Fixes #1021: Corrected evaluation of API token expiration time

netbox/users/models.py

@@ -39,6 +39,6 @@ class Token(models.Model):
 
     @property
     def is_expired(self):
-        if self.expires is not None and timezone.now() > self.expires:
-            return True
-        return False
+        if self.expires is None or timezone.now() < self.expires:
+            return False
+        return True

netbox/utilities/api.py

@@ -30,7 +30,7 @@ class TokenAuthentication(authentication.TokenAuthentication):
             raise exceptions.AuthenticationFailed("Invalid token")
 
         # Enforce the Token's expiration time, if one has been set.
-        if token.expires and not token.is_expired:
+        if token.is_expired:
             raise exceptions.AuthenticationFailed("Token expired")
 
         if not token.user.is_active: