From f772a9b022cc7ed45c05f4b286bbfd08e1785b50 Mon Sep 17 00:00:00 2001
From: Alix JEUDI--LEMOINE <Alix.JEUDI--LEMOINE@etu.uca.fr>
Date: Tue, 7 Jan 2025 14:56:40 +0100
Subject: [PATCH] :lock: Fixed token expiration

---
 app/main.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/app/main.py b/app/main.py
index 8704f15..4db7343 100644
--- a/app/main.py
+++ b/app/main.py
@@ -69,7 +69,8 @@ async def get_current_user(token: str = Depends(oauth2_scheme)) -> User:
     try:
         payload = jwt.decode(token, OctKey.import_key(config.SECRET_KEY))
         username: str = payload.claims["sub"]
-        if username is None:
+        expire_date = payload.claims["exp"]
+        if username is None or datetime.now() > expire_date:
             raise credentials_exception
         token_data = TokenData(username=username)
     except JoseError:
@@ -135,14 +136,14 @@ async def login(form_data: OAuth2PasswordRequestForm = Depends()):
 
     return {"access_token": access_token, "token_type": "bearer", "user_id": str(user["_id"])}
 
-""" Is it really usefull ? idk.
+
 @app.get(
     path="/logout",
     responses={401: {"model": HTTPError}}
 )
 async def logout(current_user: User = Depends(get_current_user)):
     return {"message": "Logged out"}
-"""
+
 
 @app.get(
     path="/pin/{id}",