|
|
@@ -82,27 +82,30 @@ async def get_session_user(
|
|
|
token = auth_token.credentials
|
|
|
data = decode_token(token)
|
|
|
|
|
|
- expires_at = data.get("exp")
|
|
|
+ expires_at = None
|
|
|
|
|
|
- if (expires_at is not None) and int(time.time()) > expires_at:
|
|
|
- raise HTTPException(
|
|
|
- status_code=status.HTTP_401_UNAUTHORIZED,
|
|
|
- detail=ERROR_MESSAGES.INVALID_TOKEN,
|
|
|
- )
|
|
|
+ if data:
|
|
|
+ expires_at = data.get("exp")
|
|
|
|
|
|
- # Set the cookie token
|
|
|
- response.set_cookie(
|
|
|
- key="token",
|
|
|
- value=token,
|
|
|
- expires=(
|
|
|
- datetime.datetime.fromtimestamp(expires_at, datetime.timezone.utc)
|
|
|
- if expires_at
|
|
|
- else None
|
|
|
- ),
|
|
|
- httponly=True, # Ensures the cookie is not accessible via JavaScript
|
|
|
- samesite=WEBUI_AUTH_COOKIE_SAME_SITE,
|
|
|
- secure=WEBUI_AUTH_COOKIE_SECURE,
|
|
|
- )
|
|
|
+ if (expires_at is not None) and int(time.time()) > expires_at:
|
|
|
+ raise HTTPException(
|
|
|
+ status_code=status.HTTP_401_UNAUTHORIZED,
|
|
|
+ detail=ERROR_MESSAGES.INVALID_TOKEN,
|
|
|
+ )
|
|
|
+
|
|
|
+ # Set the cookie token
|
|
|
+ response.set_cookie(
|
|
|
+ key="token",
|
|
|
+ value=token,
|
|
|
+ expires=(
|
|
|
+ datetime.datetime.fromtimestamp(expires_at, datetime.timezone.utc)
|
|
|
+ if expires_at
|
|
|
+ else None
|
|
|
+ ),
|
|
|
+ httponly=True, # Ensures the cookie is not accessible via JavaScript
|
|
|
+ samesite=WEBUI_AUTH_COOKIE_SAME_SITE,
|
|
|
+ secure=WEBUI_AUTH_COOKIE_SECURE,
|
|
|
+ )
|
|
|
|
|
|
user_permissions = get_permissions(
|
|
|
user.id, request.app.state.config.USER_PERMISSIONS
|
Timothy Jaeryang Baek