rushilwiz/compass
1
0
Fork 0
mirror of https://github.com/cssgunc/compass.git synced 2025-04-20 18:40:17 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

bearer tokens

Browse Source
This commit is contained in:
Benjamin Lin 2024-10-20 18:31:46 -04:00
parent a563ca2bfa
commit c7f3112ade
5 changed files with 112 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
backend/api/decoder.py Normal file
View File

@ -0,0 +1,48 @@
# token_utils.py
import jwt
from jwt import PyJWTError
from fastapi import HTTPException, status
from workspace.backend.models.user_model import User
from ..services import UserService
SECRET = "SECRET_KEY"
ALGORITHM = "HS256"
def decode_token(token: str) -> User:
try:
payload = jwt.decode(token, SECRET, algorithms=[ALGORITHM])
user_uuid = payload.get("sub")
if user_uuid is None:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Invalid credentials",
headers={"WWW-Authenticate": "Bearer"},
)
user_data = UserService.get_user_by_uuid(user_uuid)
if user_data is None:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="User not found",
headers={"WWW-Authenticate": "Bearer"},
)
user = User(
id=user_data.id,
username=user_data.username,
email=user_data.email,
experience=user_data.experience,
group=user_data.group,
program=user_data.program,
role=user_data.role,
created_at=user_data.created_at,
uuid=user_data.uuid,
)
return user
except PyJWTError:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Invalid or expired token",
headers={"WWW-Authenticate": "Bearer"},
)

33
backend/api/resource.py
View File

@ -1,6 +1,8 @@
from fastapi import APIRouter, Depends from fastapi import APIRouter, Depends, HTTPException, status
from fastapi.security import OAuth2PasswordBearer
from decoder import decode_token
from backend.models.user_model import User from workspace.backend.models.user_model import User
from ..services import ResourceService, UserService from ..services import ResourceService, UserService
from ..models.resource_model import Resource from ..models.resource_model import Resource
@ -13,31 +15,50 @@ openapi_tags = {
"description": "Resource search and related operations.", "description": "Resource search and related operations.",
} }
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
def get_current_user(token: str = Depends(oauth2_scheme)) -> User:
user = decode_token(token)
if not user:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Invalid authentication credentials",
headers={"WWW-Authenticate": "Bearer"},
)
return user
# TODO: Add security using HTTP Bearer Tokens # TODO: Add security using HTTP Bearer Tokens
# TODO: Enable authorization by passing user uuid to API # TODO: Enable authorization by passing user uuid to API
# TODO: Create custom exceptions # TODO: Create custom exceptions
@api.post("", response_model=Resource, tags=["Resource"]) @api.post("", response_model=Resource, tags=["Resource"])
def create( def create(
subject: User, resource: Resource, resource_svc: ResourceService = Depends() subject: User = Depends(get_current_user),
resource: Resource,
resource_svc: ResourceService = Depends()
): ):
return resource_svc.create(subject, resource) return resource_svc.create(subject, resource)
@api.get("", response_model=List[Resource], tags=["Resource"]) @api.get("", response_model=List[Resource], tags=["Resource"])
def get_all(subject: User, resource_svc: ResourceService = Depends()): def get_all(
subject: User = Depends(get_current_user),
resource_svc: ResourceService = Depends()):
return resource_svc.get_resource_by_user(subject) return resource_svc.get_resource_by_user(subject)
@api.put("", response_model=Resource, tags=["Resource"]) @api.put("", response_model=Resource, tags=["Resource"])
def update( def update(
subject: User, resource: Resource, resource_svc: ResourceService = Depends() subject: User = Depends(get_current_user),
resource: Resource,
resource_svc: ResourceService = Depends()
): ):
return resource_svc.update(subject, resource) return resource_svc.update(subject, resource)
@api.delete("", response_model=None, tags=["Resource"]) @api.delete("", response_model=None, tags=["Resource"])
def delete( def delete(
subject: User, resource: Resource, resource_svc: ResourceService = Depends() subject: User = Depends(get_current_user),
resource: Resource,
resource_svc: ResourceService = Depends()
): ):
resource_svc.delete(subject, resource) resource_svc.delete(subject, resource)

