Página Principal Explorar Ajuda
Registe-se Iniciar Sessão
wxcz_admin
/
flowsint-cn-git
1
0
Fork 0
Ficheiros Problemas 0 Pull Requests 0 Wiki
Árvore: 0916905e31
Ramos Etiquetas
flowsint-cn-git
/
flowsint-api
/
app
/
api
/
deps.py

deps.py 2.3 KB
Histórico Em bruto

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970 
  1. from fastapi import Depends, HTTPException, status, Request
    2. 

  2. from fastapi.security import OAuth2PasswordBearer
    3. 

  3. from jose import JWTError, jwt
    4. 

  4. from sqlalchemy.orm import Session
    5. 

  5. from flowsint_core.core.auth import ALGORITHM, AUTH_SECRET
    6. 

  6. from flowsint_core.core.postgre_db import get_db
    7. 

  7. from flowsint_core.core.models import Profile
    8. 

  8. from typing import Optional
    9. 

  9. 

  10. oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
    11. 

  11. 

  12. 

  13. def get_current_user(
    14. 

  14.     token: str = Depends(oauth2_scheme), db: Session = Depends(get_db)
    15. 

  15. ) -> Profile:
    16. 

  16.     credentials_exception = HTTPException(
    17. 

  17.         status_code=status.HTTP_401_UNAUTHORIZED,
    18. 

  18.         detail="Could not validate credentials",
    19. 

  19.         headers={"WWW-Authenticate": "Bearer"},
    20. 

  20.     )
    21. 

  21.     try:
    22. 

  22.         payload = jwt.decode(token, AUTH_SECRET, algorithms=[ALGORITHM])
    23. 

  23.         email: str = payload.get("sub")
    24. 

  24.         if email is None:
    25. 

  25.             raise credentials_exception
    26. 

  26.     except JWTError:
    27. 

  27.         raise credentials_exception
    28. 

  28.     user = db.query(Profile).filter(Profile.email == email).first()
    29. 

  29.     if user is None:
    30. 

  30.         raise credentials_exception
    31. 

  31.     return user
    32. 

  32. 

  33. 

  34. def get_current_user_sse(
    35. 

  35.     request: Request, db: Session = Depends(get_db)
    36. 

  36. ) -> Profile:
    37. 

  37.     """
    38. 

  38.     Alternative authentication for SSE endpoints that accepts token via query parameter.
    39. 

  39.     EventSource API doesn't support custom headers, so we need to pass the token in the URL.
    40. 

  40.     """
    41. 

  41.     credentials_exception = HTTPException(
    42. 

  42.         status_code=status.HTTP_401_UNAUTHORIZED,
    43. 

  43.         detail="Could not validate credentials",
    44. 

  44.     )
    45. 

  45. 

  46.     # Try to get token from query parameter
    47. 

  47.     token: Optional[str] = request.query_params.get("token")
    48. 

  48. 

  49.     # Fallback to Authorization header if query param not present
    50. 

  50.     if not token:
    51. 

  51.         auth_header = request.headers.get("Authorization")
    52. 

  52.         if auth_header and auth_header.startswith("Bearer "):
    53. 

  53.             token = auth_header.replace("Bearer ", "")
    54. 

  54. 

  55.     if not token:
    56. 

  56.         raise credentials_exception
    57. 

  57. 

  58.     try:
    59. 

  59.         payload = jwt.decode(token, AUTH_SECRET, algorithms=[ALGORITHM])
    60. 

  60.         email: str = payload.get("sub")
    61. 

  61.         if email is None:
    62. 

  62.             raise credentials_exception
    63. 

  63.     except JWTError:
    64. 

  64.         raise credentials_exception
    65. 

  65. 

  66.     user = db.query(Profile).filter(Profile.email == email).first()
    67. 

  67.     if user is None:
    68. 

  68.         raise credentials_exception
    69. 

  69. 

  70.     return user
    71.