cista-storage/cista/session.py

33 lines
865 B
Python
Executable File

from time import time
import jwt
from .config import derived_secret
session_secret = lambda: derived_secret("session")
max_age = 60 # Seconds since last login
def get(request):
try:
return jwt.decode(request.cookies.s, session_secret(), algorithms=["HS256"])
except Exception as e:
s = None
return False if "s" in request.cookies else None
def create(res, username, **kwargs):
data = {
"exp": int(time()) + max_age,
"username": username,
**kwargs,
}
s = jwt.encode(data, session_secret())
res.cookies.add_cookie("s", s, httponly=True, max_age=max_age)
def update(res, s, **kwargs):
s.update(kwargs)
s = jwt.encode(s, session_secret())
res.cookies.add_cookie("s", s, httponly=True, max_age=max(1, s["exp"] - int(time())))
def delete(res):
res.cookies.delete_cookie("s")