diff options
| author | Holden Rohrer <hr@hrhr.dev> | 2023-05-12 21:48:25 -0400 |
|---|---|---|
| committer | Holden Rohrer <hr@hrhr.dev> | 2023-05-12 21:48:25 -0400 |
| commit | 8133a14fefd9de4c3c8217751f0b545981aee1d3 (patch) | |
| tree | b2f482cdc3bd80bcce35ffab4cfb6780b21370f0 /src/login.py | |
| parent | ca534003b3f07d2045dc1cbb6cddf60223fd3385 (diff) | |
major bugfixes
Diffstat (limited to 'src/login.py')
| -rw-r--r-- | src/login.py | 42 |
1 files changed, 21 insertions, 21 deletions
diff --git a/src/login.py b/src/login.py index 2bfe825..2546d49 100644 --- a/src/login.py +++ b/src/login.py @@ -1,8 +1,7 @@ #!/usr/bin/python3 from passlib.apache import HtpasswdFile from flask import Flask, request, make_response, jsonify, redirect -import python_jwt as jwt -from jwcrypto.jwk import JWK +import jwt import datetime from json import dumps import argparse @@ -30,10 +29,12 @@ def authorize(): resp = redirect('/') if remember: exp = None + payload = {} else: - exp = datetime.timedelta(minutes=exptime) - token = jwt.generate_jwt({}, privkey, "EdDSA", exp) - resp.set_cookie('auth', token, max_age=exp) + exp = datetime.datetime.utcnow() + datetime.timedelta(minutes=exptime) + payload = {'exp': exp} + token = jwt.encode(payload, privkey, "EdDSA") + resp.set_cookie('auth', token, expires=exp) return resp # this stuff too else: @@ -46,22 +47,21 @@ def logout(): resp.delete_cookie('auth') return resp -if __name__ == '__main__': - # argparse arguments - parser = argparse.ArgumentParser( - prog='login.py', - description='A web server that handles htpasswd-file JWT auth logic') - parser.add_argument('htpasswd') - parser.add_argument('privkey') - parser.add_argument('-e', '--expireminutes', default=30, type=int) +# argparse arguments +parser = argparse.ArgumentParser( + prog='login.py', + description='A web server that handles htpasswd-file JWT auth logic') +parser.add_argument('htpasswd') +parser.add_argument('privkey') +parser.add_argument('-e', '--expireminutes', default=30, type=int) - args = parser.parse_args() - htpasswd_filename = args.htpasswd - privkey_filename = args.privkey - exptime = args.expireminutes +args = parser.parse_args() +htpasswd_filename = args.htpasswd +privkey_filename = args.privkey +exptime = args.expireminutes - htpasswd = HtpasswdFile(htpasswd_filename) - with open(privkey_filename, 'rb') as privkey_file: - privkey = JWK() - privkey.import_from_pem(privkey_file.read()) +htpasswd = HtpasswdFile(htpasswd_filename) +with open(privkey_filename, 'rb') as privkey_file: + privkey = privkey_file.read() +if __name__ == '__main__': app.run(debug=True) |