Vorkout/connect
3
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

fix: middlewaer acces token auth

Browse Source
This commit is contained in:
TheNoxium 2025-04-29 21:16:59 +05:00
parent b90b70568c
commit 19f8236b47
8 changed files with 164 additions and 103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
api/api/__main__.py
View File

@ -9,6 +9,7 @@ from uvicorn import run
from api.config import get_settings, DefaultSettings from api.config import get_settings, DefaultSettings
from api.endpoints import list_of_routes from api.endpoints import list_of_routes
from api.utils.common import get_hostname from api.utils.common import get_hostname
from api.services.middleware import MiddlewareAccessTokenValidadtion
logger = logging.getLogger() logger = logging.getLogger()
logger.setLevel(logging.DEBUG) logger.setLevel(logging.DEBUG)
@ -20,6 +21,7 @@ def bind_routes(application: FastAPI, setting: DefaultSettings) -> None:
application.include_router(route, prefix=setting.PATH_PREFIX) application.include_router(route, prefix=setting.PATH_PREFIX)
def get_app() -> FastAPI: def get_app() -> FastAPI:
"""Creates application and all dependable objects.""" """Creates application and all dependable objects."""
loguru.logger.remove() loguru.logger.remove()
@ -78,4 +80,7 @@ app.add_middleware(
allow_credentials=True, allow_credentials=True,
allow_methods=["GET", "POST", "OPTIONS", "DELETE", "PUT"], allow_methods=["GET", "POST", "OPTIONS", "DELETE", "PUT"],
allow_headers=["*"], allow_headers=["*"],
) )
app.add_middleware(MiddlewareAccessTokenValidadtion)

4
api/api/endpoints/__init__.py
View File

@ -1,10 +1,10 @@
from api.endpoints.auth import api_router as auth_router from api.endpoints.auth import api_router as auth_router
from api.endpoints.pofile import api_router as pofile_router from api.endpoints.profile import api_router as profile_router
from api.endpoints.account import api_router as account_router from api.endpoints.account import api_router as account_router
from api.endpoints.keyring import api_router as keyring_router from api.endpoints.keyring import api_router as keyring_router
list_of_routes = [ list_of_routes = [
auth_router, auth_router,
pofile_router, profile_router,
account_router, account_router,
keyring_router] keyring_router]

