[identity] Verify nonce expiration and set TTL to 120s
Summary:
Addresses ENG-6630.
- Set nonce expiration to 120s, according to the whitepaper
- In LogInWalletUser RPC call, verify that nonce is not expired, instead of only relying on DynamoDB TTL
Test Plan:
- Called GenerateNonce RPC
- Called LogInWalletUser RPC (temporarily modified to omit SIWE verification, siwe_message = nonce) with the generated nonce after 2 minutes. The call failed with "nonce expired".
Reviewers: varun, ashoat
Reviewed By: varun, ashoat
Subscribers: tomek
Differential Revision: https://phab.comm.dev/D10885