feat(api): changed JWT iat

2021-12-03 16:12:57 +01:00 · 2021-12-03 16:12:57 +01:00 · 3123441339
commit 3123441339
parent eaa515e0f2
3 changed files with 10 additions and 14 deletions
--- a/ee/api/chalicelib/core/authorizers.py
+++ b/ee/api/chalicelib/core/authorizers.py
@ -1,10 +1,10 @@
-from chalicelib.utils.helper import environ
 import jwt
-from chalicelib.utils import helper
-from chalicelib.utils.TimeUTC import TimeUTC

 from chalicelib.core import tenants
 from chalicelib.core import users
+from chalicelib.utils import helper
+from chalicelib.utils.TimeUTC import TimeUTC
+from chalicelib.utils.helper import environ


 def jwt_authorizer(token):
@ -44,7 +44,7 @@ def generate_jwt(id, tenant_id, iat, aud, exp=None):
            "userId": id,
            "tenantId": tenant_id,
            "exp": iat // 1000 + int(environ["jwt_exp_delta_seconds"]) + TimeUTC.get_utc_offset() // 1000 \
-                if exp is None else exp,
+                if exp is None else exp + TimeUTC.get_utc_offset() // 1000,
            "iss": environ["jwt_issuer"],
            "iat": iat // 1000,
            "aud": aud
--- a/ee/api/chalicelib/core/users.py
+++ b/ee/api/chalicelib/core/users.py
@ -683,17 +683,10 @@ def authenticate_sso(email, internal_id, exp=None):

        if r is not None:
            r = helper.dict_to_camel_case(r, ignore_keys=["appearance"])
-            query = cur.mogrify(
-                f"""UPDATE public.users
-                   SET jwt_iat = timezone('utc'::text, now())
-                   WHERE user_id = %(user_id)s 
-                   RETURNING jwt_iat;""",
-                {"user_id": r["id"]})
-            cur.execute(query)
-            rt = TimeUTC.datetime_to_timestamp(cur.fetchone()["jwt_iat"])
+            jwt_iat = TimeUTC.datetime_to_timestamp(change_jwt_iat(r['id']))
            return authorizers.generate_jwt(r['id'], r['tenantId'],
-                                            rt, aud=f"front:{helper.get_stage_name()}",
-                                            exp=(exp + rt // 1000) if exp is not None else None)
+                                            jwt_iat, aud=f"front:{helper.get_stage_name()}",
+                                            exp=(exp + jwt_iat // 1000) if exp is not None else None)
    return None


--- a/ee/api/entrypoint.sh
+++ b/ee/api/entrypoint.sh
@ -0,0 +1,3 @@
+#!/bin/bash
+python env_handler.py
+chalice local --host 0.0.0.0 --stage ${ENTERPRISE_BUILD}