CalvinBackup/facefusion
1
0
Fork 0
mirror of https://github.com/facefusion/facefusion.git synced 2026-04-22 09:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix refresh_session does not validate expiry before refreshing (#1071)

Browse Source
This commit is contained in:
Harisreedhar
2026-04-01 12:49:41 +05:30
committed by GitHub
parent e24f1052ac
commit 8446b0e1d4
2 changed files with 24 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
facefusion/apis/endpoints/session.py
+1 -1
View File
@@ -48,7 +48,7 @@ async def refresh_session(request : Request) -> JSONResponse:
body = await request.json()
for session_id, session in session_manager.SESSIONS.items():
if session.get('refresh_token') == body.get('refresh_token'):
if session.get('refresh_token') == body.get('refresh_token') and session_manager.validate_session(session_id):
__session__ = session_manager.create_session()
session_manager.set_session(session_id, __session__)
tests/test_api_session.py
+23
View File
@@ -130,6 +130,29 @@ def test_refresh_session(test_client : TestClient) -> None:
assert refresh_session_response.status_code == 401
create_session_response = test_client.post('/session', json =
{
'client_version': metadata.get('version')
})
create_session_body = create_session_response.json()
session_id = session_manager.find_session_id(create_session_body.get('access_token'))
session : Session = session_manager.get_session(session_id)
session_manager.set_session(session_id,
{
'access_token': session.get('access_token'),
'refresh_token': session.get('refresh_token'),
'created_at': session.get('created_at'),
'expires_at': session.get('expires_at') - timedelta(hours = 1)
})
refresh_session_response = test_client.put('/session', json =
{
'refresh_token': create_session_body.get('refresh_token')
})
assert refresh_session_response.status_code == 401
def test_destroy_session(test_client : TestClient) -> None:
create_session_response = test_client.post('/session', json =