MCPcopy Index your code
hub / github.com/learnhouse/learnhouse / create_refresh_token

Function create_refresh_token

apps/api/src/security/auth.py:164–186  ·  view source on GitHub ↗

Create a JWT refresh token. Always sets ``exp``, ``iat`` and a random ``jti``. ``iat`` is required for logout/password-change revocation to apply to refresh tokens; ``jti`` enables one-time-use rotation with replay detection.

(data: dict, expires_delta: timedelta | None = None)

Source from the content-addressed store, hash-verified

162
163
164def create_refresh_token(data: dict, expires_delta: timedelta | None = None):
165 """
166 Create a JWT refresh token.
167
168 Always sets ``exp``, ``iat`` and a random ``jti``. ``iat`` is required
169 for logout/password-change revocation to apply to refresh tokens;
170 ``jti`` enables one-time-use rotation with replay detection.
171 """
172 import secrets as _secrets
173 to_encode = data.copy()
174 now = datetime.now(timezone.utc)
175 if expires_delta:
176 expire = now + expires_delta
177 else:
178 expire = now + JWT_REFRESH_TOKEN_EXPIRES
179 to_encode.update({
180 "exp": expire,
181 "iat": now,
182 "type": "refresh",
183 "jti": _secrets.token_urlsafe(16),
184 })
185 encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
186 return encoded_jwt
187
188
189def _get_revocation_redis_client():

Callers 7

consume_magic_link_tokenFunction · 0.90
refreshFunction · 0.90
loginFunction · 0.90
third_party_loginFunction · 0.90

Calls 1

updateMethod · 0.45