Compare commits
2 Commits
3dc36a2f25
...
4e47ce80fd
| Author | SHA1 | Date | |
|---|---|---|---|
|
4e47ce80fd | ||
|
|
f4e46bef22 |
@@ -37,7 +37,7 @@ async def get_current_user(
|
|||||||
user = TokenData(**payload)
|
user = TokenData(**payload)
|
||||||
if check_active and not user.is_active:
|
if check_active and not user.is_active:
|
||||||
raise HTTPException(status_code=400, detail="Inactive user")
|
raise HTTPException(status_code=400, detail="Inactive user")
|
||||||
except InvalidTokenError:
|
except (InvalidTokenError, AttributeError):
|
||||||
raise credentials_exception
|
raise credentials_exception
|
||||||
return user
|
return user
|
||||||
|
|
||||||
|
|||||||
@@ -29,14 +29,16 @@ async def login(
|
|||||||
response: Response,
|
response: Response,
|
||||||
fingerprint: str = Form(),
|
fingerprint: str = Form(),
|
||||||
):
|
):
|
||||||
result = await AuthService(session).login(credential.username, credential.password, fingerprint=fingerprint)
|
result = await AuthService(session).login(
|
||||||
|
credential.username, credential.password, fingerprint=fingerprint
|
||||||
|
)
|
||||||
response.set_cookie(
|
response.set_cookie(
|
||||||
key="refresh_token",
|
key="refresh_token",
|
||||||
value=result["refresh_token"],
|
value=result["refresh_token"],
|
||||||
httponly=True,
|
httponly=True,
|
||||||
samesite="lax",
|
samesite="lax",
|
||||||
path=settings.api.v1.auth,
|
path=settings.api.v1_login_url,
|
||||||
max_age=60 * 60 * 24 * settings.refresh_token.expire_days,
|
max_age=60 * 60 * 24 * 7,
|
||||||
)
|
)
|
||||||
return result
|
return result
|
||||||
|
|
||||||
@@ -46,18 +48,20 @@ async def refresh(
|
|||||||
session: sessionDep,
|
session: sessionDep,
|
||||||
current_user: RefreshUser,
|
current_user: RefreshUser,
|
||||||
response: Response,
|
response: Response,
|
||||||
fingerprint: str = Body(),
|
fingerprint: Annotated[str, Body(embed=True)],
|
||||||
refresh_token: Annotated[str | None, Cookie(name="refresh_token")] = None,
|
refresh_token: Annotated[str | None, Cookie(name="refresh_token")] = None,
|
||||||
):
|
):
|
||||||
if refresh_token is None:
|
if refresh_token is None:
|
||||||
raise HTTPException(status_code=401, detail="No refresh token")
|
raise HTTPException(status_code=401, detail="No refresh token")
|
||||||
result = await AuthService(session).refresh_tokens(refresh_token, current_user, fingerprint)
|
result = await AuthService(session).refresh_tokens(
|
||||||
|
refresh_token, current_user, fingerprint
|
||||||
|
)
|
||||||
response.set_cookie(
|
response.set_cookie(
|
||||||
key="refresh_token",
|
key="refresh_token",
|
||||||
value=result["refresh_token"],
|
value=result["refresh_token"],
|
||||||
httponly=True,
|
httponly=True,
|
||||||
samesite="lax",
|
samesite="lax",
|
||||||
path=settings.api.v1.auth,
|
path=settings.api.v1_login_url,
|
||||||
max_age=60 * 60 * 24 * settings.refresh_token.expire_days,
|
max_age=60 * 60 * 24 * settings.refresh_token.expire_days,
|
||||||
)
|
)
|
||||||
return result
|
return result
|
||||||
|
|||||||
@@ -6,7 +6,7 @@ from sqlalchemy.orm import DeclarativeBase, Mapped, mapped_column
|
|||||||
|
|
||||||
from src.core.settings import settings
|
from src.core.settings import settings
|
||||||
|
|
||||||
engine = create_async_engine(settings.db.url, echo=True)
|
engine = create_async_engine(settings.db.url, echo=settings.db.echo)
|
||||||
|
|
||||||
|
|
||||||
@event.listens_for(engine.sync_engine, "connect")
|
@event.listens_for(engine.sync_engine, "connect")
|
||||||
|
|||||||
@@ -28,6 +28,7 @@ class ApiPrefix(BaseModel):
|
|||||||
|
|
||||||
class DbSettings(BaseModel):
|
class DbSettings(BaseModel):
|
||||||
url: str = f"sqlite+aiosqlite:///{DB_PATH}"
|
url: str = f"sqlite+aiosqlite:///{DB_PATH}"
|
||||||
|
echo: bool = False
|
||||||
|
|
||||||
|
|
||||||
class AccessToken(BaseModel):
|
class AccessToken(BaseModel):
