finai/backend/app/core/security.py

23 lines
799 B
Python

from datetime import datetime, timedelta, timezone
from jose import JWTError, jwt
from app.config import get_settings
def create_access_token(subject: str, expires_minutes: int | None = None) -> str:
settings = get_settings()
expire = datetime.now(timezone.utc) + timedelta(minutes=expires_minutes or settings.jwt_expire_minutes)
payload = {"sub": subject, "exp": expire}
return jwt.encode(payload, settings.jwt_secret_key, algorithm=settings.jwt_algorithm)
def decode_access_token(token: str) -> str | None:
settings = get_settings()
try:
payload = jwt.decode(token, settings.jwt_secret_key, algorithms=[settings.jwt_algorithm])
except JWTError:
return None
subject = payload.get("sub")
return str(subject) if subject is not None else None