PyPI - zrb - Versions diffs - 0.0.52__py3-none-any.whl → 0.0.53__py3-none-any.whl - Mend

zrb 0.0.52py3-none-any.whl → 0.0.53py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (93) hide show

zrb/builtin/generator/fastapp/template/src/kebab-app-name/src/module/auth/component/refresh_token_util.py ADDED Viewed

@@ -0,0 +1,17 @@
+from config import (
+    app_auth_refresh_token_type, app_auth_jwt_token_algorithm,
+    app_auth_jwt_token_secret_key
+)
+from module.auth.core import RefreshTokenUtil, JWTRefreshTokenUtil
+def init_token_util() -> RefreshTokenUtil:
+    if app_auth_refresh_token_type.lower() == 'jwt':
+        return JWTRefreshTokenUtil(
+            secret_key=app_auth_jwt_token_secret_key,
+            algorithm=app_auth_jwt_token_algorithm
+        )
+    raise ValueError(f'Invalid auth token type: {app_auth_refresh_token_type}')
+refresh_token_util = init_token_util()

zrb/builtin/generator/fastapp/template/src/kebab-app-name/src/module/auth/core/__init__.py CHANGED Viewed

@@ -4,18 +4,23 @@ from module.auth.core.password_hasher.password_hasher import PasswordHasher
 from module.auth.core.password_hasher.bcrypt_password_hasher import (
     BcryptPasswordHasher
 )
-from module.auth.core.token_scheme.token_sheme import TokenScheme
-from module.auth.core.token_scheme.oauth2_bearer_token_scheme import (
-    create_oauth2_bearer_token_scheme
+from module.auth.core.access_token.scheme import (
+    AccessTokenScheme, create_oauth2_bearer_access_token_scheme
+)
+from module.auth.core.access_token.util import (
+    AccessTokenUtil, JWTAccessTokenUtil
+)
+from module.auth.core.refresh_token.util import (
+    RefreshTokenUtil, JWTRefreshTokenUtil
 )
-from module.auth.core.token_util.token_util import TokenUtil
-from module.auth.core.token_util.jwt_token_util import JWTTokenUtil
 assert Authorizer
 assert RPCAuthorizer
 assert PasswordHasher
 assert BcryptPasswordHasher
-assert TokenScheme
-assert create_oauth2_bearer_token_scheme
-assert TokenUtil
-assert JWTTokenUtil
+assert AccessTokenScheme
+assert create_oauth2_bearer_access_token_scheme
+assert AccessTokenUtil
+assert JWTAccessTokenUtil
+assert RefreshTokenUtil
+assert JWTRefreshTokenUtil

zrb/builtin/generator/fastapp/template/src/kebab-app-name/src/module/auth/core/{token_scheme/oauth2_bearer_token_scheme.py → access_token/scheme.py} RENAMED Viewed

@@ -1,19 +1,20 @@
-from typing import Optional
+from typing import Callable, Optional
 from starlette.requests import Request
 from fastapi import Depends
 from fastapi.security import OAuth2PasswordBearer
-from module.auth.core.token_util.token_util import TokenUtil
-from module.auth.core.token_scheme.token_sheme import TokenScheme
-from module.auth.schema.token import TokenData
+from module.auth.schema.token import AccessTokenData
 from module.auth.schema.user import User
+from module.auth.core.access_token.util import AccessTokenUtil
+AccessTokenScheme = Callable[[Request], AccessTokenData]
-def create_oauth2_bearer_token_scheme(
+def create_oauth2_bearer_access_token_scheme(
     guest_user: User,
-    token_util: TokenUtil,
+    access_token_util: AccessTokenUtil,
     token_url: str,
     token_cookie_key: str
-) -> TokenScheme:
+) -> AccessTokenScheme:
     oauth2_scheme = OAuth2PasswordBearer(
         tokenUrl=token_url, auto_error=False
@@ -22,17 +23,16 @@ def create_oauth2_bearer_token_scheme(
     async def oauth2_bearer_token_scheme(
         request: Request,
         token: Optional[str] = Depends(oauth2_scheme)
-    ) -> TokenData:
+    ) -> AccessTokenData:
         token: Optional[str] = await oauth2_scheme(request)
         if token is None:
             request.cookies.get(token_cookie_key, None)
         if token is None:
-            return TokenData(
+            return AccessTokenData(
                 user_id=guest_user.id,
                 username=guest_user.username,
-                permission_names=[],
                 expire_seconds=300
             )
-        return token_util.decode(token)
+        return access_token_util.decode(token, parse_expired_token=False)
     return oauth2_bearer_token_scheme

zrb/builtin/generator/fastapp/template/src/kebab-app-name/src/module/auth/core/access_token/util.py ADDED Viewed

