aboutsummaryrefslogtreecommitdiff
path: root/gn2/wqflask/oauth2
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2024-07-17 11:39:33 -0500
committerAlexander_Kabui2024-08-28 15:02:46 +0300
commita6b237f7473b16f0d90a09983d5ec4a58d87f4ac (patch)
treeb751c72ca226149034ef3a4ec240c702be85dc44 /gn2/wqflask/oauth2
parentfdf005f57e0dcbf8d2d1127f92977fe657c93d60 (diff)
downloadgenenetwork2-a6b237f7473b16f0d90a09983d5ec4a58d87f4ac.tar.gz
Fix premature session expiration
With the change to JWTs the time-to-live for each token is severely curtailed to help with security in case of a token theft. We, therefore, can no longer rely on the TTL for session expiration, rather, we will rely of the token-refresh mechanism to expire a token after a long while.
Diffstat (limited to 'gn2/wqflask/oauth2')
-rw-r--r--gn2/wqflask/oauth2/client.py7
-rw-r--r--gn2/wqflask/oauth2/session.py7
2 files changed, 1 insertions, 13 deletions
diff --git a/gn2/wqflask/oauth2/client.py b/gn2/wqflask/oauth2/client.py
index 876ecf6b..770777b5 100644
--- a/gn2/wqflask/oauth2/client.py
+++ b/gn2/wqflask/oauth2/client.py
@@ -31,12 +31,7 @@ def oauth2_clientsecret():
def user_logged_in():
"""Check whether the user has logged in."""
suser = session.session_info()["user"]
- if suser["logged_in"]:
- if session.expired():
- session.clear_session_info()
- return False
- return suser["token"].is_right()
- return False
+ return suser["logged_in"] and suser["token"].is_right()
def oauth2_client():
diff --git a/gn2/wqflask/oauth2/session.py b/gn2/wqflask/oauth2/session.py
index 2ef534e2..eec48a7f 100644
--- a/gn2/wqflask/oauth2/session.py
+++ b/gn2/wqflask/oauth2/session.py
@@ -64,13 +64,6 @@ def session_info() -> SessionInfo:
"masquerading": None
}))
-def expired():
- the_session = session_info()
- def __expired__(token):
- return datetime.now() > datetime.fromtimestamp(token["expires_at"])
- return the_session["user"]["token"].either(
- lambda left: False,
- __expired__)
def set_user_token(token: str) -> SessionInfo:
"""Set the user's token."""