Spaces:
Running
Running
| import jwt | |
| import bcrypt | |
| from datetime import datetime, timedelta | |
| import os | |
| import dotenv | |
| dotenv.load_dotenv() | |
| AUTH_SECRET = os.getenv("AUTH_KEY") | |
| AUTH_TTL = int(os.getenv("AUTH_TTL")) | |
| def create_session(data: dict) -> str: | |
| """ | |
| Create a JWT token with expiration. | |
| """ | |
| expires_at = datetime.now() + timedelta(minutes=AUTH_TTL) | |
| token = jwt.encode({"exp": expires_at, **data}, AUTH_SECRET, algorithm="HS256") | |
| return token | |
| def check_session(token: str) -> dict: | |
| """ | |
| Verify the JWT token and return the decoded data. | |
| """ | |
| try: | |
| decoded = jwt.decode(token, AUTH_SECRET, algorithms=["HS256"]) | |
| return decoded | |
| except jwt.ExpiredSignatureError: | |
| raise ValueError("Token has expired") | |
| except jwt.InvalidTokenError: | |
| raise ValueError("Invalid token") | |
| def hide_pass(password: str) -> str: | |
| """ | |
| Hash the password using bcrypt. | |
| """ | |
| hashed = bcrypt.hashpw(password.encode("utf-8"), bcrypt.gensalt()) | |
| return hashed.decode("utf-8") | |
| def check_pass(password: str, hashed: str) -> bool: | |
| """ | |
| Compare the password with its hash. | |
| """ | |
| return bcrypt.checkpw(password.encode("utf-8"), hashed.encode("utf-8")) | |