add fingerprint httpbearer schema

src/api/dependacies/user_dep.py

@@ -1,7 +1,11 @@
 from typing import Annotated
 
 from fastapi import Depends, HTTPException, Path
-from fastapi.security import HTTPBearer, OAuth2PasswordBearer
+from fastapi.security import (
+    HTTPAuthorizationCredentials,
+    HTTPBearer,
+    OAuth2PasswordBearer,
+)
 from jwt import InvalidTokenError
 
 from src.api.dependacies.db_dep import sessionDep
@@ -12,8 +16,10 @@ from src.services.tasks import TaskService
 from src.services.users import UserService
 
 http_bearer = HTTPBearer(auto_error=False)
+
 oauth2_scheme = OAuth2PasswordBearer(tokenUrl=f"{settings.api.v1_login_url}/login")
-AccessTokenDep = Annotated[str, Depends(oauth2_scheme)]
+# AccessTokenDep = Annotated[str, Depends(oauth2_scheme)]
+AccessTokenDep = Annotated[HTTPAuthorizationCredentials, Depends(http_bearer)]
 
 
 async def get_current_user(
@@ -25,7 +31,7 @@ async def get_current_user(
         headers={"WWW-Authenticate": "Bearer"},
     )
     try:
-        payload = AuthManager.decode_access_token(token, verify_exp)
+        payload = AuthManager.decode_access_token(token.credentials, verify_exp)
         if payload is None:
             raise credentials_exception
         user = TokenData(**payload)

src/api/v1/auth.py

@@ -1,6 +1,6 @@
 from typing import Annotated
 
-from fastapi import APIRouter, Cookie, Depends, HTTPException, Response
+from fastapi import APIRouter, Body, Cookie, Depends, Form, HTTPException, Response
 from fastapi.security import OAuth2PasswordRequestForm
 
 from src.api.dependacies.db_dep import sessionDep
@@ -27,15 +27,16 @@ async def login(
     session: sessionDep,
     credential: Annotated[OAuth2PasswordRequestForm, Depends()],
     response: Response,
+    fingerprint: str = Form(),
 ):
-    result = await AuthService(session).login(credential.username, credential.password)
+    result = await AuthService(session).login(credential.username, credential.password, fingerprint=fingerprint)
     response.set_cookie(
         key="refresh_token",
         value=result["refresh_token"],
         httponly=True,
         samesite="lax",
         path=settings.api.v1.auth,
-        max_age=60 * 60 * 24 * 7,
+        max_age=60 * 60 * 24 * settings.refresh_token.expire_days,
     )
     return result
 
@@ -43,20 +44,21 @@ async def login(
 @router.post(path="/refresh", response_model=Token)
 async def refresh(
     session: sessionDep,
-    response: Response,
     current_user: RefreshUser,
+    response: Response,
+    fingerprint: str = Body(),
     refresh_token: Annotated[str | None, Cookie(name="refresh_token")] = None,
 ):
     if refresh_token is None:
         raise HTTPException(status_code=401, detail="No refresh token")
-    result = await AuthService(session).refresh_tokens(refresh_token, current_user)
+    result = await AuthService(session).refresh_tokens(refresh_token, current_user, fingerprint)
     response.set_cookie(
         key="refresh_token",
         value=result["refresh_token"],
         httponly=True,
         samesite="lax",
         path=settings.api.v1.auth,
-        max_age=60 * 60 * 24 * 7,
+        max_age=60 * 60 * 24 * settings.refresh_token.expire_days,
     )
     return result