36
api/api/endpoints/account.py
View File

@ -9,9 +9,6 @@ from fastapi import (
status, status,
) )
from fastapi import FastAPI
from fastapi_jwt_auth import AuthJWT
from sqlalchemy.ext.asyncio import AsyncConnection from sqlalchemy.ext.asyncio import AsyncConnection
@ -19,10 +16,10 @@ from api.db.connection.session import get_connection_dep
from api.db.logic.account import get_user_id, update_user_id, create_user,get_user_login from api.db.logic.account import get_user_id, update_user_id, create_user,get_user_login
from api.schemas.account.account import User,Role,Status from api.schemas.account.account import User,Status
from api.schemas.endpoints.account import UserUpdate from api.schemas.endpoints.account import UserUpdate
from api.services.access_token_validadtion import AccessTokenValidadtion
from api.services.user_role_validation import db_user_role_validation from api.services.user_role_validation import db_user_role_validation
from api.services.update_data_validation import update_user_data_changes from api.services.update_data_validation import update_user_data_changes
@ -36,11 +33,12 @@ api_router = APIRouter(
@api_router.get("/{user_id}") @api_router.get("/{user_id}")
async def get_account(user_id: int, async def get_account(user_id: int,
connection: AsyncConnection = Depends(get_connection_dep), request: Request,
Authorize: AuthJWT = Depends()): connection: AsyncConnection = Depends(get_connection_dep)
):
current_user = AccessTokenValidadtion(Authorize)
current_user = request.state.current_user
authorize_user = await db_user_role_validation(connection, current_user) authorize_user = await db_user_role_validation(connection, current_user)
user = await get_user_id(connection, user_id) user = await get_user_id(connection, user_id)
@ -56,10 +54,11 @@ async def get_account(user_id: int,
@api_router.post("") @api_router.post("")
async def create_account( async def create_account(
user: UserUpdate, user: UserUpdate,
connection: AsyncConnection = Depends(get_connection_dep), request: Request,
Authorize: AuthJWT = Depends() connection: AsyncConnection = Depends(get_connection_dep)
): ):
current_user = AccessTokenValidadtion(Authorize)
current_user = request.state.current_user
authorize_user = await db_user_role_validation(connection, current_user) authorize_user = await db_user_role_validation(connection, current_user)
@ -82,11 +81,12 @@ async def create_account(
@api_router.put("/{user_id}") @api_router.put("/{user_id}")
async def update_account( async def update_account(
user_id: int, user_id: int,
request: Request,
user_update: UserUpdate, user_update: UserUpdate,
connection: AsyncConnection = Depends(get_connection_dep), connection: AsyncConnection = Depends(get_connection_dep)
Authorize: AuthJWT = Depends()
): ):
current_user = AccessTokenValidadtion(Authorize)
current_user = request.state.current_user
authorize_user = await db_user_role_validation(connection, current_user) authorize_user = await db_user_role_validation(connection, current_user)
@ -115,10 +115,12 @@ async def update_account(
@api_router.delete("/{user_id}") @api_router.delete("/{user_id}")
async def delete_account( async def delete_account(
user_id: int, user_id: int,
connection: AsyncConnection = Depends(get_connection_dep), request: Request,
Authorize: AuthJWT = Depends() connection: AsyncConnection = Depends(get_connection_dep)
): ):
current_user = AccessTokenValidadtion(Authorize)
current_user = request.state.current_user
authorize_user = await db_user_role_validation(connection, current_user) authorize_user = await db_user_role_validation(connection, current_user)

8
api/api/endpoints/auth.py
View File

@ -26,8 +26,6 @@ from api.services.auth import authenticate_user
from api.db.logic.auth import add_new_refresh_token,upgrade_old_refresh_token from api.db.logic.auth import add_new_refresh_token,upgrade_old_refresh_token
from api.db.logic.account import get_user_login
from api.schemas.endpoints.auth import Auth from api.schemas.endpoints.auth import Auth
api_router = APIRouter( api_router = APIRouter(
@ -54,7 +52,7 @@ def get_config():
return Settings() return Settings()
@api_router.post("/") @api_router.post("")
async def login_for_access_token( async def login_for_access_token(
user: Auth, user: Auth,
response: Response, response: Response,
@ -111,8 +109,8 @@ async def login_for_access_token(
async def refresh( async def refresh(
request: Request, request: Request,
connection: AsyncConnection = Depends(get_connection_dep), connection: AsyncConnection = Depends(get_connection_dep),
Authorize: AuthJWT = Depends()): Authorize: AuthJWT = Depends()
"""Обновляет access токен.""" ):
refresh_token = request.cookies.get("refresh_token_cookie") refresh_token = request.cookies.get("refresh_token_cookie")
print("Refresh Token:", refresh_token) print("Refresh Token:", refresh_token)

32
api/api/endpoints/keyring.py
View File

@ -9,22 +9,19 @@ from fastapi import (
status, status,
) )
from fastapi_jwt_auth import AuthJWT
from sqlalchemy.ext.asyncio import AsyncConnection from sqlalchemy.ext.asyncio import AsyncConnection
from api.db.connection.session import get_connection_dep from api.db.connection.session import get_connection_dep
from api.db.logic.account import get_user_login
from api.db.logic.keyring import get_key_id,create_key,update_key_id from api.db.logic.keyring import get_key_id,create_key,update_key_id
from api.schemas.account.account import Role,Status from api.schemas.account.account import Status
from api.schemas.endpoints.account_keyring import AccountKeyringUpdate from api.schemas.endpoints.account_keyring import AccountKeyringUpdate
from api.schemas.account.account_keyring import AccountKeyring from api.schemas.account.account_keyring import AccountKeyring
from api.services.access_token_validadtion import AccessTokenValidadtion
from api.services.user_role_validation import db_user_role_validation from api.services.user_role_validation import db_user_role_validation
from api.services.update_data_validation import update_key_data_changes from api.services.update_data_validation import update_key_data_changes
@ -38,10 +35,11 @@ api_router = APIRouter(
@api_router.get("/{user_id}/{key_id}") @api_router.get("/{user_id}/{key_id}")
async def get_keyring( async def get_keyring(
key_id: str, key_id: str,
connection: AsyncConnection = Depends(get_connection_dep), request: Request,
Authorize: AuthJWT = Depends()): connection: AsyncConnection = Depends(get_connection_dep)
):
current_user = AccessTokenValidadtion(Authorize) current_user = request.state.current_user
authorize_user = await db_user_role_validation(connection, current_user) authorize_user = await db_user_role_validation(connection, current_user)
@ -59,12 +57,12 @@ async def get_keyring(
async def create_keyring( async def create_keyring(
user_id: int, user_id: int,
key_id: str, key_id: str,
request: Request,
key: AccountKeyringUpdate, key: AccountKeyringUpdate,
connection: AsyncConnection = Depends(get_connection_dep), connection: AsyncConnection = Depends(get_connection_dep)
Authorize: AuthJWT = Depends()
): ):
current_user = AccessTokenValidadtion(Authorize) current_user = request.state.current_user
authorize_user = await db_user_role_validation(connection, current_user) authorize_user = await db_user_role_validation(connection, current_user)
@ -86,11 +84,12 @@ async def create_keyring(
async def update_keyring( async def update_keyring(
user_id: int, user_id: int,
key_id: str, key_id: str,
request: Request,
keyring_update: AccountKeyringUpdate, keyring_update: AccountKeyringUpdate,
connection: AsyncConnection = Depends(get_connection_dep), connection: AsyncConnection = Depends(get_connection_dep)
Authorize: AuthJWT = Depends()
): ):
current_user = AccessTokenValidadtion(Authorize)
current_user = request.state.current_user
authorize_user = await db_user_role_validation(connection, current_user) authorize_user = await db_user_role_validation(connection, current_user)
@ -121,10 +120,11 @@ async def update_keyring(
async def delete_keyring( async def delete_keyring(
user_id: int, user_id: int,
key_id: str, key_id: str,
connection: AsyncConnection = Depends(get_connection_dep), request: Request,
Authorize: AuthJWT = Depends() connection: AsyncConnection = Depends(get_connection_dep)
): ):
current_user = AccessTokenValidadtion(Authorize)
current_user = request.state.current_user
authorize_user = await db_user_role_validation(connection, current_user) authorize_user = await db_user_role_validation(connection, current_user)