@@ -0,0 +1,69 @@
+from typing import Any, Mapping
+from abc import ABC, abstractmethod
+from core.error import HTTPAPIException
+from module.auth.schema.token import AccessTokenData
+from datetime import datetime, timedelta
+from jose import jwt
+import jsons
+class AccessTokenUtil(ABC):
+    @abstractmethod
+    def encode(self, token_data: AccessTokenData) -> str:
+        pass
+    @abstractmethod
+    def decode(
+        self, token_str: str, parse_expired_token: bool = False
+    ) -> AccessTokenData:
+        pass
+class JWTAccessTokenUtil(AccessTokenUtil):
+    def __init__(self, secret_key: str, algorithm: str = 'HS256'):
+        self.secret_key = secret_key
+        self.algorithm = algorithm
+    def encode(self, data: AccessTokenData) -> str:
+        expire_time = datetime.utcnow() + timedelta(
+            seconds=data.expire_seconds
+        )
+        sub = jsons.dumps(data.dict())
+        data_dict = {'sub': sub, 'exp': expire_time}
+        encoded_jwt = jwt.encode(
+            data_dict, self.secret_key, algorithm=self.algorithm
+        )
+        return encoded_jwt
+    def decode(
+        self, token: str, parse_expired_token: bool = False
+    ) -> AccessTokenData:
+        try:
+            decoded_data = jwt.decode(
+                token,
+                self.secret_key,
+                algorithms=[self.algorithm],
+                options=self._get_decode_options(parse_expired_token)
+            )
+            sub = jsons.loads(decoded_data['sub'])
+            token_data = AccessTokenData.parse_obj(sub)
+            if not parse_expired_token:
+                expire_time = decoded_data['exp']
+                token_data.expire_seconds = ((
+                    datetime.fromtimestamp(expire_time) - datetime.utcnow()
+                ).total_seconds())
+                if token_data.expire_seconds < 0:
+                    raise HTTPAPIException(422, 'Expired token')
+            return token_data
+        except jwt.JWTError:
+            raise HTTPAPIException(422, 'Invalid token')
+    def _get_decode_options(
+        self, parse_expired_token: bool
+    ) -> Mapping[str, Any]:
+        if parse_expired_token:
+            return {'verify_exp': False}
+        return {}

zrb/builtin/generator/fastapp/template/src/kebab-app-name/src/module/auth/core/authorizer/rpc_authorizer.py CHANGED Viewed

@@ -27,10 +27,12 @@ class RPCAuthorizer(Authorizer):
         )
     async def is_having_permission(
-        self, user_id: str, *permission_names: str
+        self, user_id: str, *permission_name: str
     ) -> bool:
         permission_map = await self.rpc_caller.call(
-            self.is_user_authorized_rpc_name, user_id, *permission_names
+            self.is_user_authorized_rpc_name,
+            id=user_id,
+            permission_name=permission_name
         )
         for permission in permission_map:
             if not permission_map[permission]:

zrb/builtin/generator/fastapp/template/src/kebab-app-name/src/module/auth/core/{token_util/jwt_token_util.py → refresh_token/util.py} RENAMED Viewed

@@ -1,18 +1,30 @@
+from abc import ABC, abstractmethod
 from core.error import HTTPAPIException
-from module.auth.schema.token import TokenData
-from module.auth.core.token_util.token_util import TokenUtil
+from module.auth.schema.token import RefreshTokenData
 from datetime import datetime, timedelta
 from jose import jwt
 import jsons
-class JWTTokenUtil(TokenUtil):
+class RefreshTokenUtil(ABC):
+    @abstractmethod
+    def encode(self, token_data: RefreshTokenData) -> str:
+        pass
+    @abstractmethod
+    def decode(self, token_str: str) -> RefreshTokenData:
+        pass
+class JWTRefreshTokenUtil(RefreshTokenUtil):
     def __init__(self, secret_key: str, algorithm: str = 'HS256'):
         self.secret_key = secret_key
         self.algorithm = algorithm
-    def encode(self, data: TokenData) -> str:
+    def encode(self, data: RefreshTokenData) -> str:
         expire_time = datetime.utcnow() + timedelta(
             seconds=data.expire_seconds
         )
@@ -23,13 +35,13 @@ class JWTTokenUtil(TokenUtil):
         )
         return encoded_jwt
-    def decode(self, token: str) -> TokenData:
+    def decode(self, token: str) -> RefreshTokenData:
         try:
             decoded_data = jwt.decode(
                 token, self.secret_key, algorithms=[self.algorithm]
             )
             sub = jsons.loads(decoded_data['sub'])
-            token_data = TokenData.parse_obj(sub)
+            token_data = RefreshTokenData.parse_obj(sub)
             expire_time = decoded_data['exp']
             token_data.expire_seconds = ((
                 datetime.fromtimestamp(expire_time) - datetime.utcnow()

