75 lines
2.4 KiB
Python
Raw Normal View History

2023-10-11 23:45:12 +02:00
from datetime import datetime, timedelta
from typing import Annotated
2023-10-13 21:44:30 +02:00
from pymongo import MongoClient
2023-10-11 23:45:12 +02:00
from fastapi import Depends, HTTPException, status
from fastapi.security import OAuth2PasswordBearer
from jose import JWTError, jwt
from passlib.context import CryptContext
from ..models import users, token
2023-10-20 22:26:48 +02:00
from ..dependencies import database, cookie
2023-10-11 23:45:12 +02:00
SECRET_KEY = "09d25e094faa6ca2556c818166b7a9563b93f7099f6f0f4caa6cf63b88e8d3e7"
ALGORITHM = "HS256"
2023-10-13 17:54:46 +02:00
2023-10-11 23:45:12 +02:00
pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
2023-10-20 22:26:48 +02:00
oauth2_scheme = cookie.OAuth2PasswordBearerWithCookie(tokenUrl="token")
2023-10-11 23:45:12 +02:00
def verify_password(plain_password, hashed_password):
return pwd_context.verify(plain_password, hashed_password)
def get_password_hash(password):
return pwd_context.hash(password)
2023-10-13 22:35:04 +02:00
def get_user(username: str):
user_repository = users.UserRepository(database=database.database)
user = user_repository.find_one_by({'username': username})
return user
2023-10-11 23:45:12 +02:00
2023-10-13 22:35:04 +02:00
def authenticate_user(username: str, password: str):
user = get_user(username)
2023-10-11 23:45:12 +02:00
if not user:
return False
if not verify_password(password, user.password):
return False
return user
def create_access_token(data: dict, expires_delta: timedelta | None = None):
to_encode = data.copy()
if expires_delta:
expire = datetime.utcnow() + expires_delta
else:
expire = datetime.utcnow() + timedelta(minutes=15)
to_encode.update({"exp": expire})
encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
return encoded_jwt
2023-10-12 23:15:26 +02:00
async def get_current_user(token_str: Annotated[str, Depends(oauth2_scheme)]):
2023-10-11 23:45:12 +02:00
credentials_exception = HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Could not validate credentials",
headers={"WWW-Authenticate": "Bearer"},
)
try:
2023-10-12 23:15:26 +02:00
payload = jwt.decode(token_str, SECRET_KEY, algorithms=[ALGORITHM])
2023-10-11 23:45:12 +02:00
username: str = payload.get("sub")
if username is None:
raise credentials_exception
2023-10-12 23:15:26 +02:00
token_data = token.TokenData(username=username)
2023-10-11 23:45:12 +02:00
except JWTError:
raise credentials_exception
2023-10-13 22:35:04 +02:00
user = get_user(token_data.username)
2023-10-11 23:45:12 +02:00
if user is None:
raise credentials_exception
return user
2023-10-12 00:14:50 +02:00
async def get_current_active_user(
current_user: Annotated[users.User, Depends(get_current_user)]
):
if current_user.disabled:
raise HTTPException(status_code=400, detail="Inactive user")
return current_user