35
api/api/endpoints/pofile.py → api/api/endpoints/profile.py
View File

@ -9,7 +9,6 @@ from fastapi import (
status, status,
) )
from fastapi_jwt_auth import AuthJWT
from sqlalchemy.ext.asyncio import AsyncConnection from sqlalchemy.ext.asyncio import AsyncConnection
@ -19,28 +18,22 @@ from api.services.update_data_validation import update_user_data_changes
from api.schemas.endpoints.account import UserUpdate from api.schemas.endpoints.account import UserUpdate
from api.services.access_token_validadtion import AccessTokenValidadtion
api_router = APIRouter( api_router = APIRouter(
prefix="/pofile", prefix="/profile",
tags=["User accountModel"], tags=["User accountModel"],
) )
@api_router.get("/{user_id}") @api_router.get("/{user_id}")
async def get_pofile(user_id: int, async def get_profile(
user_id: int,
request: Request,
connection: AsyncConnection = Depends(get_connection_dep), connection: AsyncConnection = Depends(get_connection_dep),
Authorize: AuthJWT = Depends()): ):
# Извлекаем текущего пользователя из request.state
current_user = AccessTokenValidadtion(Authorize) current_user = request.state.current_user
authorize_user = await get_user_login(connection, current_user)
if authorize_user.id != user_id :
raise HTTPException(
status_code=status.HTTP_409_CONFLICT,
detail="The provided data already exists in the database")
user = await get_user_id(connection, user_id) user = await get_user_id(connection, user_id)
@ -53,21 +46,15 @@ async def get_pofile(user_id: int,
@api_router.put("/{user_id}") @api_router.put("/{user_id}")
async def update_pofile( async def update_profile(
user_id: int, user_id: int,
request: Request,
user_updata: UserUpdate, user_updata: UserUpdate,
connection: AsyncConnection = Depends(get_connection_dep), connection: AsyncConnection = Depends(get_connection_dep),
Authorize: AuthJWT = Depends()
): ):
current_user = AccessTokenValidadtion(Authorize) current_user = request.state.current_user
authorize_user = await get_user_login(connection, current_user)
if authorize_user.id != user_id :
raise HTTPException(
status_code=status.HTTP_409_CONFLICT,
detail="The provided data already exists in the database")
user = await get_user_id(connection, user_id) user = await get_user_id(connection, user_id)
if user is None: if user is None:

8
api/api/services/access_token_validadtion.py
View File

@ -1,15 +1,9 @@
from fastapi import HTTPException, status from fastapi import HTTPException, status
from fastapi_jwt_auth import AuthJWT from fastapi_jwt_auth import AuthJWT
from fastapi.responses import JSONResponse
def AccessTokenValidadtion(Authorize): def AccessTokenValidadtion(Authorize):
try:
Authorize.jwt_required() Authorize.jwt_required()
current_user = Authorize.get_jwt_subject() current_user = Authorize.get_jwt_subject()
return current_user return current_user
except Exception:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="The access token is invalid or expired.",
headers={"WWW-Authenticate": "Bearer"},
)

75
api/api/services/middleware.py Normal file
View File

@ -0,0 +1,75 @@
from starlette.middleware.base import BaseHTTPMiddleware
from fastapi import (
Request,
status,
)
from fastapi.responses import JSONResponse
from api.config import get_settings
import re
from re import escape
from fastapi_jwt_auth import AuthJWT
class MiddlewareAccessTokenValidadtion(BaseHTTPMiddleware):
def __init__(self, app):
super().__init__(app)
self.prefix = escape(get_settings().PATH_PREFIX)
self.excluded_routes = [
re.compile(r'^' + re.escape(self.prefix) + r'/auth/refresh/?$'),
re.compile(r'^' + re.escape(self.prefix) + r'/auth/?$')
]
async def dispatch(self,
request: Request,
call_next):
if request.method in ["GET", "POST", "PUT", "DELETE"]:
if any(pattern.match(request.url.path) for pattern in self.excluded_routes):
return await call_next(request)
else:
auth_header = request.headers.get("Authorization")
if not auth_header:
return JSONResponse(
status_code=status.HTTP_401_UNAUTHORIZED,
content={"detail": "Missing authorization header."},
headers={"WWW-Authenticate": "Bearer"}
)
token = auth_header.split(" ")[1]
print(token)
Authorize = AuthJWT(request)
try:
current_user = Authorize.get_jwt_subject()
print(current_user)
request.state.current_user = current_user
return await call_next(request)
except Exception:
return JSONResponse(
status_code=status.HTTP_401_UNAUTHORIZED,
content={"detail": "The access token is invalid or expired."},
headers={"WWW-Authenticate": "Bearer"}
)
# async with get_connection() as connection:
# authorize_user = await get_user_login(connection, current_user)
# print(authorize_user)
# if authorize_user is None :
# return JSONResponse(
# status_code=status.HTTP_404_NOT_FOUND ,
# detail="User not found.")