add auth endpoints
This commit is contained in:
parent
b82397e6a3
commit
bbea29fc89
|
@ -1,8 +1,9 @@
|
||||||
from fastapi import APIRouter
|
from fastapi import APIRouter
|
||||||
|
|
||||||
from app.api.api_v1.endpoints import lesson
|
from app.api.api_v1.endpoints import lesson, auth
|
||||||
|
|
||||||
|
|
||||||
api_router = APIRouter()
|
api_router = APIRouter()
|
||||||
|
|
||||||
api_router.include_router(lesson.router, prefix="/lesson", tags=["lessons"])
|
api_router.include_router(lesson.router, prefix="/lesson", tags=["lessons"])
|
||||||
|
api_router.include_router(auth.router, prefix="/auth", tags=["auth"])
|
||||||
|
|
|
@ -0,0 +1,65 @@
|
||||||
|
from typing import Any
|
||||||
|
|
||||||
|
from fastapi import APIRouter, Depends, HTTPException
|
||||||
|
from fastapi.security import OAuth2PasswordRequestForm
|
||||||
|
from sqlalchemy.orm.session import Session
|
||||||
|
|
||||||
|
from app import crud
|
||||||
|
from app import schemas
|
||||||
|
from app.api import deps
|
||||||
|
from app.core.auth import (
|
||||||
|
authenticate,
|
||||||
|
create_access_token,
|
||||||
|
)
|
||||||
|
from app.models.user import User
|
||||||
|
|
||||||
|
router = APIRouter()
|
||||||
|
|
||||||
|
|
||||||
|
@router.post("/login")
|
||||||
|
def login(
|
||||||
|
db: Session = Depends(deps.get_db), form_data: OAuth2PasswordRequestForm = Depends()
|
||||||
|
) -> Any:
|
||||||
|
"""
|
||||||
|
Get the JWT for a user with data from OAuth2 request form body.
|
||||||
|
"""
|
||||||
|
|
||||||
|
user = authenticate(email=form_data.username, password=form_data.password, db=db)
|
||||||
|
if not user:
|
||||||
|
raise HTTPException(status_code=400, detail="Incorrect username or password")
|
||||||
|
|
||||||
|
return {
|
||||||
|
"access_token": create_access_token(sub=user.id),
|
||||||
|
"token_type": "bearer",
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@router.get("/me", response_model=schemas.User)
|
||||||
|
def read_users_me(current_user: User = Depends(deps.get_current_user)):
|
||||||
|
"""
|
||||||
|
Fetch the current logged in user.
|
||||||
|
"""
|
||||||
|
|
||||||
|
user = current_user
|
||||||
|
return user
|
||||||
|
|
||||||
|
|
||||||
|
@router.post("/signup", response_model=schemas.User, status_code=201)
|
||||||
|
def create_user_signup(
|
||||||
|
*,
|
||||||
|
db: Session = Depends(deps.get_db),
|
||||||
|
user_in: schemas.user.UserCreate,
|
||||||
|
) -> Any:
|
||||||
|
"""
|
||||||
|
Create new user without the need to be logged in.
|
||||||
|
"""
|
||||||
|
|
||||||
|
user = db.query(User).filter(User.email == user_in.email).first()
|
||||||
|
if user:
|
||||||
|
raise HTTPException(
|
||||||
|
status_code=400,
|
||||||
|
detail="The user with this email already exists in the system",
|
||||||
|
)
|
||||||
|
user = crud.user.create(db=db, obj_in=user_in)
|
||||||
|
|
||||||
|
return user
|
|
@ -1,6 +1,18 @@
|
||||||
from typing import Generator
|
from typing import Generator, Optional
|
||||||
|
|
||||||
|
from fastapi import Depends, HTTPException, status
|
||||||
|
from jose import jwt, JWTError
|
||||||
|
from pydantic import BaseModel
|
||||||
|
from sqlalchemy.orm.session import Session
|
||||||
|
|
||||||
|
from app.core.auth import oauth2_scheme
|
||||||
|
from app.core.config import settings
|
||||||
from app.db.session import SessionLocal
|
from app.db.session import SessionLocal
|
||||||
|
from app.models.user import User
|
||||||
|
|
||||||
|
|
||||||
|
class TokenData(BaseModel):
|
||||||
|
username: Optional[str] = None
|
||||||
|
|
||||||
|
|
||||||
def get_db() -> Generator:
|
def get_db() -> Generator:
|
||||||
|
@ -10,3 +22,31 @@ def get_db() -> Generator:
|
||||||
yield db
|
yield db
|
||||||
finally:
|
finally:
|
||||||
db.close()
|
db.close()
|
||||||
|
|
||||||
|
|
||||||
|
async def get_current_user(
|
||||||
|
db: Session = Depends(get_db), token: str = Depends(oauth2_scheme)
|
||||||
|
) -> User:
|
||||||
|
credentials_exception = HTTPException(
|
||||||
|
status_code=status.HTTP_401_UNAUTHORIZED,
|
||||||
|
detail="Could not validate credentials",
|
||||||
|
headers={"WWW-Authenticate": "Bearer"},
|
||||||
|
)
|
||||||
|
try:
|
||||||
|
payload = jwt.decode(
|
||||||
|
token,
|
||||||
|
settings.JWT_SECRET,
|
||||||
|
algorithms=[settings.ALGORITHM],
|
||||||
|
options={"verify_aud": False},
|
||||||
|
)
|
||||||
|
username: str = payload.get("sub")
|
||||||
|
if username is None:
|
||||||
|
raise credentials_exception
|
||||||
|
token_data = TokenData(username=username)
|
||||||
|
except JWTError:
|
||||||
|
raise credentials_exception
|
||||||
|
|
||||||
|
user = db.query(User).filter(User.id == token_data.username).first()
|
||||||
|
if user is None:
|
||||||
|
raise credentials_exception
|
||||||
|
return user
|
||||||
|
|
Loading…
Reference in New Issue