feat(client): regenerate openapi types

api/api/__main__.py

@@ -73,6 +73,7 @@ if __name__ == "__main__":
             log_level="info",
         )
 
+app.add_middleware(MiddlewareAccessTokenValidadtion)
 app.add_middleware(
     CORSMiddleware,
     allow_origins=origins,
@@ -80,5 +81,3 @@ app.add_middleware(
     allow_methods=["GET", "POST", "OPTIONS", "DELETE", "PUT"],
     allow_headers=["*"],
 )
-
-app.add_middleware(MiddlewareAccessTokenValidadtion)

api/api/db/logic/auth.py

@@ -50,13 +50,12 @@ async def get_user(connection: AsyncConnection, login: str) -> Optional[User]:
     return user, password
 
 
-async def upgrade_old_refresh_token(connection: AsyncConnection, user, refresh_token) -> Optional[User]:
+async def upgrade_old_refresh_token(connection: AsyncConnection, refresh_token) -> Optional[User]:
     new_status = KeyStatus.EXPIRED
 
     update_query = (
         update(account_keyring_table)
         .where(
-            account_table.c.id == user.id,
             account_keyring_table.c.status == KeyStatus.ACTIVE,
             account_keyring_table.c.key_type == KeyType.REFRESH_TOKEN,
             account_keyring_table.c.key_value == refresh_token,

api/api/endpoints/auth.py

@@ -4,9 +4,9 @@ from fastapi import (
     APIRouter,
     Depends,
     HTTPException,
-    Request,
     Response,
     status,
+    Request,
 )
 
 from loguru import logger
@@ -22,7 +22,7 @@ from api.services.auth import authenticate_user
 
 from api.db.logic.auth import add_new_refresh_token, upgrade_old_refresh_token
 
-from api.schemas.endpoints.auth import Auth, Access
+from api.schemas.endpoints.auth import Auth, Tokens
 
 api_router = APIRouter(
     prefix="/auth",
@@ -33,7 +33,7 @@ api_router = APIRouter(
 class Settings(BaseModel):
     authjwt_secret_key: str = get_settings().SECRET_KEY
     # Configure application to store and get JWT from cookies
-    authjwt_token_location: set = {"headers", "cookies"}
+    authjwt_token_location: set = {"headers"}
     authjwt_cookie_domain: str = get_settings().DOMAIN
 
     # Only allow JWT cookies to be sent over https
@@ -48,7 +48,7 @@ def get_config():
     return Settings()
 
 
-@api_router.post("", response_model=Access)
+@api_router.post("", response_model=Tokens)
 async def login_for_access_token(
     user: Auth,
     response: Response,
@@ -69,7 +69,6 @@ async def login_for_access_token(
         )
 
     access_token_expires = timedelta(minutes=get_settings().ACCESS_TOKEN_EXPIRE_MINUTES)
-
     refresh_token_expires = timedelta(days=get_settings().REFRESH_TOKEN_EXPIRE_DAYS)
 
     logger.debug(f"refresh_token_expires {refresh_token_expires}")
@@ -81,35 +80,27 @@ async def login_for_access_token(
 
     await add_new_refresh_token(connection, refresh_token, refresh_token_expires_time, user)
 
-    Authorize.set_refresh_cookies(refresh_token)
-
-    return Access(access_token=access_token)
+    return Tokens(access_token=access_token, refresh_token=refresh_token)
 
 
-@api_router.post("/refresh", response_model=Access)
+@api_router.post("/refresh", response_model=Tokens)
 async def refresh(
-    request: Request, connection: AsyncConnection = Depends(get_connection_dep), Authorize: AuthJWT = Depends()
-):
-    refresh_token = request.cookies.get("refresh_token_cookie")
-    # print("Refresh Token:", refresh_token)
-
-    if not refresh_token:
-        raise HTTPException(status_code=401, detail="Refresh token is missing")
-
+    request: Request,
+    connection: AsyncConnection = Depends(get_connection_dep),
+    Authorize: AuthJWT = Depends(),
+) -> Tokens:
     try:
         Authorize.jwt_refresh_token_required()
         current_user = Authorize.get_jwt_subject()
-
-    except Exception as e:
-        await upgrade_old_refresh_token(connection, current_user, refresh_token)
-
+    except Exception:
+        refresh_token = request.headers.get("Authorization").split(" ")[1]
+        await upgrade_old_refresh_token(connection, refresh_token)
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
             detail="Invalid refresh token",
         )
 
     access_token_expires = timedelta(minutes=get_settings().ACCESS_TOKEN_EXPIRE_MINUTES)
-
     new_access_token = Authorize.create_access_token(subject=current_user, expires_time=access_token_expires)
 
-    return Access(access_token=new_access_token)
+    return Tokens(access_token=new_access_token)

api/api/schemas/endpoints/auth.py

@@ -8,9 +8,6 @@ class Auth(Base):
     password: str
 
 
-class Refresh(Base):
-    refresh_token: str
-
-
-class Access(Base):
+class Tokens(Base):
     access_token: str
+    refresh_token: str | None = None

api/api/services/middleware.py

@@ -1,3 +1,4 @@
+from fastapi_jwt_auth import AuthJWT
 from starlette.middleware.base import BaseHTTPMiddleware
 from fastapi import (
     Request,
@@ -11,9 +12,6 @@ import re
 from re import escape
 
 
-from fastapi_jwt_auth import AuthJWT
-
-
 class MiddlewareAccessTokenValidadtion(BaseHTTPMiddleware):
     def __init__(self, app):
         super().__init__(app)
@@ -22,40 +20,34 @@ class MiddlewareAccessTokenValidadtion(BaseHTTPMiddleware):
         self.excluded_routes = [
             re.compile(r"^" + re.escape(self.prefix) + r"/auth/refresh/?$"),
             re.compile(r"^" + re.escape(self.prefix) + r"/auth/?$"),
+            re.compile(r"^" + r"/swagger"),
+            re.compile(r"^" + r"/openapi"),
         ]
 
     async def dispatch(self, request: Request, call_next):
-        if request.method in ["GET", "POST", "PUT", "DELETE"]:
-            if any(pattern.match(request.url.path) for pattern in self.excluded_routes):
-                return await call_next(request)
-            else:
-                auth_header = request.headers.get("Authorization")
-                if not auth_header:
-                    return JSONResponse(
-                        status_code=status.HTTP_401_UNAUTHORIZED,
-                        content={"detail": "Missing authorization header."},
-                        headers={"WWW-Authenticate": "Bearer"},
-                    )
-
-                token = auth_header.split(" ")[1]
-                Authorize = AuthJWT(request)
-
-                try:
-                    current_user = Authorize.get_jwt_subject()
-                    request.state.current_user = current_user
-                    return await call_next(request)
-
-                except Exception:
-                    return JSONResponse(
-                        status_code=status.HTTP_401_UNAUTHORIZED,
-                        content={"detail": "The access token is invalid or expired."},
-                        headers={"WWW-Authenticate": "Bearer"},
-                    )
-
-                # async with get_connection() as connection:
-                #     authorize_user = await get_user_login(connection, current_user)
-                # print(authorize_user)
-                # if authorize_user is None :
-                #     return JSONResponse(
-                #         status_code=status.HTTP_404_NOT_FOUND ,
-                #         detail="User not found.")
+        if request.method not in ["GET", "POST", "PUT", "DELETE"]:
+            return JSONResponse(
+                status_code=status.HTTP_405_METHOD_NOT_ALLOWED,
+                content={"detail": "Method not allowed"},
+            )
+        if any(pattern.match(request.url.path) for pattern in self.excluded_routes):
+            return await call_next(request)
+        auth_header = request.headers.get("Authorization")
+        if not auth_header:
+            return JSONResponse(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                content={"detail": "Missing authorization header."},
+                headers={"WWW-Authenticate": "Bearer"},
+            )
+        try:
+            token = auth_header.split(" ")[1]
+            Authorize = AuthJWT(request)
+            current_user = Authorize.get_jwt_subject()
+            request.state.current_user = current_user
+        except Exception:
+            return JSONResponse(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                content={"detail": "The access token is invalid or expired."},
+                headers={"WWW-Authenticate": "Bearer"},
+            )
+        return await call_next(request)