zrb/builtin/generator/fastapp/template/src/kebab-app-name/src/module/auth/entity/group/api.py CHANGED Viewed

@@ -7,8 +7,8 @@ from module.auth.core import Authorizer
 from module.auth.schema.group import (
     Group, GroupData, GroupResult
 )
-from module.auth.schema.token import TokenData
-from module.auth.component import token_scheme
+from module.auth.schema.token import AccessTokenData
+from module.auth.component import access_token_scheme
 def register_api(
@@ -25,7 +25,7 @@ def register_api(
     )
     async def get_groups(
         keyword: str = '', limit: int = 100, offset: int = 0,
-        user_token_data: TokenData = Depends(token_scheme),
+        user_token_data: AccessTokenData = Depends(access_token_scheme),
     ):
         if not await authorizer.is_having_permission(
             user_token_data.user_id, 'auth:permission:get'
@@ -48,7 +48,7 @@ def register_api(
         '/api/v1/auth/groups/{id}', response_model=Group
     )
     async def get_group_by_id(
-        id: str, user_token_data: TokenData = Depends(token_scheme)
+        id: str, user_token_data: AccessTokenData = Depends(access_token_scheme)
     ):
         if not await authorizer.is_having_permission(
             user_token_data.user_id, 'auth:group:get_by_id'
@@ -67,7 +67,8 @@ def register_api(
         '/api/v1/auth/groups', response_model=Group
     )
     async def insert_group(
-        data: GroupData, user_token_data: TokenData = Depends(token_scheme)
+        data: GroupData,
+        user_token_data: AccessTokenData = Depends(access_token_scheme)
     ):
         if not await authorizer.is_having_permission(
             user_token_data.user_id, 'auth:group:insert'
@@ -87,7 +88,7 @@ def register_api(
     )
     async def update_group(
         id: str, data: GroupData,
-        user_token_data: TokenData = Depends(token_scheme)
+        user_token_data: AccessTokenData = Depends(access_token_scheme)
     ):
         if not await authorizer.is_having_permission(
             user_token_data.user_id, 'auth:group:update'
@@ -106,7 +107,8 @@ def register_api(
         '/api/v1/auth/groups/{id}', response_model=Group
     )
     async def delete_group(
-        id: str, user_token_data: TokenData = Depends(token_scheme)
+        id: str,
+        user_token_data: AccessTokenData = Depends(access_token_scheme)
     ):
         if not await authorizer.is_having_permission(
             user_token_data.user_id, 'auth:group:delete'

zrb/builtin/generator/fastapp/template/src/kebab-app-name/src/module/auth/entity/group/rpc.py CHANGED Viewed

@@ -5,7 +5,7 @@ from core.rpc import Caller, Server
 from core.repo import SearchFilter
 from module.auth.component.model.group_model import group_model
 from module.auth.schema.group import GroupData
-from module.auth.schema.token import TokenData
+from module.auth.schema.token import AccessTokenData
 def register_rpc(
@@ -46,7 +46,7 @@ def register_rpc(
         data: Mapping[str, Any],
         user_token_data: Mapping[str, Any]
     ) -> Mapping[str, Any]:
-        user_token_data: TokenData = TokenData(**user_token_data)
+        user_token_data: AccessTokenData = AccessTokenData(**user_token_data)
         data['created_by'] = user_token_data.user_id
         data['updated_by'] = user_token_data.user_id
         row = await group_model.insert(
@@ -60,7 +60,7 @@ def register_rpc(
         data: Mapping[str, Any],
         user_token_data: Mapping[str, Any]
     ) -> Mapping[str, Any]:
-        user_token_data: TokenData = TokenData(**user_token_data)
+        user_token_data: AccessTokenData = AccessTokenData(**user_token_data)
         data['updated_by'] = user_token_data.user_id
         row = await group_model.update(
             id=id, data=GroupData(**data)
@@ -72,6 +72,6 @@ def register_rpc(
         id: str,
         user_token_data: Mapping[str, Any]
     ) -> Mapping[str, Any]:
-        user_token_data = TokenData(**user_token_data)
+        user_token_data = AccessTokenData(**user_token_data)
         row = await group_model.delete(id=id)
         return row.dict()

zrb/builtin/generator/fastapp/template/src/kebab-app-name/src/module/auth/entity/permission/api.py CHANGED Viewed

