00dani/lemoncurry
1
0
Fork 1
Code Issues Pull requests Releases Wiki Activity

Switch from database-persisted auth codes to stateless JSON Web Tokens :)

Browse source
This commit is contained in:
Danielle McLean 2017-11-02 16:36:16 +11:00
parent 41d490ea80
commit 1c09be1b1c
Signed by: 00dani
GPG key ID: 5A5D2D1AFF12EEC5
6 changed files with 72 additions and 56 deletions
Download patch file Download diff file Expand all files Collapse all files

27
lemonauth/tokens.py Normal file
View file

@ -0,0 +1,27 @@
import jwt
from datetime import datetime, timedelta
from django.conf import settings
def gen_auth_code(post):
params = {'me': post['me']}
if 'state' in post:
params['state'] = post['state']
code = {
'me': post['me'],
'client_id': post['client_id'],
'redirect_uri': post['redirect_uri'],
'response_type': post.get('response_type', 'id'),
'exp': datetime.utcnow() + timedelta(minutes=10),
}
if 'scope' in post:
code['scope'] = ' '.join(post.getlist('scope'))
params['code'] = jwt.encode(code, settings.SECRET_KEY)
return params
def verify_auth_code(c):
return jwt.decode(c, settings.SECRET_KEY)