client/package-lock.json

@@ -19,6 +19,7 @@
         "@types/react-dom": "^19.0.4",
         "antd": "^5.24.7",
         "axios": "^1.9.0",
+        "axios-retry": "^4.5.0",
         "i18next": "^25.0.1",
         "i18next-browser-languagedetector": "^8.0.5",
         "react": "^18.3.1",
@@ -5275,6 +5276,18 @@
         "proxy-from-env": "^1.1.0"
       }
     },
+    "node_modules/axios-retry": {
+      "version": "4.5.0",
+      "resolved": "https://registry.npmjs.org/axios-retry/-/axios-retry-4.5.0.tgz",
+      "integrity": "sha512-aR99oXhpEDGo0UuAlYcn2iGRds30k366Zfa05XWScR9QaQD4JYiP3/1Qt1u7YlefUOK+cn0CcwoL1oefavQUlQ==",
+      "license": "Apache-2.0",
+      "dependencies": {
+        "is-retry-allowed": "^2.2.0"
+      },
+      "peerDependencies": {
+        "axios": "0.x || 1.x"
+      }
+    },
     "node_modules/axios/node_modules/form-data": {
       "version": "4.0.3",
       "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.3.tgz",
@@ -10092,6 +10105,18 @@
         "node": ">=0.10.0"
       }
     },
+    "node_modules/is-retry-allowed": {
+      "version": "2.2.0",
+      "resolved": "https://registry.npmjs.org/is-retry-allowed/-/is-retry-allowed-2.2.0.tgz",
+      "integrity": "sha512-XVm7LOeLpTW4jV19QSH38vkswxoLud8sQ57YwJVTPWdiaI9I8keEhGFpBlslyVsgdQy4Opg8QOLb8YRgsyZiQg==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
     "node_modules/is-root": {
       "version": "2.1.0",
       "resolved": "https://registry.npmjs.org/is-root/-/is-root-2.1.0.tgz",

client/package.json

@@ -14,6 +14,7 @@
     "@types/react-dom": "^19.0.4",
     "antd": "^5.24.7",
     "axios": "^1.9.0",
+    "axios-retry": "^4.5.0",
     "i18next": "^25.0.1",
     "i18next-browser-languagedetector": "^8.0.5",
     "react": "^18.3.1",

client/src/App.tsx

@@ -1,13 +1,25 @@
-import React from 'react';
+/* eslint-disable react-hooks/exhaustive-deps */
+import React, { useEffect } from 'react';
 import { Route, Routes } from 'react-router-dom';
 import MainLayout from './pages/MainLayout';
 import ProtectedRoute from './pages/ProtectedRoute';
+import LoginPage from './pages/LoginPage';
+import { useSetUserSelector } from './store/userStore';
 
 function App() {
+  const setUser = useSetUserSelector();
+
+  useEffect(() => {
+    const storedUser = localStorage.getItem('user');
+    if (storedUser) {
+      setUser(JSON.parse(storedUser));
+    }
+  }, []);
+
   return (
     <div className="App">
       <Routes>
-        <Route path="/login" element={<div>login</div>} />
+        <Route path="/login" element={<LoginPage />} />
         <Route element={<ProtectedRoute />}>
           <Route path="*" element={<MainLayout />}></Route>
         </Route>

client/src/api/api.ts

@@ -1,5 +1,9 @@
 import axios from 'axios';
-import { Access, Auth } from '../types/auth';
+import { Auth, Tokens } from '../types/auth';
+import { User } from '../types/user';
+import { AuthService } from '../services/authService';
+import axiosRetry from 'axios-retry';
+import { useAuthStore } from '../store/authStore';
 
 const baseURL = `${process.env.REACT_APP_HTTP_PROTOCOL}://${process.env.REACT_APP_API_URL}/api/v1`;
 
@@ -11,18 +15,92 @@ const base = axios.create({
   },
 });
 
