diff options
author | Frederick Muriuki Muriithi | 2024-07-31 15:27:59 -0500 |
---|---|---|
committer | Frederick Muriuki Muriithi | 2024-07-31 15:27:59 -0500 |
commit | b9a0a5d4b64c65c9472b253db7a28cb91328401f (patch) | |
tree | 137946c7121d189153f8a92237c8b8d66412cdef /gn2/wqflask/oauth2/session.py | |
parent | e693056b193c9c08bf0a0e99df4352cfeb83de2f (diff) | |
download | genenetwork2-b9a0a5d4b64c65c9472b253db7a28cb91328401f.tar.gz |
Synchronise token refreshes
The application can be run in a multi-threaded server, leading to a
situation where the multiple threads attempt to get a new JWT using
the exact same refresh token.
This synchronises the various threads ensuring only a single thread is
able to retrieve the new JWT that all the rest of the threads then
use.
Diffstat (limited to 'gn2/wqflask/oauth2/session.py')
-rw-r--r-- | gn2/wqflask/oauth2/session.py | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/gn2/wqflask/oauth2/session.py b/gn2/wqflask/oauth2/session.py index eec48a7f..92181ccf 100644 --- a/gn2/wqflask/oauth2/session.py +++ b/gn2/wqflask/oauth2/session.py @@ -22,6 +22,7 @@ class SessionInfo(TypedDict): user_agent: str ip_addr: str masquerade: Optional[UserDetails] + refreshing_token: bool __SESSION_KEY__ = "GN::2::session_info" # Do not use this outside this module!! @@ -61,7 +62,8 @@ def session_info() -> SessionInfo: "user_agent": request.headers.get("User-Agent"), "ip_addr": request.environ.get("HTTP_X_FORWARDED_FOR", request.remote_addr), - "masquerading": None + "masquerading": None, + "token_refreshing": False })) @@ -102,3 +104,23 @@ def unset_masquerading(): "user": the_session["masquerading"], "masquerading": None }) + + +def toggle_token_refreshing(): + """Toggle the state of the token_refreshing variable.""" + _session = session_info() + return save_session_info({ + **_session, + "token_refreshing": not _session.get("token_refreshing", False)}) + + +def is_token_expired(): + """Check whether the token is expired.""" + return user_token().either( + lambda _no_token: False, + lambda token: datetime.now().timestamp() > token["expires_at"]) + + +def is_token_refreshing(): + """Returns whether the token is being refreshed or not.""" + return session_info().get("token_refreshing", False) |