Update main.py
Browse files
main.py
CHANGED
|
@@ -1,6 +1,6 @@
|
|
| 1 |
#main.py
|
| 2 |
|
| 3 |
-
from fastapi import FastAPI, Form, Depends, HTTPException, status
|
| 4 |
from fastapi.requests import Request
|
| 5 |
from fastapi.responses import HTMLResponse, RedirectResponse, JSONResponse
|
| 6 |
from fastapi.templating import Jinja2Templates
|
|
@@ -8,7 +8,7 @@ from sqlalchemy.orm import Session
|
|
| 8 |
from auth import verify_token, oauth2_scheme, auth_views, register, UserCreate, authenticate_user, get_user_by_verification_token
|
| 9 |
from database import get_db, get_user_by_email
|
| 10 |
from datetime import timedelta
|
| 11 |
-
from typing import Optional
|
| 12 |
#import auth
|
| 13 |
#import tts
|
| 14 |
import os
|
|
@@ -138,31 +138,44 @@ async def verify_email(verification_token: str, db: Session = Depends(get_db)):
|
|
| 138 |
# Redirect to the protected route with the token as a query parameter (or as required by your front-end/client)
|
| 139 |
return RedirectResponse(url=f"/protected?token={access_token}")
|
| 140 |
|
| 141 |
-
from jwt import decode, PyJWTError # make sure jwt is imported
|
| 142 |
-
|
| 143 |
-
|
| 144 |
|
| 145 |
@app.get("/protected", response_class=HTMLResponse)
|
| 146 |
-
async def get_protected(
|
| 147 |
-
|
| 148 |
-
token = token
|
| 149 |
-
|
| 150 |
-
|
| 151 |
-
|
| 152 |
-
try:
|
| 153 |
-
payload = decode(token, auth_views.SECRET_KEY, algorithms=[auth_views.ALGORITHM])
|
| 154 |
-
user_email = payload.get("sub")
|
| 155 |
-
if user_email is None:
|
| 156 |
-
raise HTTPException(status_code=401, detail="Not authenticated")
|
| 157 |
-
except PyJWTError:
|
| 158 |
-
raise HTTPException(status_code=401, detail="Could not validate credentials")
|
| 159 |
|
| 160 |
db_user = get_user_by_email(db, user_email)
|
| 161 |
if db_user is None or not db_user.is_verified:
|
| 162 |
raise HTTPException(status_code=401, detail="User not found or not verified in the database")
|
| 163 |
|
|
|
|
| 164 |
return templates.TemplateResponse("protected.html", {"request": request, "user": db_user.username})
|
| 165 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 166 |
#async def get_protected(
|
| 167 |
# request: Request,
|
| 168 |
# token: str = Query(None), # Accept token from query parameters
|
|
|
|
| 1 |
#main.py
|
| 2 |
|
| 3 |
+
from fastapi import FastAPI, Form, Depends, HTTPException, status
|
| 4 |
from fastapi.requests import Request
|
| 5 |
from fastapi.responses import HTMLResponse, RedirectResponse, JSONResponse
|
| 6 |
from fastapi.templating import Jinja2Templates
|
|
|
|
| 8 |
from auth import verify_token, oauth2_scheme, auth_views, register, UserCreate, authenticate_user, get_user_by_verification_token
|
| 9 |
from database import get_db, get_user_by_email
|
| 10 |
from datetime import timedelta
|
| 11 |
+
#from typing import Optional
|
| 12 |
#import auth
|
| 13 |
#import tts
|
| 14 |
import os
|
|
|
|
| 138 |
# Redirect to the protected route with the token as a query parameter (or as required by your front-end/client)
|
| 139 |
return RedirectResponse(url=f"/protected?token={access_token}")
|
| 140 |
|
| 141 |
+
#from jwt import decode, PyJWTError # make sure jwt is imported
|
|
|
|
|
|
|
| 142 |
|
| 143 |
@app.get("/protected", response_class=HTMLResponse)
|
| 144 |
+
async def get_protected(
|
| 145 |
+
request: Request,
|
| 146 |
+
token: str = Depends(verify_token), # Use Depends to inject the token after verification
|
| 147 |
+
db: Session = Depends(get_db)
|
| 148 |
+
):
|
| 149 |
+
user_email = token # As verify_token returns the 'sub' which is user email
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 150 |
|
| 151 |
db_user = get_user_by_email(db, user_email)
|
| 152 |
if db_user is None or not db_user.is_verified:
|
| 153 |
raise HTTPException(status_code=401, detail="User not found or not verified in the database")
|
| 154 |
|
| 155 |
+
# Render a template response
|
| 156 |
return templates.TemplateResponse("protected.html", {"request": request, "user": db_user.username})
|
| 157 |
|
| 158 |
+
#@app.get("/protected", response_class=HTMLResponse)
|
| 159 |
+
#async def get_protected(request: Request, token: Optional[str] = None, db: Session = Depends(get_db)):
|
| 160 |
+
# Try to get the token from the query parameter first, then fall back to the cookie
|
| 161 |
+
# token = token or request.cookies.get("access_token")
|
| 162 |
+
# if not token:
|
| 163 |
+
# raise HTTPException(status_code=401, detail="Not authenticated")
|
| 164 |
+
|
| 165 |
+
# try:
|
| 166 |
+
# payload = decode(token, auth_views.SECRET_KEY, algorithms=[auth_views.ALGORITHM])
|
| 167 |
+
# user_email = payload.get("sub")
|
| 168 |
+
# if user_email is None:
|
| 169 |
+
# raise HTTPException(status_code=401, detail="Not authenticated")
|
| 170 |
+
# except PyJWTError:
|
| 171 |
+
# raise HTTPException(status_code=401, detail="Could not validate credentials")
|
| 172 |
+
|
| 173 |
+
# db_user = get_user_by_email(db, user_email)
|
| 174 |
+
# if db_user is None or not db_user.is_verified:
|
| 175 |
+
# raise HTTPException(status_code=401, detail="User not found or not verified in the database")
|
| 176 |
+
|
| 177 |
+
# return templates.TemplateResponse("protected.html", {"request": request, "user": db_user.username})
|
| 178 |
+
|
| 179 |
#async def get_protected(
|
| 180 |
# request: Request,
|
| 181 |
# token: str = Query(None), # Accept token from query parameters
|