-// base.interceptors.request.use((config) => {
-//   const token = localStorage.getItem('accessToken');
-//   if (token) {
-//     config.headers.Authorization = `Bearer ${token}`;
-//   }
-//   return config;
-// });
+base.interceptors.request.use((config) => {
+  if (config.url === '/auth/refresh') {
+    return config;
+  }
+  const token = useAuthStore.getState().accessToken;
+  if (token) {
+    config.headers.Authorization = `Bearer ${token}`;
+  }
+  return config;
+});
+
+axiosRetry(base, {
+  retries: 3,
+  retryDelay: (retryCount: number) => {
+    console.log(`retry attempt: ${retryCount}`);
+    return retryCount * 2000;
+  },
+  retryCondition: async (error: any) => {
+    if (error.code === 'ERR_CANCELED') {
+      return true;
+    }
+    return false;
+  },
+});
+
+base.interceptors.response.use(
+  (response) => {
+    return response;
+  },
+  async function (error) {
+    console.log('error', error);
+    const originalRequest = error.response.config;
+    const urlTokens = error?.request?.responseURL.split('/');
+    const url = urlTokens[urlTokens.length - 1];
+    console.log('url', url);
+    if (
+      error.response.status === 401 &&
+      !(originalRequest?._retry != null) &&
+      url !== 'login' &&
+      url !== 'refresh' &&
+      url !== 'logout'
+    ) {
+      originalRequest._retry = true;
+      try {
+        await AuthService.refresh();
+        return base(originalRequest);
+      } catch (error) {
+        await AuthService.logout();
+        return new Promise(() => {});
+      }
+    }
+    return await Promise.reject(error);
+  }
+);
 
 const api = {
-  async login(auth: Auth): Promise<Access> {
-    console.log(auth);
-    const response = await base.post<Access>('/auth', auth);
+  // auth
+  async login(auth: Auth): Promise<Tokens> {
+    const response = await base.post<Tokens>('/auth', auth);
+    return response.data;
+  },
+
+  async refreshToken(): Promise<Tokens> {
+    const token = localStorage.getItem('refreshToken');
+    const response = await base.post<Tokens>(
+      '/auth/refresh',
+      {},
+      {
+        headers: {
+          Authorization: `Bearer ${token}`,
+        },
+      }
+    );
+    return response.data;
+  },
+
+  // user
+  async getProfile(): Promise<User> {
+    const response = await base.get<User>('/profile');
+    return response.data;
+  },
+
+  async getUsers(page: number, limit: number): Promise<any> {
+    const response = await base.get<User[]>(
+      `/account?page=${page}&limit=${limit}`
+    );
     return response.data;
   },
 };

client/src/pages/AccountsPage.tsx

@@ -3,6 +3,10 @@ import { useState } from 'react';
 import ContentDrawer from '../components/ContentDrawer';
 import UserCreate from '../components/UserCreate';
 import { useTranslation } from 'react-i18next';
+import { Button } from 'antd';
+import { UserService } from '../services/userService';
+import { User } from '../types/user';
+import { AuthService } from '../services/authService';
 
 export default function AccountsPage() {
   const { t } = useTranslation();
@@ -11,6 +15,8 @@ export default function AccountsPage() {
   const showDrawer = () => setOpen(true);
   const closeDrawer = () => setOpen(false);
 
+  const [accounts, setAccounts] = useState<User[]>([]);
+
   return (
     <>
       <Header

client/src/pages/LoginPage.tsx

@@ -5,7 +5,7 @@ import {
   EyeTwoTone,
   UserOutlined,
 } from '@ant-design/icons';
-import { AuthService } from '../services/auth';
+import { AuthService } from '../services/authService';
 import { Auth } from '../types/auth';
 import { useNavigate } from 'react-router-dom';
 

client/src/pages/ProtectedRoute.tsx

@@ -1,8 +1,19 @@
+/* eslint-disable react-hooks/exhaustive-deps */
 // ProtectedRoute.js
-import { Outlet } from 'react-router-dom';
-import React from 'react';
+import { Outlet, useNavigate } from 'react-router-dom';
+import React, { useEffect } from 'react';
+import { useUserSelector } from '../store/userStore';
 
 const ProtectedRoute = (): React.JSX.Element => {
+  const navigate = useNavigate();
+  const user = useUserSelector();
+
+  useEffect(() => {
+    if (!user?.id) {
+      navigate('/login');
+    }
+  }, [user]);
+
   return <Outlet />;
 };
 export default ProtectedRoute;

