Felipe Cardoso
548880b468
Updated `decode_token` for stricter validation of token claims and explicit error handling. Added utilities for token revocation and verification, improving
16 lines
575 B
Python
16 lines
575 B
Python
# auth/utils.py
|
|
from sqlalchemy.ext.asyncio import AsyncSession
|
|
from app.models.token import RevokedToken
|
|
|
|
|
|
async def revoke_token(jti: str, token_type: str, user_id: str, db: AsyncSession):
|
|
"""Revoke a token by adding its `jti` to the database."""
|
|
revoked_token = RevokedToken(jti=jti, token_type=token_type, user_id=user_id)
|
|
db.add(revoked_token)
|
|
await db.commit()
|
|
|
|
|
|
async def is_token_revoked(jti: str, db: AsyncSession):
|
|
"""Check if a token with the given `jti` is revoked."""
|
|
result = await db.get(RevokedToken, jti)
|
|
return result is not None |