42 lines
1.4 KiB
Python
42 lines
1.4 KiB
Python
from datetime import datetime, timedelta, timezone
|
|
from typing import Optional, Any
|
|
from jose import JWTError, jwt
|
|
import bcrypt
|
|
from app.core.config import settings
|
|
|
|
|
|
def hash_password(password: str) -> str:
|
|
return bcrypt.hashpw(password.encode("utf-8"), bcrypt.gensalt()).decode("utf-8")
|
|
|
|
|
|
def verify_password(plain_password: str, hashed_password: str) -> bool:
|
|
return bcrypt.checkpw(plain_password.encode("utf-8"), hashed_password.encode("utf-8"))
|
|
|
|
|
|
def create_access_token(subject: Any, extra_claims: Optional[dict] = None) -> str:
|
|
expire = datetime.now(timezone.utc) + timedelta(
|
|
minutes=settings.jwt_access_token_expire_minutes
|
|
)
|
|
payload = {"sub": str(subject), "exp": expire, "type": "access"}
|
|
if extra_claims:
|
|
payload.update(extra_claims)
|
|
return jwt.encode(payload, settings.jwt_secret_key, algorithm=settings.jwt_algorithm)
|
|
|
|
|
|
def create_refresh_token(subject: Any) -> str:
|
|
expire = datetime.now(timezone.utc) + timedelta(
|
|
days=settings.jwt_refresh_token_expire_days
|
|
)
|
|
payload = {"sub": str(subject), "exp": expire, "type": "refresh"}
|
|
return jwt.encode(payload, settings.jwt_secret_key, algorithm=settings.jwt_algorithm)
|
|
|
|
|
|
def decode_token(token: str) -> Optional[dict]:
|
|
try:
|
|
payload = jwt.decode(
|
|
token, settings.jwt_secret_key, algorithms=[settings.jwt_algorithm]
|
|
)
|
|
return payload
|
|
except JWTError:
|
|
return None
|