gitark/taskncoffee
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

new refresh dep add refresh endpoint

Browse Source
This commit is contained in:
IluaAir
2025-09-21 14:59:26 +03:00
parent c3bfb9cb6a
commit 42b8c3a2c9
12 changed files with 125 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
src/api/dependacies/user_dep.py
View File

@@ -1,7 +1,7 @@
from typing import Annotated
from fastapi import Depends, HTTPException, Path
from fastapi.security import OAuth2PasswordBearer
from fastapi.security import HTTPBearer, OAuth2PasswordBearer
from jwt import InvalidTokenError
from src.api.dependacies.db_dep import sessionDep
@@ -11,37 +11,46 @@ from src.schemas.auth import TokenData
from src.services.tasks import TaskService
from src.services.users import UserService
http_bearer = HTTPBearer(auto_error=False)
oauth2_scheme = OAuth2PasswordBearer(tokenUrl=f"{settings.api.v1_login_url}/login")
AccessTokenDep = Annotated[str, Depends(oauth2_scheme)]
async def get_current_user(token: Annotated[str, Depends(oauth2_scheme)]):
async def get_current_user(
token: AccessTokenDep, verify_exp: bool = True, check_active: bool = False
):
credentials_exception = HTTPException(
status_code=401,
detail="Could not validate credentials",
headers={"WWW-Authenticate": "Bearer"},
)
try:
payload = AuthManager.decode_access_token(token=token)
payload = AuthManager.decode_access_token(token, verify_exp)
if payload is None:
raise credentials_exception
user = TokenData(**payload)
if check_active and not user.is_active:
raise HTTPException(status_code=400, detail="Inactive user")
except InvalidTokenError:
raise credentials_exception
return user
CurrentUser = Annotated[TokenData, Depends(get_current_user)]
async def get_current_user_basic(token: AccessTokenDep):
return await get_current_user(token, verify_exp=True, check_active=False)
def get_current_active_user(
current_user: CurrentUser,
):
if not current_user.is_active:
raise HTTPException(status_code=400, detail="Inactive user")
return current_user
async def get_current_active_user(token: AccessTokenDep):
return await get_current_user(token, verify_exp=True, check_active=True)
async def get_current_user_for_refresh(token: AccessTokenDep):
return await get_current_user(token, verify_exp=False, check_active=True)
CurrentUser = Annotated[TokenData, Depends(get_current_user_basic)]
ActiveUser = Annotated[TokenData, Depends(get_current_active_user)]
RefreshUser = Annotated[TokenData, Depends(get_current_user_for_refresh)]
async def get_admin_user(db: sessionDep, current_user: ActiveUser):

60
src/api/v1/auth.py
View File

@@ -1,16 +1,19 @@
from typing import Annotated
from fastapi import APIRouter, Depends, Response
from fastapi import APIRouter, Cookie, Depends, HTTPException, Response
from fastapi.security import OAuth2PasswordRequestForm
from src.api.dependacies.db_dep import sessionDep
from src.api.dependacies.user_dep import ActiveUser
from src.api.dependacies.user_dep import ActiveUser, RefreshUser, http_bearer
from src.core.settings import settings
from src.schemas.auth import Token
from src.schemas.users import UserRequestADD
from src.services.auth import AuthService
from src.services.users import UserService
router = APIRouter(prefix=settings.api.v1.auth, tags=["Auth"])
router = APIRouter(
prefix=settings.api.v1.auth, tags=["Auth"], dependencies=[Depends(http_bearer)]
)
@router.post(path="/signup")
@@ -23,28 +26,55 @@ async def registration(session: sessionDep, credential: UserRequestADD):
async def login(
session: sessionDep,
credential: Annotated[OAuth2PasswordRequestForm, Depends()],
response: Response
response: Response,
):
result = await AuthService(session).login(
credential.username, credential.password
)
result = await AuthService(session).login(credential.username, credential.password)
response.set_cookie(
key="refresh_token",
value=result["refresh_token"],
httponly=True,
samesite='lax',
samesite="lax",
path=settings.api.v1.auth,
max_age=60 * 60 * 24 * 7
max_age=60 * 60 * 24 * 7,
)
return result
@router.post(path="/refresh")
async def refresh(user: ActiveUser, response: Response):
print(response)
@router.post(path="/refresh", response_model=Token)
async def refresh(
session: sessionDep,
response: Response,
current_user: RefreshUser,
refresh_token: Annotated[str | None, Cookie(name="refresh_token")] = None,
):
if refresh_token is None:
raise HTTPException(status_code=401, detail="No refresh token")
result = await AuthService(session).refresh_tokens(refresh_token, current_user)
response.set_cookie(
key="refresh_token",
value=result["refresh_token"],
httponly=True,
samesite="lax",
path=settings.api.v1.auth,
max_age=60 * 60 * 24 * 7,
)
return result
@router.post(path='/logout')
async def logout(response: Response):
@router.get("/me")
async def get_me(session: sessionDep, user: ActiveUser):
cur_user = await UserService(session).get_user_by_filter_or_raise(id=user.id)
return cur_user
@router.post(path="/logout")
async def logout(
session: sessionDep,
response: Response,
refresh_token: Annotated[str | None, Cookie(name="refresh_token")] = None,
):
if refresh_token is None:
raise HTTPException(status_code=401, detail="No refresh token")
await AuthService(session).delete_token(token=refresh_token)
response.delete_cookie(key="refresh_token")
return {'status': 'ok'}
return {"status": "ok"}

7
src/api/v1/users.py
View File

@@ -2,7 +2,6 @@ from fastapi import APIRouter, Body
from src.api.dependacies.db_dep import sessionDep
from src.api.dependacies.user_dep import (
ActiveUser,
AdminUser,
OwnerDep,
)
@@ -13,12 +12,6 @@ from src.services.users import UserService
router = APIRouter(prefix=settings.api.v1.users, tags=["Users"])
@router.get("/me")
async def get_me(session: sessionDep, user: ActiveUser):
cur_user = await UserService(session).get_user_by_filter_or_raise(id=user.id)
return cur_user
@router.get("/")
async def get_all_users(session: sessionDep, _: AdminUser):
users = await UserService(session).get_all_users()