add leeway

DevXT-LLC · Jul 19, 2024 · 79d2aed · 79d2aed
1 parent 82298c5
commit 79d2aed
Showing 1 changed file with 9 additions and 2 deletions.
diff --git a/MagicalAuth.py b/MagicalAuth.py
@@ -54,6 +54,7 @@ def verify_api_key(authorization: str = Header(None)):
                 jwt=authorization,
                 key=ENCRYPTION_SECRET,
                 algorithms=["HS256"],
+                leeway=timedelta(hours=5),
             )
             db = get_session()
             user = db.query(User).filter(User.id == token["sub"]).first()
@@ -144,7 +145,10 @@ def __init__(self, token: str = None):
         try:
             # Decode jwt
             decoded = jwt.decode(
-                jwt=token, key=self.encryption_key, algorithms=["HS256"]
+                jwt=token,
+                key=self.encryption_key,
+                algorithms=["HS256"],
+                leeway=timedelta(hours=5),
             )
             self.email = decoded["email"]
             self.token = token
@@ -278,7 +282,10 @@ def login(self, ip_address):
             )
         try:
             user_info = jwt.decode(
-                jwt=self.token, key=self.encryption_key, algorithms=["HS256"]
+                jwt=self.token,
+                key=self.encryption_key,
+                algorithms=["HS256"],
+                leeway=timedelta(hours=5),
             )
         except:
             self.add_failed_login(ip_address=ip_address)