48 lines
1.5 KiB
Python
48 lines
1.5 KiB
Python
import logging
|
|
from datetime import datetime, timedelta
|
|
|
|
from jose import JWTError, jwt
|
|
from passlib.context import CryptContext
|
|
|
|
from core.config import JWT_SECRET_KEY
|
|
|
|
logger = logging.getLogger("app")
|
|
|
|
SECRET_KEY = JWT_SECRET_KEY
|
|
ALGORITHM = "HS256"
|
|
ACCESS_TOKEN_EXPIRE_MINUTES = 30
|
|
REFRESH_TOKEN_EXPIRE_DAYS = 30
|
|
|
|
pwd_context = CryptContext(schemes=["bcrypt"])
|
|
|
|
def hash_password(password: str) -> str:
|
|
return pwd_context.hash(password)
|
|
|
|
def verify_password(plain: str, hashed: str) -> bool:
|
|
return pwd_context.verify(plain, hashed)
|
|
|
|
def create_access_token(user_id: str) -> str:
|
|
expire = datetime.now() + timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
|
|
return jwt.encode({"sub": user_id, "exp": expire, "type": "access"}, SECRET_KEY, algorithm=ALGORITHM)
|
|
|
|
def create_refresh_token(user_id: str) -> str:
|
|
expire = datetime.now() + timedelta(days=REFRESH_TOKEN_EXPIRE_DAYS)
|
|
return jwt.encode({"sub": user_id, "exp": expire, "type": "refresh"}, SECRET_KEY, algorithm=ALGORITHM)
|
|
|
|
def decode_refresh_token(token: str) -> str | None:
|
|
try:
|
|
payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
|
|
if payload.get("type") != "refresh":
|
|
return None
|
|
return payload.get("sub")
|
|
except JWTError:
|
|
return None
|
|
|
|
def decode_access_token(token: str) -> str | None:
|
|
try:
|
|
payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
|
|
if payload.get("type") != "access":
|
|
return None
|
|
return payload.get("sub")
|
|
except JWTError:
|
|
return None |