Vorkout/connect
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'master' into VORKOUT-7

Browse Source
This commit is contained in:
TheNoxium
2025-06-05 13:04:25 +05:00
parent 66c60cfc59 7e1fe6f5c4
commit 48d52bf903
34 changed files with 909 additions and 322 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
api/api/endpoints/auth.py
View File

@@ -9,9 +9,7 @@ from fastapi import (
status,
)
from loguru import logger
from pydantic.main import BaseModel
from fastapi_jwt_auth import AuthJWT
from pydantic import BaseModel
@@ -22,7 +20,7 @@ from api.config import get_settings
from api.db.connection.session import get_connection_dep
from api.services.auth import authenticate_user
from api.db.logic.auth import add_new_refresh_token,upgrade_old_refresh_token
from api.db.logic.auth import add_new_refresh_token, upgrade_old_refresh_token
from api.schemas.endpoints.auth import Auth, Access
@@ -52,12 +50,11 @@ def get_config():
@api_router.post("", response_model=Access)
async def login_for_access_token(
user: Auth,
response: Response,
connection: AsyncConnection = Depends(get_connection_dep),
Authorize: AuthJWT = Depends(),
):
user: Auth,
response: Response,
connection: AsyncConnection = Depends(get_connection_dep),
Authorize: AuthJWT = Depends(),
):
"""Авторизирует, выставляет токены в куки."""
user = await authenticate_user(connection, user.login, user.password)
@@ -71,25 +68,18 @@ async def login_for_access_token(
# headers={"WWW-Authenticate": "Bearer"},
)
access_token_expires = timedelta(
minutes=get_settings().ACCESS_TOKEN_EXPIRE_MINUTES)
access_token_expires = timedelta(minutes=get_settings().ACCESS_TOKEN_EXPIRE_MINUTES)
refresh_token_expires = timedelta(
days=get_settings().REFRESH_TOKEN_EXPIRE_DAYS
)
refresh_token_expires = timedelta(days=get_settings().REFRESH_TOKEN_EXPIRE_DAYS)
logger.debug(f"refresh_token_expires {refresh_token_expires}")
access_token = Authorize.create_access_token(
subject=user.login, expires_time=access_token_expires
)
refresh_token = Authorize.create_refresh_token(
subject=user.login, expires_time=refresh_token_expires
)
access_token = Authorize.create_access_token(subject=user.login, expires_time=access_token_expires)
refresh_token = Authorize.create_refresh_token(subject=user.login, expires_time=refresh_token_expires)
refresh_token_expires_time = datetime.now(timezone.utc) + refresh_token_expires
await add_new_refresh_token(connection,refresh_token,refresh_token_expires_time,user)
await add_new_refresh_token(connection, refresh_token, refresh_token_expires_time, user)
Authorize.set_refresh_cookies(refresh_token)
@@ -99,11 +89,8 @@ async def login_for_access_token(
@api_router.post("/refresh",response_model=Access)
async def refresh(
request: Request,
connection: AsyncConnection = Depends(get_connection_dep),
Authorize: AuthJWT = Depends()
):
request: Request, connection: AsyncConnection = Depends(get_connection_dep), Authorize: AuthJWT = Depends()
):
refresh_token = request.cookies.get("refresh_token_cookie")
# print("Refresh Token:", refresh_token)
@@ -111,24 +98,19 @@ async def refresh(
raise HTTPException(status_code=401, detail="Refresh token is missing")
try:
Authorize.jwt_refresh_token_required()
current_user = Authorize.get_jwt_subject()
except Exception as e:
await upgrade_old_refresh_token(connection,current_user,refresh_token)
await upgrade_old_refresh_token(connection, current_user, refresh_token)
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Invalid refresh token",
)
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Invalid refresh token",
)
access_token_expires = timedelta(minutes=get_settings().ACCESS_TOKEN_EXPIRE_MINUTES)
new_access_token = Authorize.create_access_token(
subject=current_user, expires_time=access_token_expires
)
new_access_token = Authorize.create_access_token(subject=current_user, expires_time=access_token_expires)
return Access(access_token=new_access_token)