토큰이 제대로 만료되지 않는 문제 fix

wafflestudio · Jan 8, 2025 · 0e40d00 · 0e40d00
1 parent cc34762
commit 0e40d00
Showing 1 changed file with 7 additions and 7 deletions.
diff --git a/snuvote/app/user/service.py b/snuvote/app/user/service.py
@@ -6,7 +6,7 @@
 from snuvote.app.user.errors import InvalidUsernameOrPasswordError, NotAccessTokenError, NotRefreshTokenError, InvalidTokenError, ExpiredTokenError, BlockedRefreshTokenError
 
 import jwt
-from datetime import datetime, timedelta
+from datetime import datetime, timedelta, timezone
 from enum import Enum
 from uuid import uuid4
 from dotenv import load_dotenv
@@ -36,15 +36,15 @@ def get_user_by_userid(self, userid: str) -> User | None:
     def issue_tokens(self, userid: str) -> tuple[str, str]:
         access_payload = {
             "sub": userid, # 추후 성능 개선을 위해 payload에 단과대 등 추가
-            "exp": datetime.now() + timedelta(hours=1),
+            "exp": datetime.now(timezone.utc) + timedelta(hours=1),
             "typ": TokenType.ACCESS.value, # "typ": "access"
         }
         access_token = jwt.encode(access_payload, SECRET, algorithm="HS256")
 
         refresh_payload = {
             "sub": userid,
             "jti": uuid4().hex, # 토큰의 고유 ID 생성 -> BlockedRefreshToken.token_id로 사용
-            "exp": datetime.now() + timedelta(days=7),
+            "exp": datetime.now(timezone.utc) + timedelta(days=7),
             "typ": TokenType.REFRESH.value, # "typ": "refresh"
         }
         refresh_token = jwt.encode(refresh_payload, SECRET, algorithm="HS256")
@@ -69,10 +69,10 @@ def validate_access_token(self, token: str) -> str:
             if payload["typ"] != TokenType.ACCESS.value: # payload["typ"]  != "access"
                 raise NotAccessTokenError()
             return payload["sub"]
-        except jwt.InvalidTokenError:
-            raise InvalidTokenError()
         except jwt.ExpiredSignatureError:
             raise ExpiredTokenError()
+        except jwt.InvalidTokenError:
+            raise InvalidTokenError()
 
 
     #리프레쉬토큰 검증
@@ -87,10 +87,10 @@ def validate_refresh_token(self, token: str) -> str:
                 algorithms=["HS256"],
                 options={"require": ["sub"]},
             )
-        except jwt.InvalidTokenError:
-            raise InvalidTokenError()
         except jwt.ExpiredSignatureError:
             raise ExpiredTokenError()
+        except jwt.InvalidTokenError:
+            raise InvalidTokenError()
         if payload["typ"] != TokenType.REFRESH.value:
             raise NotRefreshTokenError()
         if self.user_store.is_refresh_token_blocked(payload["jti"]):