From f0f061ab46845cde2fa0348159df8ab80c7193dc Mon Sep 17 00:00:00 2001
From: gustavoschaedler <gustavopoa@gmail.com>
Date: Thu, 10 Aug 2023 19:05:11 +0100
Subject: [PATCH] =?UTF-8?q?=F0=9F=94=92=20chore(auth.py):=20increase=20acc?=
 =?UTF-8?q?ess=20token=20expiration=20time=20to=2060=20minutes=20for=20bet?=
 =?UTF-8?q?ter=20user=20experience=20=F0=9F=94=92=20chore(auth.py):=20add?=
 =?UTF-8?q?=20refresh=20token=20functionality=20with=20expiration=20time?=
 =?UTF-8?q?=20of=20180=20minutes=20=F0=9F=94=92=20chore(login.py):=20chang?=
 =?UTF-8?q?e=20token=20endpoint=20URL=20from=20/token=20to=20/login=20for?=
 =?UTF-8?q?=20better=20semantics=20=F0=9F=94=92=20chore(login.py):=20add?=
 =?UTF-8?q?=20refresh=20token=20creation=20to=20login=20endpoint=20to=20pr?=
 =?UTF-8?q?ovide=20a=20refresh=20token=20along=20with=20the=20access=20tok?=
 =?UTF-8?q?en?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/backend/langflow/auth/auth.py             | 22 ++++++++++++++-----
 src/backend/langflow/database/models/token.py |  1 +
 src/backend/langflow/routers/login.py         | 11 ++++++++--
 3 files changed, 27 insertions(+), 7 deletions(-)

diff --git a/src/backend/langflow/auth/auth.py b/src/backend/langflow/auth/auth.py
index 3a7e324c2..067184053 100644
--- a/src/backend/langflow/auth/auth.py
+++ b/src/backend/langflow/auth/auth.py
@@ -6,18 +6,19 @@ from fastapi.security import OAuth2PasswordBearer
 from fastapi import Depends, HTTPException, status
 from datetime import datetime, timedelta, timezone
 
+from langflow.services.utils import get_session
 from langflow.database.models.token import TokenData
 from langflow.database.models.user import get_user, User
-from langflow.services.utils import get_session
 
 
 # TODO: Move to env - Test propose!!!!!
 SECRET_KEY = "698619adad2d916f1f32d264540976964b3c0d3828e0870a65add5800a8cc6b9"
 ALGORITHM = "HS256"
-ACCESS_TOKEN_EXPIRE_MINUTES = 30
+ACCESS_TOKEN_EXPIRE_MINUTES = 60
+REFRESH_TOKEN_EXPIRE_MINUTES = 180
 
 pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
-oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
+oauth2_scheme = OAuth2PasswordBearer(tokenUrl="login")
 
 
 def verify_password(plain_password, hashed_password):
@@ -33,7 +34,18 @@ def create_access_token(data: dict, expires_delta: timedelta = None):  # type: i
     if expires_delta:
         expire = datetime.now(timezone.utc) + expires_delta
     else:
-        expire = datetime.now(timezone.utc) + timedelta(minutes=15)
+        expire = datetime.now(timezone.utc) + timedelta(
+            minutes=ACCESS_TOKEN_EXPIRE_MINUTES
+        )
+    to_encode["exp"] = expire
+    return jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
+
+
+def create_refresh_token(data: dict):
+    to_encode = data.copy()
+    expire = datetime.now(timezone.utc) + timedelta(
+        minutes=REFRESH_TOKEN_EXPIRE_MINUTES
+    )
     to_encode["exp"] = expire
     return jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
 
@@ -47,7 +59,7 @@ def authenticate_user(db: Session, username: str, password: str):
 
 async def get_current_user(
     token: Annotated[str, Depends(oauth2_scheme)], db: Session = Depends(get_session)
-):
+) -> User:
     credentials_exception = HTTPException(
         status_code=status.HTTP_401_UNAUTHORIZED,
         detail="Could not validate credentials",
diff --git a/src/backend/langflow/database/models/token.py b/src/backend/langflow/database/models/token.py
index 080286787..e78743877 100644
--- a/src/backend/langflow/database/models/token.py
+++ b/src/backend/langflow/database/models/token.py
@@ -3,6 +3,7 @@ from pydantic import BaseModel
 
 class Token(BaseModel):
     access_token: str
+    refresh_token: str
     token_type: str
 
 
diff --git a/src/backend/langflow/routers/login.py b/src/backend/langflow/routers/login.py
index 3cb71a82e..8108a2d18 100644
--- a/src/backend/langflow/routers/login.py
+++ b/src/backend/langflow/routers/login.py
@@ -7,6 +7,7 @@ from langflow.auth.auth import (
     ACCESS_TOKEN_EXPIRE_MINUTES,
     authenticate_user,
     create_access_token,
+    create_refresh_token,
 )
 
 from sqlalchemy.orm import Session
@@ -24,10 +25,16 @@ def create_user_token(user: User) -> dict:
         expires_delta=access_token_expires,
     )
 
-    return {"access_token": access_token, "token_type": "bearer"}
+    refresh_token = create_refresh_token(data={"sub": user.username})
+
+    return {
+        "access_token": access_token,
+        "refresh_token": refresh_token,
+        "token_type": "bearer",
+    }
 
 
-@router.post("/token", response_model=Token)
+@router.post("/login", response_model=Token)
 async def login_to_get_access_token(
     form_data: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(get_session)
 ):