Add Token model and update endpoints to use it

Refactor token validation and saving endpoints to accept a Token model instead of a raw string. Set default values for token generation request fields. Update TokenService cleanup to use datetime.now().
2025-10-08 14:05:11 +01:00
parent 38fb3e6e96
commit da1fb2a058
3 changed files with 59 additions and 48 deletions
--- a/microservices/token-service/token_service.py
+++ b/microservices/token-service/token_service.py
@@ -11,20 +11,20 @@ import os

 class TokenService:
    """Service for managing JWT tokens and authentication"""
-    
+
    def __init__(self, db: AsyncIOMotorDatabase, secret_key: str = None):
        self.db = db
        self.secret_key = secret_key or os.getenv("JWT_SECRET_KEY", "energy-dashboard-secret-key")
        self.tokens_collection = db.tokens
-    
-    def generate_token(self, name: str, list_of_resources: List[str], 
+
+    def generate_token(self, name: str, list_of_resources: List[str],
                      data_aggregation: bool = False, time_aggregation: bool = False,
                      embargo: int = 0, exp_hours: int = 24) -> str:
        """Generate a new JWT token with specified permissions"""
-        
+
        # Calculate expiration time
        exp_timestamp = int((datetime.utcnow() + timedelta(hours=exp_hours)).timestamp())
-        
+
        # Create token payload
        payload = {
            "name": name,
@@ -36,11 +36,11 @@ class TokenService:
            "iat": int(datetime.utcnow().timestamp()),
            "jti": str(uuid.uuid4())  # unique token ID
        }
-        
+
        # Generate JWT token
        token = jwt.encode(payload, self.secret_key, algorithm="HS256")
        return token
-    
+
    def decode_token(self, token: str) -> Optional[Dict[str, Any]]:
        """Decode and verify JWT token"""
        try:
@@ -50,11 +50,11 @@ class TokenService:
            return {"error": "Token has expired"}
        except jwt.InvalidTokenError:
            return {"error": "Invalid token"}
-    
+
    async def insert_token(self, token: str) -> Dict[str, Any]:
        """Save token to database"""
        now = datetime.utcnow()
-        
+
        # Decode token to verify it's valid
        decoded = self.decode_token(token)
        if decoded and "error" not in decoded:
@@ -68,14 +68,14 @@ class TokenService:
                "resources": decoded.get("list_of_resources", []),
                "expires_at": datetime.fromtimestamp(decoded.get("exp", 0))
            }
-            
+
            # Upsert token (update if exists, insert if not)
            await self.tokens_collection.replace_one(
                {"token": token},
                token_record,
                upsert=True
            )
-            
+
            return {
                "token": token,
                "datetime": now.isoformat(),
@@ -83,11 +83,11 @@ class TokenService:
            }
        else:
            raise ValueError("Invalid token cannot be saved")
-    
+
    async def revoke_token(self, token: str) -> Dict[str, Any]:
        """Revoke a token by marking it as inactive"""
        now = datetime.utcnow()
-        
+
        result = await self.tokens_collection.update_one(
            {"token": token},
            {
@@ -98,7 +98,7 @@ class TokenService:
                }
            }
        )
-        
+
        if result.matched_count > 0:
            return {
                "token": token,
@@ -107,51 +107,49 @@ class TokenService:
            }
        else:
            raise ValueError("Token not found")
-    
+
    async def get_tokens(self) -> List[Dict[str, Any]]:
        """Get all tokens from database"""
        cursor = self.tokens_collection.find({})
        tokens = []
-        
+
        async for token_record in cursor:
            # Convert ObjectId to string and datetime to ISO format
            token_record["_id"] = str(token_record["_id"])
            for field in ["datetime", "created_at", "updated_at", "expires_at", "revoked_at"]:
                if field in token_record and token_record[field]:
                    token_record[field] = token_record[field].isoformat()
-            
+
            tokens.append(token_record)
-        
+
        return tokens
-    
+
    async def is_token_valid(self, token: str) -> bool:
        """Check if token is valid and active"""
-        # Check if token exists and is active in database
        token_record = await self.tokens_collection.find_one({
            "token": token,
            "active": True
        })
-        
+
        if not token_record:
            return False
-        
-        # Verify JWT signature and expiration
+
        decoded = self.decode_token(token)
        return decoded is not None and "error" not in decoded
-    
+
    async def get_token_permissions(self, token: str) -> Optional[Dict[str, Any]]:
        """Get permissions for a valid token"""
        if await self.is_token_valid(token):
            return self.decode_token(token)
        return None
-    
+
    async def cleanup_expired_tokens(self) -> int:
        """Remove expired tokens from database"""
-        now = datetime.utcnow()
-        
+        now = datetime.now()
+
        # Delete tokens that have expired
        result = await self.tokens_collection.delete_many({
            "expires_at": {"$lt": now}
        })
-        
-        return result.deleted_count
+
+        return result.deleted_count