Update app.py
Browse files
app.py
CHANGED
|
@@ -99,7 +99,49 @@ async def login(form_data: OAuth2PasswordRequestForm = Depends(), db: Session =
|
|
| 99 |
)
|
| 100 |
access_token = create_access_token(data={"sub": user.username})
|
| 101 |
return {"access_token": access_token, "token_type": "bearer"}
|
| 102 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 103 |
@app.get("/", response_class=HTMLResponse)
|
| 104 |
async def landing(request: Request):
|
| 105 |
return templates.TemplateResponse("landing.html", {"request": request})
|
|
|
|
| 99 |
)
|
| 100 |
access_token = create_access_token(data={"sub": user.username})
|
| 101 |
return {"access_token": access_token, "token_type": "bearer"}
|
| 102 |
+
@app.get("/login", response_class=HTMLResponse)
|
| 103 |
+
async def login(request: Request, db: Session = Depends(get_db)):
|
| 104 |
+
access_token = request.cookies.get("access_token")
|
| 105 |
+
|
| 106 |
+
if access_token:
|
| 107 |
+
try:
|
| 108 |
+
user_email = verify_token(access_token.split("Bearer ")[1])
|
| 109 |
+
if user_email:
|
| 110 |
+
# Retrieve the user from the database
|
| 111 |
+
db_user = db.query(User).filter(User.email == user_email).first()
|
| 112 |
+
if not db_user:
|
| 113 |
+
raise HTTPException(status_code=HTTP_401_UNAUTHORIZED, detail="User not found")
|
| 114 |
+
|
| 115 |
+
# Check if user is verified
|
| 116 |
+
if not db_user.is_verified:
|
| 117 |
+
raise HTTPException(status_code=HTTP_401_UNAUTHORIZED, detail="User is not verified")
|
| 118 |
+
|
| 119 |
+
# Create a new access token for the user
|
| 120 |
+
new_access_token = create_access_token(
|
| 121 |
+
data={"sub": db_user.email},
|
| 122 |
+
expires_delta=timedelta(minutes=auth_views.ACCESS_TOKEN_EXPIRE_MINUTES)
|
| 123 |
+
)
|
| 124 |
+
|
| 125 |
+
# Redirect the user to the protected route
|
| 126 |
+
url = app.url_path_for("get_protected")
|
| 127 |
+
response = RedirectResponse(url)
|
| 128 |
+
response.set_cookie(key="access_token", value=f"Bearer {new_access_token}", httponly=True)
|
| 129 |
+
return response
|
| 130 |
+
except ExpiredSignatureError:
|
| 131 |
+
# Token has expired. You could redirect to the login page or inform the user
|
| 132 |
+
raise HTTPException(status_code=HTTP_401_UNAUTHORIZED, detail="Token expired")
|
| 133 |
+
except InvalidTokenError:
|
| 134 |
+
# Token is invalid, inform the user or redirect
|
| 135 |
+
raise HTTPException(status_code=HTTP_400_BAD_REQUEST, detail="Invalid token")
|
| 136 |
+
except Exception as e:
|
| 137 |
+
# General exception, log this exception for debugging
|
| 138 |
+
# Respond with a generic error message
|
| 139 |
+
raise HTTPException(status_code=HTTP_400_BAD_REQUEST, detail="An error occurred")
|
| 140 |
+
|
| 141 |
+
# If not authenticated, show the login page with Google OAuth option
|
| 142 |
+
google_oauth_url = request.url_for("login_oauth") # URL to initiate Google OAuth
|
| 143 |
+
return templates.TemplateResponse("login.html", {"request": request, "google_oauth_url": google_oauth_url})
|
| 144 |
+
|
| 145 |
@app.get("/", response_class=HTMLResponse)
|
| 146 |
async def landing(request: Request):
|
| 147 |
return templates.TemplateResponse("landing.html", {"request": request})
|