1  from datetime import datetime, timedelta
 2  from typing import Any
 3  
 4  import jwt
 5  
 6  from ..settings import settings
 7  
 8  
 9  def encode_jwt(data: dict[Any, Any], ttl: timedelta) -> str:
10      return jwt.encode({**data, "exp": datetime.utcnow() + ttl}, settings.jwt_secret, "HS256")
11  
12  
13  def decode_jwt(
14      token: str, *, require: list[str] | None = None, audience: list[str] | None = None
15  ) -> dict[Any, Any] | None:
16      try:
17          return jwt.decode(
18              token,
19              settings.jwt_secret,
20              ["HS256"],
21              audience=audience,
22              options={"require": [*{*(require or []), "exp"}], "verify_aud": bool(audience)},
23          )
24      except jwt.InvalidTokenError:
25          return None