37 lines
1.5 KiB
Python
37 lines
1.5 KiB
Python
from datetime import datetime, timedelta
|
|
|
|
import jwt
|
|
from fastapi import Cookie, Depends, Request, responses
|
|
|
|
from functions.admin.models import database, token, user
|
|
|
|
|
|
async def refresh_access_token(req: Request, refresh_token: str = Cookie(None),
|
|
db=Depends(database.get_db)):
|
|
request_args = dict(req.query_params)
|
|
try:
|
|
refresh_token_payload = jwt.decode(refresh_token, "secret", algorithms=["HS256"])
|
|
except jwt.exceptions.DecodeError:
|
|
return responses.RedirectResponse(url="/login", status_code=303)
|
|
response = db.query(user.User).filter(
|
|
user.User.username == refresh_token_payload["sub"]).first()
|
|
if not response:
|
|
return responses.RedirectResponse(url="/login", status_code=303)
|
|
access_token_expires = datetime.utcnow() + timedelta(minutes=15)
|
|
access_token_payload = {"sub": response.username, "exp": access_token_expires}
|
|
access_token = jwt.encode(access_token_payload, "secret", algorithm="HS256")
|
|
db.query(token.Token).filter(token.Token.refresh_token == refresh_token).update({
|
|
token.Token.access_token: access_token,
|
|
})
|
|
db.commit()
|
|
if request_args:
|
|
response = responses.RedirectResponse(url=request_args["source"], status_code=303)
|
|
else:
|
|
response = responses.RedirectResponse(url="/", status_code=303)
|
|
response.set_cookie(
|
|
key="access_token",
|
|
value=access_token,
|
|
expires=int(access_token_expires.timestamp())
|
|
)
|
|
return response
|