALGORITHM]
|
|
)
|
|
return payload
|
|
except JWTError:
|
|
return None
|