We have wrote a code which helps to extends the jwt token life by saving it in redis/db. The code written works for some number of requests and suddenly throughs error for 401.
USING:
- Flask-AppBuilder==4.3.0
- Flask-JWT-Extended==4.4.4
- redis==4.5.1
class RedisTokenStore:
"""
@classname: RedisTokenStore
@Description: It is used to store and manage tokens in redis
"""
def __init__(self) -> None:
self.redis_store = redis.StrictRedis(
host=config.REDIS_HOST, port=config.REDIS_PORT, db=0, decode_responses=True
)
def set_value(self, key, value, expiry) -> None:
"""Set jwt token value and permissions object"""
self.redis_store.set(key, value, expiry)
def update_expiry(self, key, prolongation) -> None:
"""Update expiry of jwt token"""
self.redis_store.expire(key, prolongation)
def get_value(self, key):
"""Get value of jwt token"""
return self.redis_store.get(key)
def get_ttl(self, key):
"""Get time to left of jwt"""
return self.redis_store.ttl(key)
def delete(self, key):
"""Delete the keys from redis store"""
self.redis_store.delete(key)
__jwt = appbuilder.sm.jwt_manager
@__jwt.token_in_blocklist_loader
def check_if_token_is_revoked(jwt_header, jwt_payload):
"""
Method_name: check_if_token_is_revoked
Description: Check if token is avaialbe in token store.
if not available returns True ie. token is revoked/expired
else get total time left to expire token
if ttl < refresh token time : => update expiry time.
Params:
@REFRESH_TOKEN_TIME: instead of extend time of expiry for each request.
check if time if going below REFRESH_TOKEN_TIME value then only extend.
it will reduce extend time at each request load.
@jwt_payload: Json object with token details.
"""
jti = jwt_payload["jti"]
user_id = jwt_payload["user_id"]
entry = token_store.get_value(jti)
if entry is None:
return True
else:
ttl = token_store.get_ttl(jti)
if ttl < config.REFRESH_TOKEN_TIME:
token_store.set_value(jti, "false", config.TOKEN_LIFE)
token_store.update_expiry(f"{user_id}_permissions", config.TOKEN_LIFE)
return entry == "true"
This functions works fine for some requests. after that it stops to call token_in_blocklist_loader and returns 401 response in between.
