fix: middlewaer acces token auth
This commit is contained in:
TheNoxium
parent
b90b70568c
commit
19f8236b47
@ -9,6 +9,7 @@ from uvicorn import run
|
||||
from api.config import get_settings, DefaultSettings
|
||||
from api.endpoints import list_of_routes
|
||||
from api.utils.common import get_hostname
|
||||
from api.services.middleware import MiddlewareAccessTokenValidadtion
|
||||
|
||||
logger = logging.getLogger()
|
||||
logger.setLevel(logging.DEBUG)
|
||||
@ -20,6 +21,7 @@ def bind_routes(application: FastAPI, setting: DefaultSettings) -> None:
|
||||
application.include_router(route, prefix=setting.PATH_PREFIX)
|
||||
|
||||
|
||||
|
||||
def get_app() -> FastAPI:
|
||||
"""Creates application and all dependable objects."""
|
||||
loguru.logger.remove()
|
||||
@ -78,4 +80,7 @@ app.add_middleware(
|
||||
allow_credentials=True,
|
||||
allow_methods=["GET", "POST", "OPTIONS", "DELETE", "PUT"],
|
||||
allow_headers=["*"],
|
||||
|
||||
)
|
||||
|
||||
app.add_middleware(MiddlewareAccessTokenValidadtion)
|
||||
|
||||
@ -1,10 +1,10 @@
|
||||
from api.endpoints.auth import api_router as auth_router
|
||||
from api.endpoints.pofile import api_router as pofile_router
|
||||
from api.endpoints.profile import api_router as profile_router
|
||||
from api.endpoints.account import api_router as account_router
|
||||
from api.endpoints.keyring import api_router as keyring_router
|
||||
list_of_routes = [
|
||||
auth_router,
|
||||
pofile_router,
|
||||
profile_router,
|
||||
account_router,
|
||||
keyring_router]
|
||||
|
||||
|
||||
@ -9,9 +9,6 @@ from fastapi import (
|
||||
status,
|
||||
)
|
||||
|
||||
from fastapi import FastAPI
|
||||
|
||||
from fastapi_jwt_auth import AuthJWT
|
||||
|
||||
from sqlalchemy.ext.asyncio import AsyncConnection
|
||||
|
||||
@ -19,10 +16,10 @@ from api.db.connection.session import get_connection_dep
|
||||
|
||||
from api.db.logic.account import get_user_id, update_user_id, create_user,get_user_login
|
||||
|
||||
from api.schemas.account.account import User,Role,Status
|
||||
from api.schemas.account.account import User,Status
|
||||
from api.schemas.endpoints.account import UserUpdate
|
||||
|
||||
from api.services.access_token_validadtion import AccessTokenValidadtion
|
||||
|
||||
from api.services.user_role_validation import db_user_role_validation
|
||||
from api.services.update_data_validation import update_user_data_changes
|
||||
|
||||
@ -36,11 +33,12 @@ api_router = APIRouter(
|
||||
|
||||
@api_router.get("/{user_id}")
|
||||
async def get_account(user_id: int,
|
||||
connection: AsyncConnection = Depends(get_connection_dep),
|
||||
Authorize: AuthJWT = Depends()):
|
||||
request: Request,
|
||||
connection: AsyncConnection = Depends(get_connection_dep)
|
||||
):
|
||||
|
||||
current_user = AccessTokenValidadtion(Authorize)
|
||||
|
||||
current_user = request.state.current_user
|
||||
authorize_user = await db_user_role_validation(connection, current_user)
|
||||
|
||||
user = await get_user_id(connection, user_id)
|
||||
@ -56,10 +54,11 @@ async def get_account(user_id: int,
|
||||
@api_router.post("")
|
||||
async def create_account(
|
||||
user: UserUpdate,
|
||||
connection: AsyncConnection = Depends(get_connection_dep),
|
||||
Authorize: AuthJWT = Depends()
|
||||
):
|
||||
current_user = AccessTokenValidadtion(Authorize)
|
||||
request: Request,
|
||||
connection: AsyncConnection = Depends(get_connection_dep)
|
||||
):
|
||||
|
||||
current_user = request.state.current_user
|
||||
|
||||
authorize_user = await db_user_role_validation(connection, current_user)
