tshoot

2025-12-17 07:24:34 +01:00 · 2025-09-18 07:54:56 +02:00
parent 994fcdc4bf
commit 8ef0f234e4
4 changed files with 59 additions and 32 deletions
--- a/backend/app/core/security.py
+++ b/backend/app/core/security.py
@@ -51,6 +51,13 @@ def create_access_token(data: Dict[str, Any], expires_delta: Optional[timedelta]
    
    to_encode.update({"exp": expire})
    encoded_jwt = jwt.encode(to_encode, settings.JWT_SECRET, algorithm=settings.JWT_ALGORITHM)
+    
+    # Log token creation details
+    logger.info(f"Created access token for user {data.get('sub')}")
+    logger.info(f"Token expires at: {expire.isoformat()} (UTC)")
+    logger.info(f"Current UTC time: {datetime.utcnow().isoformat()}")
+    logger.info(f"ACCESS_TOKEN_EXPIRE_MINUTES setting: {settings.ACCESS_TOKEN_EXPIRE_MINUTES}")
+    
    return encoded_jwt

 def create_refresh_token(data: Dict[str, Any]) -> str:
@@ -64,10 +71,27 @@ def create_refresh_token(data: Dict[str, Any]) -> str:
 def verify_token(token: str) -> Dict[str, Any]:
    """Verify JWT token and return payload"""
    try:
+        # Log current time before verification
+        current_time = datetime.utcnow()
+        logger.info(f"Verifying token at: {current_time.isoformat()} (UTC)")
+        
+        # Decode without verification first to check expiration
+        try:
+            unverified_payload = jwt.get_unverified_claims(token)
+            exp_timestamp = unverified_payload.get('exp')
+            if exp_timestamp:
+                exp_datetime = datetime.fromtimestamp(exp_timestamp, tz=None)
+                logger.info(f"Token expiration time: {exp_datetime.isoformat()} (UTC)")
+                logger.info(f"Time until expiration: {(exp_datetime - current_time).total_seconds()} seconds")
+        except Exception as decode_error:
+            logger.warning(f"Could not decode token for expiration check: {decode_error}")
+        
        payload = jwt.decode(token, settings.JWT_SECRET, algorithms=[settings.JWT_ALGORITHM])
+        logger.info(f"Token verified successfully for user {payload.get('sub')}")
        return payload
    except JWTError as e:
        logger.warning(f"Token verification failed: {e}")
+        logger.warning(f"Current UTC time: {datetime.utcnow().isoformat()}")
        raise AuthenticationError("Invalid token")

 async def get_current_user(
@@ -76,6 +100,10 @@ async def get_current_user(
 ) -> Dict[str, Any]:
    """Get current user from JWT token"""
    try:
+        # Log server time for debugging clock sync issues
+        server_time = datetime.utcnow()
+        logger.info(f"get_current_user called at: {server_time.isoformat()} (UTC)")
+        
        payload = verify_token(credentials.credentials)
        user_id: str = payload.get("sub")
        if user_id is None: