-
Notifications
You must be signed in to change notification settings - Fork 523
Expand file tree
/
Copy pathauth.py
More file actions
59 lines (46 loc) · 1.71 KB
/
auth.py
File metadata and controls
59 lines (46 loc) · 1.71 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
import os
import time
import hashlib
from typing import Optional
from utils.loggers import get_logger
logger = get_logger()
# Simulate a user/token database
MOCK_USERS = {
"user_001": "admin",
"user_002": "learner",
"user_003": "mentor"
}
# Simulated secret key (could be replaced with JWT secret or OAuth config)
SECRET_KEY = os.getenv("AUTH_SECRET_KEY", "sunbird_secret_key")
# Token TTL in seconds (e.g., 1 hour)
TOKEN_TTL = 3600
def generate_token(user_id: str) -> str:
"""Generate a simple hashed token with TTL."""
if user_id not in MOCK_USERS:
raise ValueError("Invalid user ID")
timestamp = str(int(time.time()) + TOKEN_TTL)
raw = f"{user_id}:{timestamp}:{SECRET_KEY}"
token = hashlib.sha256(raw.encode()).hexdigest()
logger.info(f"Generated token for {user_id}")
return f"{user_id}:{timestamp}:{token}"
def validate_token(token: str) -> Optional[str]:
"""Validate token and return user_id if valid, else None."""
try:
user_id, timestamp, token_hash = token.split(":")
if time.time() > int(timestamp):
logger.warning("Token expired")
return None
expected_raw = f"{user_id}:{timestamp}:{SECRET_KEY}"
expected_hash = hashlib.sha256(expected_raw.encode()).hexdigest()
if expected_hash == token_hash:
logger.info(f"Validated token for {user_id}")
return user_id
else:
logger.warning("Token hash mismatch")
return None
except Exception as e:
logger.error(f"Token validation failed: {e}")
return None
def get_user_role(user_id: str) -> Optional[str]:
"""Get the role of the user from mock DB."""
return MOCK_USERS.get(user_id)