Token JWT Decode
aascagarwal opened this issue · comments
Suggestion: The token contains the time stamp for start and end ('iat': 1621506724, 'exp': 1621507624) of token validation, this can help in invalid token check without calling the beneficiary api everytime
use pyjwt
Also this will allow to regenerate the otp automatically just before expiration (if auto is selected)
Oh I dint know about this. Thank you!
Hi @aascagarwal - Did you decode the JWT? I seem to be running into InvalidSignatureError
If you're on Discord, could we have a quick chat sometime? ID: pallupz#5726
jwt.decode(token, options={"verify_signature": False})
algorithm?
oh wait.. got it
decoded = jwt.decode(token, options={"verify_signature": False})
print(decoded)
mobile = str(decoded['mobile_number'])
startTime = datetime.datetime.fromtimestamp(decoded['iat'])
d1 = (datetime.datetime.now() + datetime.timedelta(minutes=15)).replace(microsecond = 0)
print(d1)
print(startTime)
difference = (d1 - startTime).total_seconds() / 60
print(difference)
when I encode it back, I am not getting the same result
that's because, you need the signature..
you can put the expiration logic as intended, this was just a dummy I wrote to verify.
Relying on the this might be an issue, as cowin now logs out abruptly if any other session is working or number of requests are more, hence beneficiary check would still be a better fail safe
yea.. so at the moment, we can at best only predict when this will expire?
no way to generate the next token, I assum
I have not tried that, but mostly no
yea - I tried with different things for keys, but nothing has worked so far. and that'd be a dumb design anyway. was hoping maybe devs made a mistake somewhere.