aboutsummaryrefslogtreecommitdiff
path: root/gn2/wqflask
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2024-07-17 11:39:33 -0500
committerFrederick Muriuki Muriithi2024-07-17 11:45:20 -0500
commit6c3e8a6e6bb4a586b12543da4baafbe4daa20cf4 (patch)
treeca00031d53e7b123343a8aff8a4fbab47f6a64e2 /gn2/wqflask
parent460feea9980664cc91926e5b3456a80dd9178703 (diff)
downloadgenenetwork2-6c3e8a6e6bb4a586b12543da4baafbe4daa20cf4.tar.gz
Fix premature session expiration
With the change to JWTs the time-to-live for each token is severely curtailed to help with security in case of a token theft. We, therefore, can no longer rely on the TTL for session expiration, rather, we will rely of the token-refresh mechanism to expire a token after a long while.
Diffstat (limited to 'gn2/wqflask')
-rw-r--r--gn2/wqflask/oauth2/client.py7
-rw-r--r--gn2/wqflask/oauth2/session.py7
2 files changed, 1 insertions, 13 deletions
diff --git a/gn2/wqflask/oauth2/client.py b/gn2/wqflask/oauth2/client.py
index 876ecf6b..770777b5 100644
--- a/gn2/wqflask/oauth2/client.py
+++ b/gn2/wqflask/oauth2/client.py
@@ -31,12 +31,7 @@ def oauth2_clientsecret():
def user_logged_in():
"""Check whether the user has logged in."""
suser = session.session_info()["user"]
- if suser["logged_in"]:
- if session.expired():
- session.clear_session_info()
- return False
- return suser["token"].is_right()
- return False
+ return suser["logged_in"] and suser["token"].is_right()
def oauth2_client():
diff --git a/gn2/wqflask/oauth2/session.py b/gn2/wqflask/oauth2/session.py
index 2ef534e2..eec48a7f 100644
--- a/gn2/wqflask/oauth2/session.py
+++ b/gn2/wqflask/oauth2/session.py
@@ -64,13 +64,6 @@ def session_info() -> SessionInfo:
"masquerading": None
}))
-def expired():
- the_session = session_info()
- def __expired__(token):
- return datetime.now() > datetime.fromtimestamp(token["expires_at"])
- return the_session["user"]["token"].either(
- lambda left: False,
- __expired__)
def set_user_token(token: str) -> SessionInfo:
"""Set the user's token."""