@@ -7,8 +7,8 @@ from module.auth.core import Authorizer
 from module.auth.schema.permission import (
     Permission, PermissionData, PermissionResult
 )
-from module.auth.schema.token import TokenData
-from module.auth.component import token_scheme
+from module.auth.schema.token import AccessTokenData
+from module.auth.component import access_token_scheme
 def register_api(
@@ -25,7 +25,7 @@ def register_api(
     )
     async def get_permissions(
         keyword: str = '', limit: int = 100, offset: int = 0,
-        user_token_data: TokenData = Depends(token_scheme)
+        user_token_data: AccessTokenData = Depends(access_token_scheme)
     ):
         if not await authorizer.is_having_permission(
             user_token_data.user_id, 'auth:permission:get'
@@ -48,7 +48,8 @@ def register_api(
         '/api/v1/auth/permissions/{id}', response_model=Permission
     )
     async def get_permission_by_id(
-        id: str, user_token_data: TokenData = Depends(token_scheme)
+        id: str,
+        user_token_data: AccessTokenData = Depends(access_token_scheme)
     ):
         if not await authorizer.is_having_permission(
             user_token_data.user_id, 'auth:permission:get_by_id'
@@ -68,7 +69,7 @@ def register_api(
     )
     async def insert_permission(
         data: PermissionData,
-        user_token_data: TokenData = Depends(token_scheme)
+        user_token_data: AccessTokenData = Depends(access_token_scheme)
     ):
         if not await authorizer.is_having_permission(
             user_token_data.user_id, 'auth:permission:insert'
@@ -88,7 +89,7 @@ def register_api(
     )
     async def update_permission(
         id: str, data: PermissionData,
-        user_token_data: TokenData = Depends(token_scheme)
+        user_token_data: AccessTokenData = Depends(access_token_scheme)
     ):
         if not await authorizer.is_having_permission(
             user_token_data.user_id, 'auth:permission:update'
@@ -107,7 +108,8 @@ def register_api(
         '/api/v1/auth/permissions/{id}', response_model=Permission
     )
     async def delete_permission(
-        id: str, user_token_data: TokenData = Depends(token_scheme)
+        id: str,
+        user_token_data: AccessTokenData = Depends(access_token_scheme)
     ):
         if not await authorizer.is_having_permission(
             user_token_data.user_id, 'auth:permission:delete'

zrb/builtin/generator/fastapp/template/src/kebab-app-name/src/module/auth/entity/permission/rpc.py CHANGED Viewed

@@ -5,7 +5,7 @@ from core.rpc import Caller, Server
 from core.repo import SearchFilter
 from module.auth.component.model.permission_model import permission_model
 from module.auth.schema.permission import PermissionData
-from module.auth.schema.token import TokenData
+from module.auth.schema.token import AccessTokenData
 def register_rpc(
@@ -52,7 +52,7 @@ def register_rpc(
         data: Mapping[str, Any],
         user_token_data: Mapping[str, Any]
     ) -> Mapping[str, Any]:
-        user_token_data = TokenData(**user_token_data)
+        user_token_data = AccessTokenData(**user_token_data)
         data['created_by'] = user_token_data.user_id
         data['updated_by'] = user_token_data.user_id
         row = await permission_model.insert(
@@ -66,7 +66,7 @@ def register_rpc(
         data: Mapping[str, Any],
         user_token_data: Mapping[str, Any]
     ) -> Mapping[str, Any]:
-        user_token_data = TokenData(**user_token_data)
+        user_token_data = AccessTokenData(**user_token_data)
         data['updated_by'] = user_token_data.user_id
         row = await permission_model.update(
             id=id, data=PermissionData(**data)
@@ -78,6 +78,6 @@ def register_rpc(
         id: str,
         user_token_data: Mapping[str, Any]
     ) -> Mapping[str, Any]:
-        user_token_data = TokenData(**user_token_data)
+        user_token_data = AccessTokenData(**user_token_data)
         row = await permission_model.delete(id=id)
         return row.dict()

zrb/builtin/generator/fastapp/template/src/kebab-app-name/src/module/auth/entity/user/api.py CHANGED Viewed