|
||||
|
||||
@ -82,11 +81,12 @@ async def create_account(
|
||||
@api_router.put("/{user_id}")
|
||||
async def update_account(
|
||||
user_id: int,
|
||||
request: Request,
|
||||
user_update: UserUpdate,
|
||||
connection: AsyncConnection = Depends(get_connection_dep),
|
||||
Authorize: AuthJWT = Depends()
|
||||
):
|
||||
current_user = AccessTokenValidadtion(Authorize)
|
||||
connection: AsyncConnection = Depends(get_connection_dep)
|
||||
):
|
||||
|
||||
current_user = request.state.current_user
|
||||
|
||||
authorize_user = await db_user_role_validation(connection, current_user)
|
||||
|
||||
@ -115,10 +115,12 @@ async def update_account(
|
||||
@api_router.delete("/{user_id}")
|
||||
async def delete_account(
|
||||
user_id: int,
|
||||
connection: AsyncConnection = Depends(get_connection_dep),
|
||||
Authorize: AuthJWT = Depends()
|
||||
):
|
||||
current_user = AccessTokenValidadtion(Authorize)
|
||||
request: Request,
|
||||
connection: AsyncConnection = Depends(get_connection_dep)
|
||||
):
|
||||
|
||||
|
||||
current_user = request.state.current_user
|
||||
|
||||
authorize_user = await db_user_role_validation(connection, current_user)
|
||||
|
||||
|
||||
@ -26,8 +26,6 @@ from api.services.auth import authenticate_user
|
||||
|
||||
from api.db.logic.auth import add_new_refresh_token,upgrade_old_refresh_token
|
||||
|
||||
from api.db.logic.account import get_user_login
|
||||
|
||||
from api.schemas.endpoints.auth import Auth
|
||||
|
||||
api_router = APIRouter(
|
||||
@ -54,13 +52,13 @@ def get_config():
|
||||
return Settings()
|
||||
|
||||
|
||||
@api_router.post("/")
|
||||
@api_router.post("")
|
||||
async def login_for_access_token(
|
||||
user: Auth,
|
||||
response: Response,
|
||||
connection: AsyncConnection = Depends(get_connection_dep),
|
||||
Authorize: AuthJWT = Depends(),
|
||||
):
|
||||
):
|
||||
|
||||
"""Авторизирует, выставляет токены в куки."""
|
||||
|
||||
@ -111,8 +109,8 @@ async def login_for_access_token(
|
||||
async def refresh(
|
||||
request: Request,
|
||||
connection: AsyncConnection = Depends(get_connection_dep),
|
||||
Authorize: AuthJWT = Depends()):
|
||||
"""Обновляет access токен."""
|
||||
Authorize: AuthJWT = Depends()
|
||||
):
|
||||
|
||||
refresh_token = request.cookies.get("refresh_token_cookie")
|
||||
print("Refresh Token:", refresh_token)
|
||||
|
||||
@ -9,22 +9,19 @@ from fastapi import (
|
||||
status,
|
||||
)
|
||||
|
||||
from fastapi_jwt_auth import AuthJWT
|
||||
|
||||
from sqlalchemy.ext.asyncio import AsyncConnection
|
||||
|
||||
from api.db.connection.session import get_connection_dep
|
||||
|
||||
from api.db.logic.account import get_user_login
|
||||
from api.db.logic.keyring import get_key_id,create_key,update_key_id
|
||||
|
||||
|
||||
from api.schemas.account.account import Role,Status
|
||||
from api.schemas.account.account import Status
|
||||
from api.schemas.endpoints.account_keyring import AccountKeyringUpdate
|
||||
|
||||
from api.schemas.account.account_keyring import AccountKeyring
|
||||
|
||||
from api.services.access_token_validadtion import AccessTokenValidadtion
|
||||
from api.services.user_role_validation import db_user_role_validation
|
||||
from api.services.update_data_validation import update_key_data_changes
|
||||
|
||||
@ -38,10 +35,11 @@ api_router = APIRouter(
|
||||
@api_router.get("/{user_id}/{key_id}")
|
||||
async def get_keyring(
|
||||
key_id: str,
|
||||
connection: AsyncConnection = Depends(get_connection_dep),
|
||||
Authorize: AuthJWT = Depends()):
|
||||
request: Request,
