Replace deprecated datetime.utcnow with shared naive-UTC helper

All 29 call sites now use app.timeutil.utcnow(), which returns naive
UTC via the non-deprecated API. Semantics are unchanged on purpose:
every datetime column is TIMESTAMP WITHOUT TIME ZONE, so going aware
here would poison naive/aware comparisons. The TIMESTAMPTZ migration
(Phase 2) now has a single place to change. (BE-01)

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
Carlos Escalante
2026-06-09 19:46:54 -06:00
parent 0a4c3e9436
commit 996bd437a1
9 changed files with 52 additions and 29 deletions

View File

@@ -12,6 +12,7 @@ from jose import JWTError, jwt
from sqlmodel import Session, select
from app.config import settings
from app.timeutil import utcnow
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/v1/auth/login")
@@ -70,7 +71,7 @@ def verify_admin_credentials(username: str, password: str) -> None:
def create_access_token(subject: str) -> str:
expire = datetime.utcnow() + timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
expire = utcnow() + timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
return jwt.encode({"sub": subject, "exp": expire}, settings.SECRET_KEY, algorithm=ALGORITHM)
@@ -102,7 +103,7 @@ def _validate_token(token: str) -> str:
)
).first()
if api_token:
if api_token.expires_at and api_token.expires_at < datetime.utcnow():
if api_token.expires_at and api_token.expires_at < utcnow():
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Token expired")
return f"api:{api_token.name}"