@@ -9,9 +9,9 @@ from module.auth.core import Authorizer
 from module.auth.schema.user import (
     User, UserData, UserResult, UserLogin
 )
-from module.auth.schema.token import TokenData, TokenResponse
+from module.auth.schema.token import AccessTokenData, TokenResponse
 from module.auth.schema.request import RefreshTokenRequest, IsAuthorizedRequest
-from module.auth.component import token_scheme
+from module.auth.component import access_token_scheme, bearer_token_scheme
 def register_auth_api(
@@ -39,32 +39,39 @@ def register_auth_api(
     async def _create_token(data: UserLogin) -> TokenResponse:
         try:
-            token = await rpc_caller.call(
+            token_response_dict = await rpc_caller.call(
                 'auth_create_token', login_data=data.dict()
             )
-            return TokenResponse(access_token=token, token_type='bearer')
+            return TokenResponse(**token_response_dict)
         except Exception as e:
             raise HTTPAPIException(error=e)
     @app.post('/api/v1/auth/refresh-token', response_model=TokenResponse)
-    async def refresh_token(data: RefreshTokenRequest) -> TokenResponse:
+    async def refresh_token(
+        data: RefreshTokenRequest,
+        refresh_token: str = Depends(bearer_token_scheme)
+    ) -> TokenResponse:
         try:
-            token = await rpc_caller.call(
-                'auth_refresh_token', token=data.token
+            token_response_dict = await rpc_caller.call(
+                'auth_refresh_token',
+                refresh_token=refresh_token,
+                access_token=data.access_token
             )
-            return TokenResponse(access_token=token, token_type='bearer')
+            return TokenResponse(**token_response_dict)
         except Exception as e:
             raise HTTPAPIException(error=e)
     @app.post('/api/v1/auth/is-authorized', response_model=Mapping[str, bool])
     async def is_authorized(
         data: IsAuthorizedRequest,
-        user_token_data: TokenData = Depends(token_scheme)
+        user_token_data: AccessTokenData = Depends(access_token_scheme)
     ) -> Mapping[str, str]:
         try:
             user_id = user_token_data.user_id
             return await rpc_caller.call(
-                'auth_is_user_authorized', id=user_id, *data.permission_names
+                'auth_is_user_authorized',
+                id=user_id,
+                permission_name=data.permission_names
             )
         except Exception as e:
             raise HTTPAPIException(error=e)
@@ -84,7 +91,7 @@ def register_api(
     )
     async def get_users(
         keyword: str = '', limit: int = 100, offset: int = 0,
-        user_token_data: TokenData = Depends(token_scheme)
+        user_token_data: AccessTokenData = Depends(access_token_scheme)
     ):
         if not await authorizer.is_having_permission(
             user_token_data.user_id, 'auth:user:get'
@@ -107,7 +114,8 @@ def register_api(
         '/api/v1/auth/users/{id}', response_model=User
     )
     async def get_user_by_id(
-        id: str, user_token_data: TokenData = Depends(token_scheme)
+        id: str,
+        user_token_data: AccessTokenData = Depends(access_token_scheme)
     ):
         if not await authorizer.is_having_permission(
             user_token_data.user_id, 'auth:user:get_by_id'
@@ -126,7 +134,8 @@ def register_api(
         '/api/v1/auth/users', response_model=User
     )
     async def insert_user(
-        data: UserData, user_token_data: TokenData = Depends(token_scheme)
+        data: UserData,
+        user_token_data: AccessTokenData = Depends(access_token_scheme)
     ):
         if not await authorizer.is_having_permission(
             user_token_data.user_id, 'auth:user:insert'
@@ -146,7 +155,7 @@ def register_api(
     )
     async def update_user(
         id: str, data: UserData,
-        user_token_data: TokenData = Depends(token_scheme)
+        user_token_data: AccessTokenData = Depends(access_token_scheme)
     ):
         if not await authorizer.is_having_permission(
             user_token_data.user_id, 'auth:user:update'
@@ -165,7 +174,8 @@ def register_api(
         '/api/v1/auth/users/{id}', response_model=User
     )
     async def delete_user(
-        id: str, user_token_data: TokenData = Depends(token_scheme)
+        id: str,
+        user_token_data: AccessTokenData = Depends(access_token_scheme)
     ):
         if not await authorizer.is_having_permission(
             user_token_data.user_id, 'auth:user:delete'

zrb/builtin/generator/fastapp/template/src/kebab-app-name/src/module/auth/entity/user/model.py CHANGED Viewed

