47 lines
1.5 KiB
Python
47 lines
1.5 KiB
Python
import secrets
|
|
from datetime import datetime, timedelta, timezone
|
|
from pathlib import Path
|
|
|
|
import jwt
|
|
|
|
from fuware.core.config import get_app_settings
|
|
from fuware.core import root_logger
|
|
from fuware.core.security.hasher import get_hasher
|
|
|
|
ALGORITHM = "HS256"
|
|
|
|
logger = root_logger.get_logger("security")
|
|
settings = get_app_settings()
|
|
|
|
def create_access_token(data: dict, expires_delta: timedelta | None = None) -> str:
|
|
settings = get_app_settings()
|
|
|
|
to_encode = data.copy()
|
|
expires_delta = expires_delta or timedelta(minutes=settings.EXP_TOKEN)
|
|
|
|
expire = datetime.now(timezone.utc) + expires_delta
|
|
|
|
to_encode["exp"] = expire
|
|
return jwt.encode(to_encode, settings.SECRET, algorithm=ALGORITHM)
|
|
|
|
def create_refresh_token(data: dict) -> str:
|
|
return create_access_token(data, expires_delta=timedelta(days=settings.EXP_REFRESH))
|
|
|
|
def create_file_token(file_path: Path) -> str:
|
|
token_data = {"file": str(file_path)}
|
|
return create_access_token(token_data, expires_delta=timedelta(minutes=30))
|
|
|
|
|
|
def hash_password(password: str) -> str:
|
|
"""Takes in a raw password and hashes it. Used prior to saving a new password to the database."""
|
|
return get_hasher().hash(password)
|
|
|
|
|
|
def url_safe_token() -> str:
|
|
"""Generates a cryptographic token without embedded data. Used for password reset tokens and invitation tokens"""
|
|
return secrets.token_urlsafe(24)
|
|
|
|
def verify_token(exp: int):
|
|
expried = datetime.fromtimestamp(exp / 1e3)
|
|
return expried < datetime.now(timezone.utc)
|