Skip to content

Commit

Permalink
Improvements to JWT handling
Browse files Browse the repository at this point in the history
  • Loading branch information
bennybp committed Sep 17, 2023
1 parent ee3504f commit 9027466
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 3 deletions.
4 changes: 2 additions & 2 deletions qcfractal/qcfractal/config.py
Original file line number Diff line number Diff line change
Expand Up @@ -301,10 +301,10 @@ class WebAPIConfig(ConfigBase):
secret_key: str = Field(..., description="Secret key for flask api. See documentation")
jwt_secret_key: str = Field(..., description="Secret key for web tokens. See documentation")
jwt_access_token_expires: int = Field(
60 * 60 * 24 * 7, description="The time (in seconds) an access token is valid for. Default is 1 week"
60 * 60, description="The time (in seconds) an access token is valid for. Default is 1 hour"
)
jwt_refresh_token_expires: int = Field(
60 * 60 * 24 * 30, description="The time (in seconds) a refresh token is valid for. Default is 30 days"
60 * 60 * 24, description="The time (in seconds) a refresh token is valid for. Default is 1 day"
)

extra_flask_options: Optional[Dict[str, Any]] = Field(
Expand Down
11 changes: 10 additions & 1 deletion qcportal/qcportal/client_base.py
Original file line number Diff line number Diff line change
Expand Up @@ -263,7 +263,16 @@ def _refresh_JWT_token(self) -> None:
)

if ret.status_code == 200:
self._req_session.headers.update({"Authorization": f'Bearer {ret.json()["access_token"]}'})
ret_json = ret.json()
self._req_session.headers.update({"Authorization": f'Bearer {ret_json["access_token"]}'})

# Store the expiration time of the access and refresh tokens
# (these are unix epoch timestamps)
decoded_access_token = jwt.decode(
ret_json["access_token"], algorithms=["HS256"], options={"verify_signature": False}
)
self._jwt_access_exp = decoded_access_token["exp"]

else: # shouldn't happen unless user is blacklisted
raise ConnectionRefusedError("Unable to refresh JWT authorization token! This is a server issue!!")

Expand Down

0 comments on commit 9027466

Please sign in to comment.