From 9c4f5e5e74753ec830d7b9721e452547edf17365 Mon Sep 17 00:00:00 2001 From: Boxiang Zhu Date: Mon, 5 Jun 2023 16:40:49 +0800 Subject: [PATCH] feat: Add time_expired into cookie Now the expired time for skyline and keystone is not the same value. Sometime, when the token of keystone is valid but the jwt token of skyline-apiserver is invalid. The skyline-console will send the request to backend service and then get 401 from skyline. So we add time_expired into cookie, then skyline-console can check whether time expired or not. Change-Id: Id1d3a83eb433c18e88828115e8bd744151fb14f7 --- .../notes/add-time-expired-into-cookie-ea5d947625480f65.yaml | 5 +++++ skyline_apiserver/api/deps.py | 1 + skyline_apiserver/api/v1/login.py | 3 +++ skyline_apiserver/types/constants.py | 3 +++ 4 files changed, 12 insertions(+) create mode 100644 releasenotes/notes/add-time-expired-into-cookie-ea5d947625480f65.yaml diff --git a/releasenotes/notes/add-time-expired-into-cookie-ea5d947625480f65.yaml b/releasenotes/notes/add-time-expired-into-cookie-ea5d947625480f65.yaml new file mode 100644 index 0000000..1090bba --- /dev/null +++ b/releasenotes/notes/add-time-expired-into-cookie-ea5d947625480f65.yaml @@ -0,0 +1,5 @@ +--- +features: + - | + Add ``time_expired`` into cookie, so that skyline-console can follow this + value to check whether the token is valid or not. diff --git a/skyline_apiserver/api/deps.py b/skyline_apiserver/api/deps.py index 05da0b7..66dc88f 100644 --- a/skyline_apiserver/api/deps.py +++ b/skyline_apiserver/api/deps.py @@ -80,4 +80,5 @@ async def get_profile_update_jwt(request: Request, response: Response) -> schema if 0 < profile.exp - time.time() < CONF.default.access_token_renew: profile.exp = int(time.time()) + CONF.default.access_token_expire response.set_cookie(CONF.default.session_name, profile.toJWTPayload()) + response.set_cookie(constants.TIME_EXPIRED_KEY, str(profile.exp)) return profile diff --git a/skyline_apiserver/api/v1/login.py b/skyline_apiserver/api/v1/login.py index 8866c7b..c088c73 100644 --- a/skyline_apiserver/api/v1/login.py +++ b/skyline_apiserver/api/v1/login.py @@ -184,6 +184,7 @@ async def login( ) else: response.set_cookie(CONF.default.session_name, profile.toJWTPayload()) + response.set_cookie(constants.TIME_EXPIRED_KEY, str(profile.exp)) return profile @@ -279,6 +280,7 @@ async def websso( else: response = RedirectResponse(url="/base/overview", status_code=status.HTTP_302_FOUND) response.set_cookie(CONF.default.session_name, profile.toJWTPayload()) + response.set_cookie(constants.TIME_EXPIRED_KEY, str(profile.exp)) return response @@ -378,4 +380,5 @@ async def switch_project( ) else: response.set_cookie(CONF.default.session_name, profile.toJWTPayload()) + response.set_cookie(constants.TIME_EXPIRED_KEY, str(profile.exp)) return profile diff --git a/skyline_apiserver/types/constants.py b/skyline_apiserver/types/constants.py index 2b64925..fa53090 100644 --- a/skyline_apiserver/types/constants.py +++ b/skyline_apiserver/types/constants.py @@ -66,3 +66,6 @@ SUPPORTED_SERVICE_EPS = { "trove": ["trove"], "zun": ["zun"], } + +# Key of Time Expired in Cookie +TIME_EXPIRED_KEY = "time_expired"