From 477e244effd50cfb4ae07bec6cf51f7febe3319d Mon Sep 17 00:00:00 2001
From: Joseph Schorr <joseph.schorr@coreos.com>
Date: Sun, 28 Jun 2015 11:37:09 +0300
Subject: [PATCH] Fromtimestamp needs to be in UTC for JWT auth

---
 data/users.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/data/users.py b/data/users.py
index 2e93e072b..7614b5ec8 100644
--- a/data/users.py
+++ b/data/users.py
@@ -100,7 +100,8 @@ class JWTAuthUsers(object):
       raise Exception('Missing exp field in JWT')
 
     # Verify that the expiration is no more than 300 seconds in the future.
-    if datetime.fromtimestamp(payload['exp']) > datetime.utcnow() + timedelta(seconds=300):
+    expiration = datetime.utcfromtimestamp(payload['exp'])
+    if expiration > datetime.utcnow() + timedelta(seconds=300):
       logger.debug('Payload expiration is outside of the 300 second window: %s', payload['exp'])
       return (None, 'Invalid username or password')