Bugfix/fix_TokenType_is_expired

nrbnlulu / strawberry-django-auth

Authentication system for django using strawberry

https://nrbnlulu.github.io/strawberry-django-auth/

MIT License

68 stars 31 forks source link

Bugfix/fix_TokenType_is_expired #575

Closed shmoon-kr closed 3 months ago

shmoon-kr commented 3 months ago

Summary by Sourcery

This pull request fixes a bug in the TokenType.is_expired() method by ensuring that the payload expiration timestamp is timezone-aware before comparison. Additionally, a RELEASE.md file has been added to document the patch release and the bug fix.

Bug Fixes:
- Fixed the issue in TokenType.is_expired() where a naive timestamp was being compared with an aware timestamp, causing the function to fail.
Documentation:
- Added RELEASE.md to document the patch release and the specific issue fixed in TokenType.is_expired().

sourcery-ai[bot] commented 3 months ago

Reviewer's Guide by Sourcery

This pull request addresses a bug in the TokenType.is_expired method by ensuring that the timestamp comparison is done between aware datetime objects. Additionally, a new RELEASE.md file has been added to document the release type and the bug fix details.

File-Level Changes

Files	Changes
`gqlauth/jwt/types_.py` `RELEASE.md`	Fixed a bug in `TokenType.is_expired` by ensuring aware datetime comparison and added release notes documenting the fix.

Tips

- Trigger a new Sourcery review by commenting `@sourcery-ai review` on the pull request. - Continue your discussion with Sourcery by replying directly to review comments. - You can change your review settings at any time by accessing your [dashboard](https://app.sourcery.ai): - Enable or disable the Sourcery-generated pull request summary or reviewer's guide; - Change the review language; - You can always [contact us](mailto:support@sourcery.ai) if you have any questions or feedback.

gqlauth commented 3 months ago

Release Notes

Just wanted to say

![success](https://media.giphy.com/media/v1.Y2lkPTc5MGI3NjExMTlmYjI2N2M0Yjk3YzQwOGZjOTYzYWRlNjQwNjkwNWJiZmI2MzhjMyZlcD12MV9pbnRlcm5hbF9naWZzX2dpZklkJmN0PWc/1Z02vuppxP1Pa/giphy.gif)

Release type: patch

Fix issue: TokenType.is_expired() fails since it's comparing naive timestamp with aware timestamp Replace payload.exp with payload.exp.replace(tzinfo=timezone.utc) when it is compared with utc_now()

codecov[bot] commented 3 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 92.96%. Comparing base (9c760b6) to head (def91a6). Report is 38 commits behind head on main.

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #575 +/- ## ========================================== + Coverage 92.82% 92.96% +0.13% ========================================== Files 33 33 Lines 1478 1506 +28 ========================================== + Hits 1372 1400 +28 Misses 106 106 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

shmoon-kr commented 3 months ago

I was wondering why did it pass test cases though there's a test case for the function and now I've got the answer. When a TokenType is generated from a user, time stamp is aware timestamp so there's no problem in is_expired() function. But when a TokenType is generated from a token, time stamp is naive timestamp and there was no test code for this case. I just added a test case and update PR.

shmoon-kr commented 3 months ago

The issue was resolved by setting JWT payload timestamp format.