client/src/services/authService.ts

@@ -0,0 +1,30 @@
+import api from '../api/api';
+import { useAuthStore } from '../store/authStore';
+import { useUserStore } from '../store/userStore';
+import { Auth } from '../types/auth';
+import { UserService } from './userService';
+
+export class AuthService {
+  static async login(auth: Auth) {
+    const token = await api.login(auth);
+    useAuthStore.getState().setAccessToken(token.accessToken);
+    localStorage.setItem('refreshToken', token.refreshToken as string);
+    await UserService.getProfile().then((user) => {
+      useUserStore.getState().setUser(user);
+    });
+  }
+
+  static async logout() {
+    console.log('logout');
+    useUserStore.getState().setUser(null);
+    useAuthStore.getState().setAccessToken(null);
+    localStorage.removeItem('userInfo');
+    localStorage.removeItem('refreshToken');
+  }
+
+  static async refresh() {
+    console.log('refresh');
+    const token = await api.refreshToken();
+    useAuthStore.getState().setAccessToken(token.accessToken);
+  }
+}

client/src/services/userService.ts

@@ -0,0 +1,16 @@
+import api from '../api/api';
+import { User } from '../types/user';
+
+export class UserService {
+  static async getProfile(): Promise<User> {
+    console.log('getProfile');
+    const user = api.getProfile();
+
+    return user;
+  }
+
+  static async getUsers(page: number = 1, limit: number = 10): Promise<any> {
+    const users = api.getUsers(page, limit);
+    return users;
+  }
+}

client/src/store/authStore.ts

@@ -0,0 +1,18 @@
+import { create } from 'zustand';
+import { devtools } from 'zustand/middleware';
+
+type AuthState = {
+  accessToken: string | null;
+  setAccessToken: (token: string | null) => void;
+};
+
+export const useAuthStore = create<AuthState>()(
+  devtools((set) => ({
+    accessToken: null,
+    setAccessToken: (token) => set({ accessToken: token }),
+  }))
+);
+
+export const useAuthSelector = () => {
+  return useAuthStore((state) => state.accessToken);
+};

client/src/store/userStore.ts

@@ -5,12 +5,12 @@ import { User } from '../types/user';
 const userInfo = localStorage.getItem('userInfo');
 
 type UserStoreState = {
-  user: User;
+  user: User | null;
   loading: boolean;
 };
 
 type UserStoreActions = {
-  setUser: (user: User) => void;
+  setUser: (user: User | null) => void;
 };
 
 type UserStore = UserStoreState & UserStoreActions;
@@ -21,7 +21,7 @@ export const useUserStore = create<UserStore>()(
       (set, get) => ({
         user: userInfo != null ? JSON.parse(userInfo) : ({} as User),
         loading: false,
-        setUser: (user: User) => set({ user }),
+        setUser: (user: User | null) => set({ user }),
       }),
       { name: 'userInfo' }
     )

client/src/types/auth.ts

@@ -1,4 +1,4 @@
 import { components } from './openapi-types';
 
 export type Auth = components['schemas']['Auth'];
-export type Access = components['schemas']['Access'];
+export type Tokens = components['schemas']['Tokens'];

client/src/types/openapi-types.ts

@@ -120,11 +120,6 @@ export interface paths {
 export type webhooks = Record<string, never>;
 export interface components {
     schemas: {
-        /** Access */
-        Access: {
-            /** Accesstoken */
-            accessToken: string;
-        };
         /** AccountKeyring */
         AccountKeyring: {
             /** Ownerid */
@@ -219,6 +214,13 @@ export interface components {
          * @enum {string}
          */
         KeyType: "PASSWORD" | "ACCESS_TOKEN" | "REFRESH_TOKEN" | "API_KEY";
+        /** Tokens */
+        Tokens: {
+            /** Accesstoken */
+            accessToken: string;
+            /** Refreshtoken */
+            refreshToken?: string | null;
+        };
         /** User */
         User: {
             /** Id */
@@ -305,7 +307,7 @@ export interface operations {
                     [name: string]: unknown;
                 };
                 content: {
-                    "application/json": components["schemas"]["Access"];
+                    "application/json": components["schemas"]["Tokens"];
                 };
             };
             /** @description Validation Error */
@@ -334,7 +336,7 @@ export interface operations {
                     [name: string]: unknown;
                 };
                 content: {
-                    "application/json": components["schemas"]["Access"];
+                    "application/json": components["schemas"]["Tokens"];
                 };
             };
         };