|
||||
connection: AsyncConnection = Depends(get_connection_dep)
|
||||
):
|
||||
|
||||
current_user = AccessTokenValidadtion(Authorize)
|
||||
current_user = request.state.current_user
|
||||
|
||||
authorize_user = await db_user_role_validation(connection, current_user)
|
||||
|
||||
@ -59,12 +57,12 @@ async def get_keyring(
|
||||
async def create_keyring(
|
||||
user_id: int,
|
||||
key_id: str,
|
||||
request: Request,
|
||||
key: AccountKeyringUpdate,
|
||||
connection: AsyncConnection = Depends(get_connection_dep),
|
||||
Authorize: AuthJWT = Depends()
|
||||
):
|
||||
connection: AsyncConnection = Depends(get_connection_dep)
|
||||
):
|
||||
|
||||
current_user = AccessTokenValidadtion(Authorize)
|
||||
current_user = request.state.current_user
|
||||
|
||||
authorize_user = await db_user_role_validation(connection, current_user)
|
||||
|
||||
@ -86,11 +84,12 @@ async def create_keyring(
|
||||
async def update_keyring(
|
||||
user_id: int,
|
||||
key_id: str,
|
||||
request: Request,
|
||||
keyring_update: AccountKeyringUpdate,
|
||||
connection: AsyncConnection = Depends(get_connection_dep),
|
||||
Authorize: AuthJWT = Depends()
|
||||
):
|
||||
current_user = AccessTokenValidadtion(Authorize)
|
||||
connection: AsyncConnection = Depends(get_connection_dep)
|
||||
):
|
||||
|
||||
current_user = request.state.current_user
|
||||
|
||||
authorize_user = await db_user_role_validation(connection, current_user)
|
||||
|
||||
@ -121,10 +120,11 @@ async def update_keyring(
|
||||
async def delete_keyring(
|
||||
user_id: int,
|
||||
key_id: str,
|
||||
connection: AsyncConnection = Depends(get_connection_dep),
|
||||
Authorize: AuthJWT = Depends()
|
||||
):
|
||||
current_user = AccessTokenValidadtion(Authorize)
|
||||
request: Request,
|
||||
connection: AsyncConnection = Depends(get_connection_dep)
|
||||
):
|
||||
|
||||
current_user = request.state.current_user
|
||||
|
||||
authorize_user = await db_user_role_validation(connection, current_user)
|
||||
|
||||
|
||||
@ -9,7 +9,6 @@ from fastapi import (
|
||||
status,
|
||||
)
|
||||
|
||||
from fastapi_jwt_auth import AuthJWT
|
||||
|
||||
from sqlalchemy.ext.asyncio import AsyncConnection
|
||||
|
||||
@ -19,28 +18,22 @@ from api.services.update_data_validation import update_user_data_changes
|
||||
|
||||
from api.schemas.endpoints.account import UserUpdate
|
||||
|
||||
from api.services.access_token_validadtion import AccessTokenValidadtion
|
||||
|
||||
|
||||
api_router = APIRouter(
|
||||
prefix="/pofile",
|
||||
prefix="/profile",
|
||||
tags=["User accountModel"],
|
||||
)
|
||||
|
||||
|
||||
@api_router.get("/{user_id}")
|
||||
async def get_pofile(user_id: int,
|
||||
async def get_profile(
|
||||
user_id: int,
|
||||
request: Request,
|
||||
connection: AsyncConnection = Depends(get_connection_dep),
|
||||
Authorize: AuthJWT = Depends()):
|
||||
|
||||
current_user = AccessTokenValidadtion(Authorize)
|
||||
|
||||
authorize_user = await get_user_login(connection, current_user)
|
||||
if authorize_user.id != user_id :
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_409_CONFLICT,
|
||||
detail="The provided data already exists in the database")
|
||||
|
||||
):
|
||||
# Извлекаем текущего пользователя из request.state
|
||||
current_user = request.state.current_user
|
||||
|
||||
user = await get_user_id(connection, user_id)
|
||||
|
||||
@ -53,21 +46,15 @@ async def get_pofile(user_id: int,
|
||||
|
||||
|
||||
@api_router.put("/{user_id}")
|
||||
async def update_pofile(
|
||||
async def update_profile(
|
||||
