From cad9da2b90e7a3dddaaa166caab2ad798abe183e Mon Sep 17 00:00:00 2001
From: Benjamin Bertrand <benjamin.bertrand@esss.se>
Date: Thu, 14 Dec 2017 08:16:52 +0100
Subject: [PATCH] Tokens generated in profile never expire

Those tokens are supposed to be used in scripts or applications to
access the API and should not expire.

Updated to flask-jwt-extended 3.4.0 to be able to disable expiration
See https://github.com/vimalloc/flask-jwt-extended/issues/105
---
 app/templates/users/profile.html | 2 +-
 app/tokens.py                    | 5 ++++-
 app/users/views.py               | 1 +
 environment.yml                  | 2 +-
 4 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/app/templates/users/profile.html b/app/templates/users/profile.html
index 7660716..e921cf1 100644
--- a/app/templates/users/profile.html
+++ b/app/templates/users/profile.html
@@ -59,7 +59,7 @@
         <td>{{ token.description }}</td>
         <td>{{ token.token_type }}</td>
         <td>{{ token.issued_at }}</td>
-        <td>{{ token.expires }}</td>
+        <td>{{ token.expires or 'Never' }}</td>
       </tr>
       {% endfor %}
     </tbody>
diff --git a/app/tokens.py b/app/tokens.py
index 3615d89..ef1650f 100644
--- a/app/tokens.py
+++ b/app/tokens.py
@@ -57,7 +57,10 @@ def save_token(encoded_token, description=None):
     token_type = decoded_token['type']
     user_id = int(decoded_token[identity_claim])
     iat = datetime.fromtimestamp(decoded_token['iat'])
-    expires = datetime.fromtimestamp(decoded_token['exp'])
+    try:
+        expires = datetime.fromtimestamp(decoded_token['exp'])
+    except KeyError:
+        expires = None
     db_token = models.Token(
         jti=jti,
         token_type=token_type,
diff --git a/app/users/views.py b/app/users/views.py
index cc23f31..1ea5679 100644
--- a/app/users/views.py
+++ b/app/users/views.py
@@ -43,6 +43,7 @@ def profile():
     form = TokenForm(request.form)
     if form.validate_on_submit():
         token = tokens.generate_access_token(identity=current_user.id,
+                                             expires_delta=False,
                                              description=form.description.data)
         # Save token to the session to retrieve it after the redirect
         session['generated_token'] = token
diff --git a/environment.yml b/environment.yml
index 0cb0c83..8807e7f 100644
--- a/environment.yml
+++ b/environment.yml
@@ -20,7 +20,6 @@ dependencies:
 - flask=0.12.2=py36_0
 - flask-admin=1.5.0=py36_0
 - flask-debugtoolbar=0.10.1=py36_0
-- flask-jwt-extended=3.3.1=py_0
 - flask-login=0.4.0=py36_0
 - flask-mail=0.9.1=py36_1
 - flask-migrate=2.1.1=py36_0
@@ -74,6 +73,7 @@ dependencies:
   - dominate==2.3.1
   - email-validator==1.0.2
   - git+https://github.com/beenje/flask-bootstrap@4.0.0-beta.1.dev1
+  - flask-jwt-extended==3.4.0
   - flask-ldap3-login==0.9.13
   - flask-redis==0.3.0
   - flask-session==0.3.1
-- 
GitLab