0

I'll come straight to the point:

  1. I create the jwt:
jwt.encode({'sub':"abc", "iat":datetime.now(tz=timezone.utc), "exp":datetime.now()+timedelta(seconds=1)}, JWT_KEY, algorithm="HS256")
  1. I wait
time.sleep(3)
  1. I try to validate the exp flag:
    try:
        return jwt.decode(token, JWT_KEY, algorithms=["HS256"])
    except jwt.ExpiredSignatureError:
        raise Exception("JWT expired")

But it won't raise the desired exception even though the current time is behind the exp timestamp

Sven
  • 1,014
  • 1
  • 11
  • 27

1 Answers1

0

The problem was the creation of the token.

I just forgot to add tz=timezone.utc into the exp flag like I did with the iat flag.

So, the working code:

jwt.encode({'sub':"abc", "iat":datetime.now(tz=timezone.utc), "exp":datetime.now(tz=timezone.utc)+timedelta(seconds=1)}, JWT_KEY, algorithm="HS256")
Sven
  • 1,014
  • 1
  • 11
  • 27