Update openhands/server/listen.py

openhands/server/listen.py

@@ -2,7 +2,6 @@ import asyncio
 import os
 import re
 import tempfile
-import time
 import uuid
 import warnings
 from contextlib import asynccontextmanager
@@ -61,7 +60,7 @@ from openhands.events.serialization import event_to_dict
 from openhands.events.stream import AsyncEventStreamWrapper
 from openhands.llm import bedrock
 from openhands.runtime.base import Runtime
-from openhands.server.auth import get_sid_from_token, sign_token, jwt_encode, jwt_decode
+from openhands.server.auth import get_sid_from_token, sign_token
 from openhands.server.middleware import LocalhostCORSMiddleware, NoCacheMiddleware
 from openhands.server.session import SessionManager
 
@@ -206,19 +205,9 @@ async def attach_session(request: Request, call_next):
         return response
 
     # First check for auth cookie
-    signed_token = request.cookies.get('github_auth')
-    github_token = None
+    github_token = request.cookies.get('github_auth')
     
-    if signed_token:
-        try:
-            # Verify and decode the JWT token
-            cookie_data = jwt_decode(signed_token, config.jwt_secret)
-            github_token = cookie_data.get('github_token')
-        except Exception:
-            # If token is invalid or expired, ignore it
-            github_token = None
-    
-    # If no valid cookie, fall back to header
+    # If no cookie, fall back to header
     if not github_token:
         github_token = request.headers.get('X-GitHub-Token')
         # If no header token either, return error
@@ -887,20 +876,13 @@ async def authenticate(request: Request):
             content={'error': 'Not authorized via GitHub waitlist'},
         )
 
-    # Create a signed JWT token with 1-hour expiration
-    cookie_data = {
-        'github_token': token,
-        'exp': int(time.time()) + 3600  # 1 hour expiration
-    }
-    signed_token = jwt_encode(cookie_data, config.jwt_secret)
-
     response = JSONResponse(
         status_code=status.HTTP_200_OK, content={'message': 'User authenticated'})
     
-    # Set secure cookie with signed token
+    # Set secure cookie that expires in 1 hour
     response.set_cookie(
         key="github_auth",
-        value=signed_token,
+        value=token,
         max_age=3600,  # 1 hour in seconds
         httponly=True,
         secure=True,