@@ -4,8 +4,10 @@ from module.auth.schema.user import (
     User, UserData, UserResult, UserLogin
 )
 from module.auth.entity.user.repo import UserRepo
-from module.auth.schema.token import TokenData
-from module.auth.core import TokenUtil
+from module.auth.schema.token import (
+    AccessTokenData, RefreshTokenData, TokenResponse
+)
+from module.auth.core import AccessTokenUtil, RefreshTokenUtil
 from module.auth.entity.permission.model import PermissionModel
@@ -18,16 +20,20 @@ class UserModel(
         self,
         repo: UserRepo,
         permission_model: PermissionModel,
-        token_util: TokenUtil,
-        expire_seconds: int,
+        access_token_util: AccessTokenUtil,
+        access_token_expire_seconds: int,
+        refresh_token_util: RefreshTokenUtil,
+        refresh_token_expire_seconds: int,
         guest_user: User,
         admin_user: Optional[User] = None,
         admin_user_password: str = ''
     ):
         self.repo = repo
         self.permission_model = permission_model
-        self.token_util = token_util
-        self.expire_seconds = expire_seconds
+        self.access_token_util = access_token_util
+        self.access_token_expire_seconds = access_token_expire_seconds
+        self.refresh_token_util = refresh_token_util
+        self.refresh_token_expire_seconds = refresh_token_expire_seconds
         self.guest_user = guest_user
         self.admin_user = admin_user
         self.admin_user_pasword = admin_user_password
@@ -116,21 +122,44 @@ class UserModel(
             return False
         return id == self.admin_user.id
-    async def create_token(self, user_login: UserLogin) -> str:
+    async def create_auth_token(self, user_login: UserLogin) -> TokenResponse:
         user = await self._get_user_by_user_login(user_login)
-        return self._get_token(user)
+        return TokenResponse(
+            access_token=self._get_access_token(user),
+            refresh_token=self._get_refresh_token(user),
+            token_type='bearer'
+        )
-    async def refresh_token(self, auth_token_str: str) -> str:
-        user = await self._get_user_by_token(auth_token_str)
-        return self._get_token(user)
+    async def refresh_auth_token(
+        self, refresh_token: str, access_token: str
+    ) -> TokenResponse:
+        access_token_data = self.access_token_util.decode(
+            access_token, parse_expired_token=True
+        )
+        refresh_token_data = self.refresh_token_util.decode(refresh_token)
+        if access_token_data.user_id != refresh_token_data.user_id:
+            raise ValueError('Unmatch refresh and access token')
+        user = await self.get_by_id(refresh_token_data.user_id)
+        return TokenResponse(
+            access_token=self._get_access_token(user),
+            refresh_token=self._get_refresh_token(user),
+            token_type='bearer'
+        )
-    def _get_token(self, user: User) -> str:
-        token_data = TokenData(
+    def _get_access_token(self, user: User) -> str:
+        access_token_data = AccessTokenData(
             user_id=user.id,
             username=user.username,
-            expire_seconds=self.expire_seconds
+            expire_seconds=self.access_token_expire_seconds
         )
-        return self.token_util.encode(token_data)
+        return self.access_token_util.encode(access_token_data)
+    def _get_refresh_token(self, user: User) -> str:
+        refresh_token_data = RefreshTokenData(
+            user_id=user.id,
+            expire_seconds=self.refresh_token_expire_seconds
+        )
+        return self.refresh_token_util.encode(refresh_token_data)
     async def _get_user_by_user_login(self, user_login: UserLogin) -> User:
         if user_login.identity == '':
@@ -146,7 +175,3 @@ class UserModel(
         ):
             return self.admin_user
         return await self.repo.get_by_user_login(user_login)
-    async def _get_user_by_token(self, token: str) -> User:
-        token_data = self.token_util.decode(token)
-        return await self.get_by_id(token_data.user_id)

zrb 0.0.52__py3-none-any.whl → 0.0.53__py3-none-any.whl

zrb 0.0.52py3-none-any.whl → 0.0.53py3-none-any.whl