Add created at timestamp to tokens for future-proofing
This commit is contained in:
parent
e48cd26cb0
commit
cbeff0c0cb
1 changed files with 5 additions and 1 deletions
|
@ -13,9 +13,11 @@
|
|||
#
|
||||
# You should have received a copy of the GNU Affero General Public License
|
||||
# along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
from aiohttp import web
|
||||
from time import time
|
||||
import json
|
||||
|
||||
from aiohttp import web
|
||||
|
||||
from mautrix.types import UserID
|
||||
from mautrix.util.signed_token import sign_token, verify_token
|
||||
|
||||
|
@ -47,6 +49,7 @@ async def login(request: web.Request) -> web.Response:
|
|||
user = data.get("user") or "root"
|
||||
return web.json_response({
|
||||
"token": create_token(user),
|
||||
"created_at": int(time()),
|
||||
})
|
||||
|
||||
username = data.get("username")
|
||||
|
@ -54,6 +57,7 @@ async def login(request: web.Request) -> web.Response:
|
|||
if get_config().check_password(username, password):
|
||||
return web.json_response({
|
||||
"token": create_token(username),
|
||||
"created_at": int(time()),
|
||||
})
|
||||
|
||||
return ErrBadAuth
|
||||
|
|
Loading…
Reference in a new issue