user_id: int,
|
||||
request: Request,
|
||||
user_updata: UserUpdate,
|
||||
connection: AsyncConnection = Depends(get_connection_dep),
|
||||
Authorize: AuthJWT = Depends()
|
||||
):
|
||||
|
||||
current_user = AccessTokenValidadtion(Authorize)
|
||||
):
|
||||
|
||||
|
||||
authorize_user = await get_user_login(connection, current_user)
|
||||
if authorize_user.id != user_id :
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_409_CONFLICT,
|
||||
detail="The provided data already exists in the database")
|
||||
current_user = request.state.current_user
|
||||
|
||||
user = await get_user_id(connection, user_id)
|
||||
if user is None:
|
||||
@ -1,15 +1,9 @@
|
||||
from fastapi import HTTPException, status
|
||||
|
||||
from fastapi_jwt_auth import AuthJWT
|
||||
from fastapi.responses import JSONResponse
|
||||
|
||||
def AccessTokenValidadtion(Authorize):
|
||||
try:
|
||||
Authorize.jwt_required()
|
||||
current_user = Authorize.get_jwt_subject()
|
||||
return current_user
|
||||
except Exception:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_401_UNAUTHORIZED,
|
||||
detail="The access token is invalid or expired.",
|
||||
headers={"WWW-Authenticate": "Bearer"},
|
||||
)
|
||||
|
||||
75
api/api/services/middleware.py
Normal file
75
api/api/services/middleware.py
Normal file
@ -0,0 +1,75 @@
|
||||
from starlette.middleware.base import BaseHTTPMiddleware
|
||||
from fastapi import (
|
||||
Request,
|
||||
status,
|
||||
)
|
||||
|
||||
from fastapi.responses import JSONResponse
|
||||
from api.config import get_settings
|
||||
|
||||
import re
|
||||
from re import escape
|
||||
|
||||
|
||||
from fastapi_jwt_auth import AuthJWT
|
||||
|
||||
|
||||
|
||||
class MiddlewareAccessTokenValidadtion(BaseHTTPMiddleware):
|
||||
def __init__(self, app):
|
||||
super().__init__(app)
|
||||
|
||||
self.prefix = escape(get_settings().PATH_PREFIX)
|
||||
self.excluded_routes = [
|
||||
re.compile(r'^' + re.escape(self.prefix) + r'/auth/refresh/?$'),
|
||||
re.compile(r'^' + re.escape(self.prefix) + r'/auth/?$')
|
||||
]
|
||||
|
||||
|
||||
|
||||
async def dispatch(self,
|
||||
request: Request,
|
||||
call_next):
|
||||
|
||||
if request.method in ["GET", "POST", "PUT", "DELETE"]:
|
||||
if any(pattern.match(request.url.path) for pattern in self.excluded_routes):
|
||||
return await call_next(request)
|
||||
else:
|
||||
|
||||
auth_header = request.headers.get("Authorization")
|
||||
if not auth_header:
|
||||
return JSONResponse(
|
||||
status_code=status.HTTP_401_UNAUTHORIZED,
|
||||
content={"detail": "Missing authorization header."},
|
||||
headers={"WWW-Authenticate": "Bearer"}
|
||||
)
|
||||
|
||||
token = auth_header.split(" ")[1]
|
||||
print(token)
|
||||
|
||||
Authorize = AuthJWT(request)
|
||||
|
||||
try:
|
||||
current_user = Authorize.get_jwt_subject()
|
||||
|
||||
print(current_user)
|
||||
|
||||
request.state.current_user = current_user
|
||||
return await call_next(request)
|
||||
|
||||
except Exception:
|
||||
return JSONResponse(
|
||||
status_code=status.HTTP_401_UNAUTHORIZED,
|
||||
content={"detail": "The access token is invalid or expired."},
|
||||
headers={"WWW-Authenticate": "Bearer"}
|
||||
)
|
||||
|
||||
|
||||
|
||||
# async with get_connection() as connection:
|
||||
# authorize_user = await get_user_login(connection, current_user)
|
||||
# print(authorize_user)
|
||||
# if authorize_user is None :
|
||||
# return JSONResponse(
|
||||
# status_code=status.HTTP_404_NOT_FOUND ,
|
||||
# detail="User not found.")
|
||||
Loading…
Reference in New Issue
Block a user