diff options
Diffstat (limited to 'backend/app')
| -rw-r--r-- | backend/app/auth/utils.py | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/backend/app/auth/utils.py b/backend/app/auth/utils.py index 5889279..f18d880 100644 --- a/backend/app/auth/utils.py +++ b/backend/app/auth/utils.py @@ -55,17 +55,16 @@ def get_password_hash(password: str) -> str: def create_access_token(data: dict, expires_delta: Optional[timedelta] = None) -> str: - """Create a JWT access token""" + """Create a JWT access token (no expiration by default)""" to_encode = data.copy() - expire = datetime.utcnow() + (expires_delta or timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)) - to_encode.update({"exp": expire}) + # No exp claim → token never expires return jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM) def decode_token(token: str) -> Optional[str]: """Decode a JWT token and return the username""" try: - payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM]) + payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM], options={"verify_exp": False}) username: str = payload.get("sub") return username except JWTError: |