Hugging Face's logo

Spaces:
Gregniuki
/
Loginauth
Running

App Files Community
Gregniuki commited on
Commit
361449c
1 Parent(s): 7821ebd

Update app.py

Browse files
Files changed (1) hide show
  1. app.py +43 -0
app.py CHANGED
@@ -91,6 +91,19 @@ async def auth_callback(request: Request, db: Session = Depends(get_db)):
91
  @app.get("/", response_class=HTMLResponse)
92
  async def landing(request: Request):
93
  return templates.TemplateResponse("landing.html", {"request": request})
 
 
 
 
 
 
 
 
 
 
 
 
 
94
 
95
  def create_access_token(data: dict, expires_delta: timedelta = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)):
96
  to_encode = data.copy()
@@ -105,9 +118,39 @@ def verify_token(token: str = Depends(oauth2_scheme)):
105
  return payload.get("sub")
106
  except jwt.ExpiredSignatureError:
107
  raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Token has expired")
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
108
  except jwt.PyJWTError:
109
  raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Could not validate credentials")
110
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
111
  def authenticate_user(db: Session, email: str, password: str):
112
  user = get_user_by_email(db, email)
113
  if not user or not pwd_context.verify(password, user.hashed_password):
 
91
  @app.get("/", response_class=HTMLResponse)
92
  async def landing(request: Request):
93
  return templates.TemplateResponse("landing.html", {"request": request})
94
+
95
+ def verify_password(plain_password, hashed_password):
96
+ return pwd_context.verify(plain_password, hashed_password)
97
+
98
+ def get_password_hash(password):
99
+ return pwd_context.hash(password)
100
+
101
+ def authenticate_user(db: Session, username: str, password: str):
102
+ user = db.query(User).filter(User.username == username).first()
103
+ if not user or not verify_password(password, user.hashed_password):
104
+ return False
105
+ return user
106
+
107
 
108
  def create_access_token(data: dict, expires_delta: timedelta = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)):
109
  to_encode = data.copy()
 
118
  return payload.get("sub")
119
  except jwt.ExpiredSignatureError:
120
  raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Token has expired")
121
+
122
+ def validate_token(token: str):
123
+ try:
124
+ payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
125
+ username: str = payload.get("sub")
126
+ if username is None:
127
+ raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid token")
128
+ return TokenData(username=username)
129
+ except JWTError:
130
+ raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid token")
131
+
132
+ @app.get("/token/validate")
133
+ async def token_validate(token: str = Depends(oauth2_scheme)):
134
+ return validate_token(token)
135
+
136
  except jwt.PyJWTError:
137
  raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Could not validate credentials")
138
 
139
+ @app.post("/login")
140
+ async def login(form_data: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(get_db)):
141
+ return await login_for_access_token(form_data.username, form_data.password, db)
142
+
143
+ async def login_for_access_token(username: str, password: str, db: Session):
144
+ user = authenticate_user(db, username, password)
145
+ if not user:
146
+ raise HTTPException(
147
+ status_code=status.HTTP_401_UNAUTHORIZED,
148
+ detail="Incorrect username or password",
149
+ headers={"WWW-Authenticate": "Bearer"},
150
+ )
151
+ access_token = create_access_token(data={"sub": user.username})
152
+ return {"access_token": access_token, "token_type": "bearer"}
153
+
154
  def authenticate_user(db: Session, email: str, password: str):
155
  user = get_user_by_email(db, email)
156
  if not user or not pwd_context.verify(password, user.hashed_password):