diff --git a/app/auth.py b/app/auth.py index 44dd87e..00b0ace 100644 --- a/app/auth.py +++ b/app/auth.py @@ -17,8 +17,11 @@ SESSION_COOKIE_KEYS = [ "__Secure-next-auth.session-token", "authjs.session-token", "__Secure-authjs.session-token", + "reader_access_token", ] +ACCESS_TOKEN_TTL_SECONDS = 7 * 24 * 60 * 60 + def _jwt_secret() -> str: return settings.mobile_jwt_secret or settings.nextauth_secret @@ -29,7 +32,7 @@ def create_access_token(user_id: str) -> str: payload = { "sub": user_id, "iat": int(now.timestamp()), - "exp": int((now + dt.timedelta(days=7)).timestamp()), + "exp": int((now + dt.timedelta(seconds=ACCESS_TOKEN_TTL_SECONDS)).timestamp()), } secret = _jwt_secret() if not secret: diff --git a/app/main.py b/app/main.py index ff8e614..6493930 100644 --- a/app/main.py +++ b/app/main.py @@ -16,7 +16,7 @@ from pydantic import BaseModel, Field from sqlalchemy import text from sqlalchemy.ext.asyncio import AsyncSession -from app.auth import create_access_token, require_current_user +from app.auth import ACCESS_TOKEN_TTL_SECONDS, create_access_token, require_current_user from app.routers import mod from app.config import settings from app.database import get_db_session, mongo_client, mongo_db @@ -1651,7 +1651,7 @@ async def mobile_login(payload: MobileLoginPayload, db: AsyncSession = Depends(g return { "accessToken": access_token, "refreshToken": refresh_token, - "expiresIn": 3600, + "expiresIn": ACCESS_TOKEN_TTL_SECONDS, "user": { "id": user["id"], "email": user.get("email"), @@ -1660,3 +1660,17 @@ async def mobile_login(payload: MobileLoginPayload, db: AsyncSession = Depends(g "role": user.get("role", "USER"), }, } + + +@app.get("/api/auth/session") +async def auth_session(request: Request, db: AsyncSession = Depends(get_db_session)): + user = await require_current_user(db, request) + return { + "user": { + "id": user["id"], + "email": user.get("email"), + "name": user.get("name"), + "image": user.get("image"), + "role": user.get("role", "USER"), + } + }