virtus/reader-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add access token expiration configuration and new auth session endpoint
Build and Push Reader API Image / docker (push) Successful in 54s
Details

Browse Source
This commit is contained in:
virtus
2026-04-24 01:53:25 +07:00
parent aa33d7cf2f
commit f933898c56
2 changed files with 20 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/auth.py
+4 -1
View File
@@ -17,8 +17,11 @@ SESSION_COOKIE_KEYS = [
"__Secure-next-auth.session-token", "__Secure-next-auth.session-token",
"authjs.session-token", "authjs.session-token",
"__Secure-authjs.session-token", "__Secure-authjs.session-token",
"reader_access_token",
] ]
ACCESS_TOKEN_TTL_SECONDS = 7 * 24 * 60 * 60
def _jwt_secret() -> str: def _jwt_secret() -> str:
return settings.mobile_jwt_secret or settings.nextauth_secret return settings.mobile_jwt_secret or settings.nextauth_secret
@@ -29,7 +32,7 @@ def create_access_token(user_id: str) -> str:
payload = { payload = {
"sub": user_id, "sub": user_id,
"iat": int(now.timestamp()), "iat": int(now.timestamp()),
"exp": int((now + dt.timedelta(days=7)).timestamp()), "exp": int((now + dt.timedelta(seconds=ACCESS_TOKEN_TTL_SECONDS)).timestamp()),
} }
secret = _jwt_secret() secret = _jwt_secret()
if not secret: if not secret:
app/main.py
+16 -2
View File
@@ -16,7 +16,7 @@ from pydantic import BaseModel, Field
from sqlalchemy import text from sqlalchemy import text
from sqlalchemy.ext.asyncio import AsyncSession from sqlalchemy.ext.asyncio import AsyncSession
from app.auth import create_access_token, require_current_user from app.auth import ACCESS_TOKEN_TTL_SECONDS, create_access_token, require_current_user
from app.routers import mod from app.routers import mod
from app.config import settings from app.config import settings
from app.database import get_db_session, mongo_client, mongo_db from app.database import get_db_session, mongo_client, mongo_db
@@ -1651,7 +1651,7 @@ async def mobile_login(payload: MobileLoginPayload, db: AsyncSession = Depends(g
return { return {
"accessToken": access_token, "accessToken": access_token,
"refreshToken": refresh_token, "refreshToken": refresh_token,
"expiresIn": 3600, "expiresIn": ACCESS_TOKEN_TTL_SECONDS,
"user": { "user": {
"id": user["id"], "id": user["id"],
"email": user.get("email"), "email": user.get("email"),
@@ -1660,3 +1660,17 @@ async def mobile_login(payload: MobileLoginPayload, db: AsyncSession = Depends(g
"role": user.get("role", "USER"), "role": user.get("role", "USER"),
}, },
} }
@app.get("/api/auth/session")
async def auth_session(request: Request, db: AsyncSession = Depends(get_db_session)):
user = await require_current_user(db, request)
return {
"user": {
"id": user["id"],
"email": user.get("email"),
"name": user.get("name"),
"image": user.get("image"),
"role": user.get("role", "USER"),
}
}