|
||||||
|
|||||||
@@ -19,6 +19,20 @@ class AuthService(BaseService):
|
|||||||
await self.session.commit()
|
await self.session.commit()
|
||||||
return User.model_validate(result)
|
return User.model_validate(result)
|
||||||
|
|
||||||
|
async def _tokens_create(self, user_data: TokenData, fingerprint: str):
|
||||||
|
access_token = AuthManager.create_access_token(user_data.model_dump())
|
||||||
|
refresh_token = AuthManager.create_refresh_token()
|
||||||
|
await self.session.auth.create_one({
|
||||||
|
"token": refresh_token,
|
||||||
|
"user_id": user_data.id,
|
||||||
|
"fingerprint": fingerprint
|
||||||
|
})
|
||||||
|
return {
|
||||||
|
"access_token": access_token,
|
||||||
|
"token_type": settings.access_token.token_type,
|
||||||
|
"refresh_token": refresh_token,
|
||||||
|
}
|
||||||
|
|
||||||
async def login(self, username: str, password: str, fingerprint: str) -> dict:
|
async def login(self, username: str, password: str, fingerprint: str) -> dict:
|
||||||
result = await self.session.user.get_one_or_none(username=username)
|
result = await self.session.user.get_one_or_none(username=username)
|
||||||
if result is None:
|
if result is None:
|
||||||
@@ -36,39 +50,20 @@ class AuthService(BaseService):
|
|||||||
status_code=401,
|
status_code=401,
|
||||||
detail="Incorrect username or password",
|
detail="Incorrect username or password",
|
||||||
)
|
)
|
||||||
access_token = AuthManager.create_access_token(token_data.model_dump())
|
tokens = await self._tokens_create(token_data, fingerprint)
|
||||||
refresh_token = AuthManager.create_refresh_token()
|
|
||||||
await self.session.auth.create_one({
|
|
||||||
"token": refresh_token,
|
|
||||||
"user_id": user.id,
|
|
||||||
"fingerprint": fingerprint
|
|
||||||
})
|
|
||||||
await self.session.commit()
|
|
||||||
return {
|
|
||||||
"access_token": access_token,
|
|
||||||
"token_type": settings.access_token.token_type,
|
|
||||||
"refresh_token": refresh_token,
|
|
||||||
}
|
|
||||||
|
|
||||||
async def delete_token(self, token: str) -> None:
|
|
||||||
await self.session.auth.delete_one(token=token)
|
|
||||||
await self.session.commit()
|
await self.session.commit()
|
||||||
|
print(tokens)
|
||||||
|
return tokens
|
||||||
|
|
||||||
async def refresh_tokens(self, refresh_token: str, user_data: TokenData, fingerprint: str) -> dict:
|
async def refresh_tokens(self, refresh_token: str, user_data: TokenData, fingerprint: str) -> dict:
|
||||||
token_record = await self.session.auth.get_one_or_none(token=refresh_token)
|
token_record = await self.session.auth.get_one_or_none(token=refresh_token)
|
||||||
if not token_record or token_record.user_id != user_data.id:
|
if not token_record or token_record.user_id != user_data.id:
|
||||||
raise HTTPException(status_code=401, detail="Invalid refresh token")
|
raise HTTPException(status_code=401, detail="Invalid refresh token")
|
||||||
new_access_token = AuthManager.create_access_token(user_data.model_dump())
|
token = await self._tokens_create(user_data, fingerprint)
|
||||||
new_refresh_token = AuthManager.create_refresh_token()
|
|
||||||
await self.session.auth.delete_one(token=refresh_token)
|
await self.session.auth.delete_one(token=refresh_token)
|
||||||
await self.session.auth.create_one({
|
|
||||||
"token": new_refresh_token,
|
|
||||||
"user_id": user_data.id,
|
|
||||||
"fingerprint": fingerprint
|
|
||||||
})
|
|
||||||
await self.session.commit()
|
await self.session.commit()
|
||||||
return {
|
return token
|
||||||
"access_token": new_access_token,
|
|
||||||
"token_type": settings.access_token.token_type,
|
async def delete_token(self, token: str) -> None:
|
||||||
"refresh_token": new_refresh_token,
|
await self.session.auth.delete_one(token=token)
|
||||||
}
|
await self.session.commit()
|
||||||
|
|||||||
Reference in New Issue
Block a user