fix: Update token refresh error message

TomBursch · Feb 21, 2024 · 83cf559 · 83cf559
1 parent 735d574
commit 83cf559
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 5 deletions.
diff --git a/backend/app/controller/analytics/analytics_controller.py b/backend/app/controller/analytics/analytics_controller.py
@@ -2,7 +2,7 @@
 import os
 from app.helpers import server_admin_required
 from app.models import User, Token, Household, OIDCLink
-from app.config import JWT_REFRESH_TOKEN_EXPIRES, UPLOAD_FOLDER
+from app.config import JWT_REFRESH_TOKEN_EXPIRES, JWT_ACCESS_TOKEN_EXPIRES, UPLOAD_FOLDER
 from app import db
 from flask import jsonify, Blueprint
 from flask_jwt_extended import jwt_required
@@ -26,7 +26,7 @@ def getBaseAnalytics():
                 .group_by(Token.user_id)
                 .count(),
                 "online": db.session.query(Token.user_id)
-                .filter(Token.type == "access")
+                .filter(Token.type == "access", Token.created_at >= datetime.utcnow() - JWT_ACCESS_TOKEN_EXPIRES)
                 .group_by(Token.user_id)
                 .count(),
                 "old": User.query.filter(

diff --git a/backend/app/controller/auth/auth_controller.py b/backend/app/controller/auth/auth_controller.py
@@ -113,7 +113,13 @@ def signup(args):
         # Create first access token
         accesssToken, _ = Token.create_access_token(user, refreshModel)
 
-        return jsonify({"access_token": accesssToken, "refresh_token": refreshToken})
+        return jsonify(
+            {
+                "access_token": accesssToken,
+                "refresh_token": refreshToken,
+                "user": user.obj_to_dict(),
+            }
+        )
 
 
 @auth.route("/refresh", methods=["GET"])
@@ -122,7 +128,7 @@ def refresh():
     user = current_user
     if not user:
         raise UnauthorizedRequest(
-            message="Unauthorized: IP {} refresh attemp with wrong username or password".format(
+            message="Unauthorized: IP {} refresh could not get current user".format(
                 request.remote_addr
             )
         )
@@ -136,7 +142,13 @@ def refresh():
     # Create access token
     accesssToken, _ = Token.create_access_token(user, refreshModel)
 
-    return jsonify({"access_token": accesssToken, "refresh_token": refreshToken})
+    return jsonify(
+        {
+            "access_token": accesssToken,
+            "refresh_token": refreshToken,
+            "user": user.obj_to_dict(),
+        }
+    )
 
 
 @auth.route("", methods=["DELETE"])