fix(auth): set session expires_at to non-nullable with 1 year max
This commit is contained in:
@@ -25,7 +25,7 @@ def verify_password(password: str, password_hash: str) -> bool:
|
|||||||
|
|
||||||
def create_session(user_id: int, db: DbSession, remember_me: bool = False) -> str:
|
def create_session(user_id: int, db: DbSession, remember_me: bool = False) -> str:
|
||||||
token = uuid4().hex
|
token = uuid4().hex
|
||||||
expires_at = (datetime.now(timezone.utc) + timedelta(days=365)) if remember_me else None
|
expires_at = datetime.now(timezone.utc) + timedelta(days=365)
|
||||||
db.add(UserSession(token=token, user_id=user_id, expires_at=expires_at))
|
db.add(UserSession(token=token, user_id=user_id, expires_at=expires_at))
|
||||||
db.commit()
|
db.commit()
|
||||||
return token
|
return token
|
||||||
|
|||||||
@@ -28,7 +28,7 @@ class UserSession(Base):
|
|||||||
token = Column(String(64), primary_key=True)
|
token = Column(String(64), primary_key=True)
|
||||||
user_id = Column(Integer, ForeignKey("users.id", ondelete="CASCADE"), nullable=False)
|
user_id = Column(Integer, ForeignKey("users.id", ondelete="CASCADE"), nullable=False)
|
||||||
created_at = Column(DateTime, default=_utcnow)
|
created_at = Column(DateTime, default=_utcnow)
|
||||||
expires_at = Column(DateTime, nullable=True)
|
expires_at = Column(DateTime, nullable=False)
|
||||||
|
|
||||||
user = relationship("User", back_populates="sessions")
|
user = relationship("User", back_populates="sessions")
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user