fix: remove granted_at from login token

api/controllers/web/passport.py

@@ -168,6 +168,8 @@ def exchange_token_for_existing_web_user(app_code: str, enterprise_user_decoded:
         "app_code": site.code,
         "user_id": user_id,
         "end_user_id": end_user.id,
+        "auth_type": auth_type,
+        "granted_at": int(datetime.now(UTC).timestamp()),
         "token_source": "webapp",
         "exp": exp,
     }

api/services/webapp_auth_service.py

@@ -1,6 +1,5 @@
 import random
 from datetime import UTC, datetime, timedelta
-from time import time
 from typing import Any, Optional, cast
 
 from werkzeug.exceptions import NotFound, Unauthorized
@@ -114,7 +113,6 @@ class WebAppAuthService:
             "session_id": account.email,
             "token_source": "webapp_login_token",
             "auth_type": "internal",
-            "granted_at": int(time()),
             "exp": exp,
         }