Skip to content

Commit d469f8b

Browse files
na-ka-nana-ka-na
authored
Avoid decoding jwt twice
Currently the Session::authenticate() function (which runs on every request and consumes CPU cycles) is decoding the jwt twice unnecessarily. This small refactor fixes that
1 parent 3731319 commit d469f8b

File tree

1 file changed

+9
-22
lines changed

1 file changed

+9
-22
lines changed

workos/session.py

Lines changed: 9 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -77,20 +77,20 @@ def authenticate(
7777
reason=AuthenticateWithSessionCookieFailureReason.INVALID_SESSION_COOKIE,
7878
)
7979

80-
if not self._is_valid_jwt(session["access_token"]):
80+
try:
81+
signing_key = self.jwks.get_signing_key_from_jwt(session["access_token"])
82+
decoded = jwt.decode(
83+
token,
84+
signing_key.key,
85+
algorithms=self.jwk_algorithms,
86+
options={"verify_aud": False},
87+
)
88+
except jwt.exceptions.InvalidTokenError:
8189
return AuthenticateWithSessionCookieErrorResponse(
8290
authenticated=False,
8391
reason=AuthenticateWithSessionCookieFailureReason.INVALID_JWT,
8492
)
8593

86-
signing_key = self.jwks.get_signing_key_from_jwt(session["access_token"])
87-
decoded = jwt.decode(
88-
session["access_token"],
89-
signing_key.key,
90-
algorithms=self.jwk_algorithms,
91-
options={"verify_aud": False},
92-
)
93-
9494
return AuthenticateWithSessionCookieSuccessResponse(
9595
authenticated=True,
9696
session_id=decoded["sid"],
@@ -128,19 +128,6 @@ def get_logout_url(self, return_to: Optional[str] = None) -> str:
128128
)
129129
return str(result)
130130

131-
def _is_valid_jwt(self, token: str) -> bool:
132-
try:
133-
signing_key = self.jwks.get_signing_key_from_jwt(token)
134-
jwt.decode(
135-
token,
136-
signing_key.key,
137-
algorithms=self.jwk_algorithms,
138-
options={"verify_aud": False},
139-
)
140-
return True
141-
except jwt.exceptions.InvalidTokenError:
142-
return False
143-
144131
@staticmethod
145132
def seal_data(data: Dict[str, Any], key: str) -> str:
146133
fernet = Fernet(key)

0 commit comments

Comments
 (0)