Files
api/utils/jwt_utils.py
2025-10-02 10:45:30 -04:00

20 lines
538 B
Python

from jose import jwt, JWTError
from ..auth.key_store import get_key_by_kid
JWT_ALGORITHM = "HS256"
def decode_jwt(token: str) -> dict | None:
"""Decode a JWT token using the existing key management system."""
try:
headers = jwt.get_unverified_header(token)
kid = headers.get("kid")
if not kid:
return None
key = get_key_by_kid(kid)
if not key:
return None
return jwt.decode(token, key, algorithms=[JWT_ALGORITHM])
except JWTError:
return None