24
backend/api/service.py
View File

@ -1,4 +1,6 @@
from fastapi import APIRouter, Depends from fastapi import APIRouter, Depends, HTTPException, status
from fastapi.security import OAuth2PasswordBearer
from decoder import decode_token
from backend.models.user_model import User from backend.models.user_model import User
from ..services import ServiceService, UserService from ..services import ServiceService, UserService
@ -13,13 +15,25 @@ openapi_tags = {
"description": "Service search and related operations.", "description": "Service search and related operations.",
} }
# Creates an OAuth instance
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
def get_current_user(token: str = Depends(oauth2_scheme)) -> User:
user = decode_token(token)
if not user:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Invalid authentication credentials",
headers={"WWW-Authenticate": "Bearer"},
)
return user
# TODO: Add security using HTTP Bearer Tokens # TODO: Add security using HTTP Bearer Tokens
# TODO: Enable authorization by passing user uuid to API # TODO: Enable authorization by passing user uuid to API
# TODO: Create custom exceptions # TODO: Create custom exceptions
@api.post("", response_model=Service, tags=["Service"]) @api.post("", response_model=Service, tags=["Service"])
def create( def create(
subject: User, subject: User = Depends(getUser),
service: Service, service: Service,
service_svc: ServiceService = Depends() service_svc: ServiceService = Depends()
): ):
@ -28,14 +42,14 @@ def create(
@api.get("", response_model=List[Service], tags=["Service"]) @api.get("", response_model=List[Service], tags=["Service"])
def get_all( def get_all(
subject: User, subject: User = Depends(getUser),
service_svc: ServiceService = Depends() service_svc: ServiceService = Depends()
): ):
return service_svc.get_service_by_user(subject) return service_svc.get_service_by_user(subject)
@api.put("", response_model=Service, tags=["Service"]) @api.put("", response_model=Service, tags=["Service"])
def update( def update(
subject: User, subject: User = Depends(getUser),
service: Service, service: Service,
service_svc: ServiceService = Depends() service_svc: ServiceService = Depends()
): ):
@ -43,7 +57,7 @@ def update(
@api.delete("", response_model=None, tags=["Service"]) @api.delete("", response_model=None, tags=["Service"])
def delete( def delete(
subject: User, subject: User = Depends(getUser),
service: Service, service: Service,
service_svc: ServiceService = Depends() service_svc: ServiceService = Depends()
): ):

23
backend/api/tag.py
View File

@ -1,4 +1,6 @@
from fastapi import APIRouter, Depends from fastapi import APIRouter, Depends, HTTPException, status
from fastapi.security import OAuth2PasswordBearer
from decoder import decode_token
from backend.models.tag_model import Tag from backend.models.tag_model import Tag
from backend.models.user_model import User from backend.models.user_model import User
@ -15,13 +17,24 @@ openapi_tags = {
"description": "Tag CRUD operations.", "description": "Tag CRUD operations.",
} }
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
def get_current_user(token: str = Depends(oauth2_scheme)) -> User:
user = decode_token(token)
if not user:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Invalid authentication credentials",
headers={"WWW-Authenticate": "Bearer"},
)
return user
# TODO: Add security using HTTP Bearer Tokens # TODO: Add security using HTTP Bearer Tokens
# TODO: Enable authorization by passing user uuid to API # TODO: Enable authorization by passing user uuid to API
# TODO: Create custom exceptions # TODO: Create custom exceptions
@api.post("", response_model=Tag, tags=["Tag"]) @api.post("", response_model=Tag, tags=["Tag"])
def create( def create(
subject: User, subject: User = Depends(get_current_user),
tag: Tag, tag: Tag,
tag_service: TagService=Depends() tag_service: TagService=Depends()
): ):
@ -29,14 +42,14 @@ def create(
@api.get("", response_model=List[Tag], tags=["Tag"]) @api.get("", response_model=List[Tag], tags=["Tag"])
def get_all( def get_all(
subject: User, subject: User = Depends(get_current_user),
tag_svc: TagService=Depends() tag_svc: TagService=Depends()
): ):
return tag_svc.get_all() return tag_svc.get_all()
@api.put("", response_model=Tag, tags=["Tag"]) @api.put("", response_model=Tag, tags=["Tag"])
def update( def update(
subject: User, subject: User = Depends(get_current_user),
tag: Tag, tag: Tag,
tag_svc: TagService=Depends() tag_svc: TagService=Depends()
): ):
@ -44,7 +57,7 @@ def update(
@api.delete("", response_model=None, tags=["Tag"]) @api.delete("", response_model=None, tags=["Tag"])
def delete( def delete(
subject: User, subject: User = Depends(get_current_user),
tag: Tag, tag: Tag,
tag_svc: TagService=Depends() tag_svc: TagService=Depends()
): ):

0
start.sh Normal file → Executable file
View File