From 1d7ebd0ee6ec995f76d690aed09f7e950e9d3f88 Mon Sep 17 00:00:00 2001
From: Kraiem Taha Yassine <tahayk2@gmail.com>
Date: Tue, 7 Nov 2023 18:13:22 +0100
Subject: [PATCH] Api v1.15.0 (#1625)

* fix(chalice): fixed jwt instant expiration
---
 ee/api/chalicelib/core/users.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ee/api/chalicelib/core/users.py b/ee/api/chalicelib/core/users.py
index 1e998740e..f3fdbf8e0 100644
--- a/ee/api/chalicelib/core/users.py
+++ b/ee/api/chalicelib/core/users.py
@@ -651,9 +651,9 @@ def refresh_auth_exists(user_id, tenant_id, jwt_jti=None):
 def change_jwt_iat_jti(user_id):
     with pg_client.PostgresClient() as cur:
         query = cur.mogrify(f"""UPDATE public.users
-                                SET jwt_iat = timezone('utc'::text, now()),
+                                SET jwt_iat = timezone('utc'::text, now()-INTERVAL '2s'),
                                     jwt_refresh_jti = 0, 
-                                    jwt_refresh_iat = timezone('utc'::text, now()) 
+                                    jwt_refresh_iat = timezone('utc'::text, now()-INTERVAL '2s') 
                                 WHERE user_id = %(user_id)s 
                                 RETURNING EXTRACT (epoch FROM jwt_iat)::BIGINT AS jwt_iat, 
                                           jwt_refresh_jti, 
@@ -667,7 +667,7 @@ def change_jwt_iat_jti(user_id):
 def refresh_jwt_iat_jti(user_id):
     with pg_client.PostgresClient() as cur:
         query = cur.mogrify(f"""UPDATE public.users
-                                SET jwt_iat = timezone('utc'::text, now()),
+                                SET jwt_iat = timezone('utc'::text, now()-INTERVAL '2s'),
                                     jwt_refresh_jti = jwt_refresh_jti + 1 
                                 WHERE user_id = %(user_id)s 
                                 RETURNING EXTRACT (epoch FROM jwt_iat)::BIGINT AS jwt_iat,