mirror of
https://github.com/All-Hands-AI/OpenHands.git
synced 2026-04-29 03:00:45 -04:00
94831083c3
* feat: improve credential validation and simplify response in get_token * Apply suggestions from code review * Update opendevin/server/listen.py * fix typo * Apply suggestions from code review * Update listen.py to remove unused import. --------- Co-authored-by: Robert Brennan <accounts@rbren.io>
44 lines
1.2 KiB
Python
44 lines
1.2 KiB
Python
import os
|
|
import jwt
|
|
from typing import Dict
|
|
from opendevin.logger import opendevin_logger as logger
|
|
from jwt.exceptions import InvalidTokenError
|
|
|
|
JWT_SECRET = os.getenv('JWT_SECRET', '5ecRe7')
|
|
|
|
|
|
def get_sid_from_token(token: str) -> str:
|
|
"""
|
|
Retrieves the session id from a JWT token.
|
|
|
|
Parameters:
|
|
token (str): The JWT token from which the session id is to be extracted.
|
|
|
|
Returns:
|
|
str: The session id if found and valid, otherwise an empty string.
|
|
"""
|
|
try:
|
|
# Decode the JWT using the specified secret and algorithm
|
|
payload = jwt.decode(token, JWT_SECRET, algorithms=['HS256'])
|
|
|
|
# Ensure the payload contains 'sid'
|
|
if 'sid' in payload:
|
|
return payload['sid']
|
|
else:
|
|
logger.error('SID not found in token')
|
|
return ''
|
|
except InvalidTokenError:
|
|
logger.error('Invalid token')
|
|
except Exception as e:
|
|
logger.exception('Unexpected error decoding token: %s', e)
|
|
return ''
|
|
|
|
|
|
def sign_token(payload: Dict[str, object]) -> str:
|
|
"""Signs a JWT token."""
|
|
# payload = {
|
|
# "sid": sid,
|
|
# # "exp": datetime.now(timezone.utc) + timedelta(minutes=15),
|
|
# }
|
|
return jwt.encode(payload, JWT_SECRET, algorithm='HS256')
|