relax config type check on JWT_*_TOKEN_EXPIRES

abathur · abathur · commit a5a425fec9ea · 2019-03-01T20:28:24.000-06:00
Instead of requiring JWT_ACCESS_TOKEN_EXPIRES and JWT_REFRESH_TOKEN_EXPIRES to be of type `datetime.timedelta` or `False`, checks in config.py support any value that can be successfully added to a `datetime.datetime` object. Closes #214.
diff --git a/docs/options.rst b/docs/options.rst
@@ -20,10 +20,14 @@ General Options:
                                   in a sequence or a set to check more then one location, such as:
                                   ``('headers', 'cookies')``. Defaults to ``['headers']``
 ``JWT_ACCESS_TOKEN_EXPIRES``      How long an access token should live before it expires. This
-                                  takes a ``datetime.timedelta`` or an ``int`` (seconds), and defaults to 15 minutes.
+                                  takes any value that can be safely added to a ``datetime.datetime`` object, including
+                                  ``datetime.timedelta``, `dateutil.relativedelta <https://dateutil.readthedocs.io/en/stable/relativedelta.html>`_,
+                                  or an ``int`` (seconds), and defaults to 15 minutes.
                                   Can be set to ``False`` to disable expiration.
 ``JWT_REFRESH_TOKEN_EXPIRES``     How long a refresh token should live before it expires. This
-                                  takes a ``datetime.timedelta`` or ``int`` (seconds), and defaults to 30 days.
+                                  takes any value that can be safely added to a ``datetime.datetime`` object, including
+                                  ``datetime.timedelta``, `dateutil.relativedelta <https://dateutil.readthedocs.io/en/stable/relativedelta.html>`_,
+                                  or an ``int`` (seconds), and defaults to 30 days.
                                   Can be set to ``False`` to disable expiration.
 ``JWT_ALGORITHM``                 Which algorithm to sign the JWT with. `See here <https://pyjwt.readthedocs.io/en/latest/algorithms.html>`_
                                   for the options. Defaults to ``'HS256'``.
diff --git a/flask_jwt_extended/config.py b/flask_jwt_extended/config.py
@@ -1,5 +1,6 @@
 import datetime
 from warnings import warn
+from six import raise_from
 
 # In Python 2.7 collections.abc is a part of the collections module.
 try:
@@ -188,21 +189,29 @@ def access_expires(self):
         delta = current_app.config['JWT_ACCESS_TOKEN_EXPIRES']
         if type(delta) is int:
             delta = datetime.timedelta(seconds=delta)
-        if not isinstance(delta, datetime.timedelta) and delta is not False:
-            err = 'JWT_ACCESS_TOKEN_EXPIRES must be a ' \
-                  'datetime.timedelta, int or False'
-            raise RuntimeError(err)
+        if delta is not False:
+            try:
+                delta + datetime.datetime.now()
+            except TypeError as e:
+                err = (
+                    "must be able to add JWT_ACCESS_TOKEN_EXPIRES to datetime.datetime"
+                )
+                raise_from(RuntimeError(err), e)
         return delta
 
     @property
     def refresh_expires(self):
         delta = current_app.config['JWT_REFRESH_TOKEN_EXPIRES']
         if type(delta) is int:
             delta = datetime.timedelta(seconds=delta)
-        if not isinstance(delta, datetime.timedelta) and delta is not False:
-            err = 'JWT_REFRESH_TOKEN_EXPIRES must be a ' \
-                  'datetime.timedelta, int or False'
-            raise RuntimeError(err)
+        if delta is not False:
+            try:
+                delta + datetime.datetime.now()
+            except TypeError as e:
+                err = (
+                    "must be able to add JWT_REFRESH_TOKEN_EXPIRES to datetime.datetime"
+                )
+                raise_from(RuntimeError(err), e)
         return delta
 
     @property
