Allow lifetime_seconds to be None to get session cookies

2025-08-14 18:58:10 +08:00 · 2021-03-19 18:19:58 +01:00
parent 902bcdb8d2
commit ef4a54c204
10 changed files with 20 additions and 15 deletions
--- a/fastapi_users/authentication/cookie.py
+++ b/fastapi_users/authentication/cookie.py
@ -30,7 +30,7 @@ class CookieAuthentication(BaseAuthentication[str]):
    scheme: APIKeyCookie
    token_audience: str = "fastapi-users:auth"
    secret: str
-    lifetime_seconds: int
+    lifetime_seconds: Optional[int]
    cookie_name: str
    cookie_path: str
    cookie_domain: Optional[str]
@ -41,10 +41,10 @@ class CookieAuthentication(BaseAuthentication[str]):
    def __init__(
        self,
        secret: str,
-        lifetime_seconds: int,
+        lifetime_seconds: Optional[int] = None,
        cookie_name: str = "fastapiusersauth",
        cookie_path: str = "/",
-        cookie_domain: str = None,
+        cookie_domain: Optional[str] = None,
        cookie_secure: bool = True,
        cookie_httponly: bool = True,
        cookie_samesite: str = "lax",
@ -112,4 +112,4 @@ class CookieAuthentication(BaseAuthentication[str]):

    async def _generate_token(self, user: BaseUserDB) -> str:
        data = {"user_id": str(user.id), "aud": self.token_audience}
-        return generate_jwt(data, self.lifetime_seconds, self.secret, JWT_ALGORITHM)
+        return generate_jwt(data, self.secret, self.lifetime_seconds, JWT_ALGORITHM)
--- a/fastapi_users/authentication/jwt.py
+++ b/fastapi_users/authentication/jwt.py
@ -71,4 +71,4 @@ class JWTAuthentication(BaseAuthentication[str]):

    async def _generate_token(self, user: BaseUserDB) -> str:
        data = {"user_id": str(user.id), "aud": self.token_audience}
-        return generate_jwt(data, self.lifetime_seconds, self.secret, JWT_ALGORITHM)
+        return generate_jwt(data, self.secret, self.lifetime_seconds, JWT_ALGORITHM)
--- a/fastapi_users/router/oauth.py
+++ b/fastapi_users/router/oauth.py
@ -19,7 +19,7 @@ def generate_state_token(
    data: Dict[str, str], secret: str, lifetime_seconds: int = 3600
 ) -> str:
    data["aud"] = STATE_TOKEN_AUDIENCE
-    return generate_jwt(data, lifetime_seconds, secret, JWT_ALGORITHM)
+    return generate_jwt(data, secret, lifetime_seconds, JWT_ALGORITHM)


 def decode_state_token(token: str, secret: str) -> Dict[str, str]:
--- a/fastapi_users/router/reset.py
+++ b/fastapi_users/router/reset.py
@ -33,8 +33,8 @@ def get_reset_password_router(
            token_data = {"user_id": str(user.id), "aud": RESET_PASSWORD_TOKEN_AUDIENCE}
            token = generate_jwt(
                token_data,
-                reset_password_token_lifetime_seconds,
                reset_password_token_secret,
+                reset_password_token_lifetime_seconds,
            )
            if after_forgot_password:
                await run_handler(after_forgot_password, user, token, request)
--- a/fastapi_users/router/verify.py
+++ b/fastapi_users/router/verify.py
@ -49,8 +49,8 @@ def get_verify_router(
                }
                token = generate_jwt(
                    token_data,
-                    verification_token_lifetime_seconds,
                    verification_token_secret,
+                    verification_token_lifetime_seconds,
                )

                if after_verification_request:
--- a/fastapi_users/utils.py
+++ b/fastapi_users/utils.py
@ -1,4 +1,5 @@
 from datetime import datetime, timedelta
+from typing import Optional

 import jwt

@ -6,9 +7,13 @@ JWT_ALGORITHM = "HS256"


 def generate_jwt(
-    data: dict, lifetime_seconds: int, secret: str, algorithm: str = JWT_ALGORITHM
+    data: dict,
+    secret: str,
+    lifetime_seconds: Optional[int] = None,
+    algorithm: str = JWT_ALGORITHM,
 ) -> str:
    payload = data.copy()
+    if lifetime_seconds:
        expire = datetime.utcnow() + timedelta(seconds=lifetime_seconds)
        payload["exp"] = expire
    return jwt.encode(payload, secret, algorithm=algorithm)
--- a/tests/test_authentication_cookie.py
+++ b/tests/test_authentication_cookie.py
@ -32,7 +32,7 @@ def token():
        data = {"aud": "fastapi-users:auth"}
        if user_id is not None:
            data["user_id"] = str(user_id)
-        return generate_jwt(data, lifetime, SECRET, JWT_ALGORITHM)
+        return generate_jwt(data, SECRET, lifetime, JWT_ALGORITHM)

    return _token

--- a/tests/test_authentication_jwt.py
+++ b/tests/test_authentication_jwt.py
@ -21,7 +21,7 @@ def token():
        data = {"aud": "fastapi-users:auth"}
        if user_id is not None:
            data["user_id"] = str(user_id)
-        return generate_jwt(data, lifetime, SECRET, JWT_ALGORITHM)
+        return generate_jwt(data, SECRET, lifetime, JWT_ALGORITHM)

    return _token

--- a/tests/test_router_reset.py
+++ b/tests/test_router_reset.py
@ -21,7 +21,7 @@ def forgot_password_token():
        data = {"aud": "fastapi-users:reset"}
        if user_id is not None:
            data["user_id"] = str(user_id)
-        return generate_jwt(data, lifetime, SECRET, JWT_ALGORITHM)
+        return generate_jwt(data, SECRET, lifetime, JWT_ALGORITHM)

    return _forgot_password_token

--- a/tests/test_router_verify.py
+++ b/tests/test_router_verify.py
@ -25,7 +25,7 @@ def verify_token():
            data["user_id"] = str(user_id)
        if email is not None:
            data["email"] = email
-        return generate_jwt(data, lifetime, SECRET, JWT_ALGORITHM)
+        return generate_jwt(data, SECRET, lifetime, JWT_ALGORITHM)

    return _verify_token