diff --git a/CHANGELOG.md b/CHANGELOG.md index ad95ad4ec..f28130ceb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,9 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## unreleased -## [0.12.10] - 2023-09-28 +## [0.12.10] - 2023-09-01 - Add logic to retry network calls if the core returns status 429 +- Fixes session recipe with jwt where the lifetime of the jwt is set to 1 in case it is `< 1` ## [0.12.9] - 2023-04-28 diff --git a/supertokens_python/recipe/session/with_jwt/recipe_implementation.py b/supertokens_python/recipe/session/with_jwt/recipe_implementation.py index edde82b79..3a2ccef9d 100644 --- a/supertokens_python/recipe/session/with_jwt/recipe_implementation.py +++ b/supertokens_python/recipe/session/with_jwt/recipe_implementation.py @@ -159,16 +159,16 @@ async def jwt_aware_update_access_token_payload( if decoded_payload is None or decoded_payload.get("exp") is None: raise Exception("Error reading JWT from session") - jwt_expiry = 1 - if "exp" in decoded_payload: - exp = decoded_payload["exp"] - if exp > current_time_in_seconds: - # it can come here if someone calls this function well after - # the access token and the jwt payload have expired. In this case, - # we still want the jwt payload to update, but the resulting JWT should - # not be alive for too long (since it's expired already). So we set it to - # 1 second lifetime. - jwt_expiry = exp - current_time_in_seconds + jwt_expiry = decoded_payload.get("exp", 0) - current_time_in_seconds + # pylint: disable=consider-using-max-builtin + if jwt_expiry < 1: + # it can come here if someone calls this function well after + # the access token and the jwt payload have expired. In this case, + # we still want the jwt payload to update, but the resulting JWT should + # not be alive for too long (since it's expired already). So we set it to + # 1 second lifetime. + jwt_expiry = 1 + # pylint: enable=consider-using-max-builtin new_access_token_payload = await add_jwt_to_access_token_payload( access_token_payload=new_access_token_payload, diff --git a/supertokens_python/recipe/session/with_jwt/session_class.py b/supertokens_python/recipe/session/with_jwt/session_class.py index 6aa1c3bed..00f35a137 100644 --- a/supertokens_python/recipe/session/with_jwt/session_class.py +++ b/supertokens_python/recipe/session/with_jwt/session_class.py @@ -70,16 +70,16 @@ async def update_access_token_payload( if decoded_payload is None or decoded_payload.get("exp") is None: raise Exception("Error reading JWT from session") - jwt_expiry = 1 - if "exp" in decoded_payload: - exp = decoded_payload["exp"] - if exp > current_time_in_seconds: - # it can come here if someone calls this function well after - # the access token and the jwt payload have expired. In this case, - # we still want the jwt payload to update, but the resulting JWT should - # not be alive for too long (since it's expired already). So we set it to - # 1 second lifetime. - jwt_expiry = exp - current_time_in_seconds + jwt_expiry = decoded_payload.get("exp", 0) - current_time_in_seconds + # pylint: disable=consider-using-max-builtin + if jwt_expiry < 1: + # it can come here if someone calls this function well after + # the access token and the jwt payload have expired. In this case, + # we still want the jwt payload to update, but the resulting JWT should + # not be alive for too long (since it's expired already). So we set it to + # 1 second lifetime. + jwt_expiry = 1 + # pylint: enable=consider-using-max-builtin new_access_token_payload = await add_jwt_to_access_token_payload( access_token_payload=new_access_token_payload,