Fix token data issued_at and expires_at validation

rafsaf · rafsaf · commit df03b55c8ba8 · 2022-05-10T16:48:51.000+02:00
diff --git a/{{cookiecutter.project_name}}/template_minimal/app/api/deps.py b/{{cookiecutter.project_name}}/template_minimal/app/api/deps.py
@@ -41,7 +41,7 @@ async def get_current_user(
             detail="Could not validate credentials, cannot use refresh token",
         )
     now = int(time.time())
-    if not now >= token_data.issued_at and now <= token_data.expires_at:
+    if now < token_data.issued_at or now > token_data.expires_at:
         raise HTTPException(
             status_code=status.HTTP_403_FORBIDDEN,
             detail="Could not validate credentials, token expired or not yet valid",
diff --git a/{{cookiecutter.project_name}}/template_minimal/app/api/endpoints/auth.py b/{{cookiecutter.project_name}}/template_minimal/app/api/endpoints/auth.py
@@ -62,7 +62,7 @@ async def refresh_token(
             detail="Could not validate credentials, cannot use access token",
         )
     now = int(time.time())
-    if not now >= token_data.issued_at and now <= token_data.expires_at:
+    if now < token_data.issued_at or now > token_data.expires_at:
         raise HTTPException(
             status_code=status.HTTP_403_FORBIDDEN,
             detail="Could not validate credentials, token expired or not yet valid",

Original file line number	Diff line number	Diff line change
`@@ -41,7 +41,7 @@ async def get_current_user(`
`41`	`41`	`detail="Could not validate credentials, cannot use refresh token",`
`42`	`42`	`)`
`43`	`43`	`now = int(time.time())`
`44`		`- if not now >= token_data.issued_at and now <= token_data.expires_at:`
	`44`	`+ if now < token_data.issued_at or now > token_data.expires_at:`
`45`	`45`	`raise HTTPException(`
`46`	`46`	`status_code=status.HTTP_403_FORBIDDEN,`
`47`	`47`	`detail="Could not validate credentials, token expired or not yet valid",`
Original file line number	Diff line number	Diff line change
`@@ -62,7 +62,7 @@ async def refresh_token(`
`62`	`62`	`detail="Could not validate credentials, cannot use access token",`
`63`	`63`	`)`
`64`	`64`	`now = int(time.time())`
`65`		`- if not now >= token_data.issued_at and now <= token_data.expires_at:`
	`65`	`+ if now < token_data.issued_at or now > token_data.expires_at:`
`66`	`66`	`raise HTTPException(`
`67`	`67`	`status_code=status.HTTP_403_FORBIDDEN,`
`68`	`68`	`detail="Could not validate credentials, token expired or not yet valid",`