Added token expiration endpoint

app/auth.py

@@ -1,12 +1,12 @@
 from datetime import datetime, timedelta, timezone
-from jose import JWTError, jwt
+from jose import JWTError, jwt, ExpiredSignatureError
 from passlib.context import CryptContext
 from app.config import *
 
 settings = Settings()
 SECRET_KEY = settings.jwt_secret
 ALGORITHM="HS256"
-ACCESS_TOKEN_EXPIRE_MINUTES = 10080  # 7 days
+ACCESS_TOKEN_EXPIRE_MINUTES = 1  #10080  # 7 days
 
 pwd_context = CryptContext(schemes=['argon2'], deprecated="auto")
 
@@ -26,5 +26,9 @@ def decode_access_token(token: str):
     try:
         payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
         return payload
+    except ExpiredSignatureError:
+        # Raise explicitly so backend knows token expired
+        raise ExpiredSignatureError("Token Expired")
     except JWTError:
+        # Any other JWT error (invalid signature, tampered, etc.)
         return None

app/get_current_users.py

@@ -3,6 +3,8 @@ from fastapi.security import OAuth2PasswordBearer
 from app.auth import decode_access_token
 from app.config import settings
 from motor.motor_asyncio import AsyncIOMotorClient
+from jose import ExpiredSignatureError
+
 
 oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/auth/login")
 client = AsyncIOMotorClient(settings.mongo_uri)
@@ -10,12 +12,14 @@ db = client[settings.mongo_db_name]
 users = db["Users"]
 
 async def get_current_user(token: str = Depends(oauth2_scheme)):
-    payload = decode_access_token(token)
-    if not payload:
-        raise HTTPException(status_code=401, detail="Invalid Token")
-    
+    try:
+        payload = decode_access_token(token)
+        if not payload:
+            raise HTTPException(status_code=401, detail="Invalid Token")
+    except ExpiredSignatureError:
+        raise HTTPException(status_code=401, detail="Token Expired")
+
     user = await users.find_one({"_id": payload["user_id"]})
     if not user:
         raise HTTPException(status_code=404, detail="User Not Found")
-    
     return user