Make our JWT checking more strict.
This commit is contained in:
Jake Moshenko
parent
0823ba5c46
commit
82efc746b3
4 changed files with 34 additions and 14 deletions
21
util/security/strictjwt.py
Normal file
21
util/security/strictjwt.py
Normal file
|
|
@ -0,0 +1,21 @@
|
|||
from jwt import PyJWT
|
||||
from jwt.exceptions import (
|
||||
InvalidTokenError, DecodeError, InvalidAudienceError, ExpiredSignatureError,
|
||||
ImmatureSignatureError, InvalidIssuedAtError, InvalidIssuerError, MissingRequiredClaimError
|
||||
)
|
||||
|
||||
|
||||
class StrictJWT(PyJWT):
|
||||
@staticmethod
|
||||
def _get_default_options():
|
||||
# Weird syntax to call super on a staticmethod
|
||||
defaults = super(StrictJWT, StrictJWT)._get_default_options()
|
||||
defaults.update({
|
||||
'require_exp': True,
|
||||
'require_iat': True,
|
||||
'require_nbf': True,
|
||||
})
|
||||
return defaults
|
||||
|
||||
|
||||
decode = StrictJWT().decode
|
||||
Reference in a new issue