aboutsummaryrefslogtreecommitdiff
path: root/gn2/wqflask/oauth2/session.py
AgeCommit message (Collapse)Author
2024-08-01Use JWKs from auth server public endpointFrederick Muriuki Muriithi
* Fetch keys from auth server * Validate token is signed with one of the keys from server * Ensure refreshing of token is still synchronised
2024-07-31Synchronise token refreshesFrederick Muriuki Muriithi
The application can be run in a multi-threaded server, leading to a situation where the multiple threads attempt to get a new JWT using the exact same refresh token. This synchronises the various threads ensuring only a single thread is able to retrieve the new JWT that all the rest of the threads then use.
2024-07-17Fix premature session expirationFrederick Muriuki Muriithi
With the change to JWTs the time-to-live for each token is severely curtailed to help with security in case of a token theft. We, therefore, can no longer rely on the TTL for session expiration, rather, we will rely of the token-refresh mechanism to expire a token after a long while.
2023-12-29Namespace all modules under gn2.Arun Isaac
We move all modules under a gn2 directory. This is important for "correct" packaging and deployment as a Guix service.