Update routes/auth.py
Browse files- routes/auth.py +108 -17
routes/auth.py
CHANGED
|
@@ -1,37 +1,128 @@
|
|
| 1 |
# app/routes/auth.py
|
| 2 |
-
from fastapi import
|
| 3 |
from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
|
| 4 |
from pydantic import BaseModel
|
| 5 |
from sqlalchemy.orm import Session
|
| 6 |
-
|
| 7 |
-
# Your database model
|
| 8 |
from app.models import User
|
|
|
|
|
|
|
|
|
|
|
|
|
| 9 |
|
|
|
|
| 10 |
app = FastAPI()
|
| 11 |
|
| 12 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 13 |
|
| 14 |
# User registration route
|
| 15 |
-
@
|
| 16 |
def register(user: UserCreate, db: Session = Depends(get_db)):
|
| 17 |
-
|
| 18 |
-
# Hash the password, generate a verification token, send a verification email
|
| 19 |
-
# Update the database, and return the user object
|
| 20 |
|
| 21 |
# Email verification route
|
| 22 |
-
@
|
| 23 |
def verify_email(verification_token: str, db: Session = Depends(get_db)):
|
| 24 |
-
|
| 25 |
-
# Update the database and return a confirmation response
|
| 26 |
|
| 27 |
# User login route
|
| 28 |
-
@
|
| 29 |
def login(form_data: OAuth2PasswordRequestForm = Depends()):
|
| 30 |
-
|
| 31 |
-
# Implement login and return an access token if successful
|
| 32 |
|
| 33 |
# User authentication (protected route)
|
| 34 |
-
@
|
| 35 |
def protected_route(token: str = Depends(oauth2_scheme), db: Session = Depends(get_db)):
|
| 36 |
-
|
| 37 |
-
return f"Protected route for user"
|
|
|
|
| 1 |
# app/routes/auth.py
|
| 2 |
+
from fastapi import APIRouter, Depends, HTTPException, Form, Response, status, FastAPI
|
| 3 |
from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
|
| 4 |
from pydantic import BaseModel
|
| 5 |
from sqlalchemy.orm import Session
|
|
|
|
|
|
|
| 6 |
from app.models import User
|
| 7 |
+
from app.database import get_db
|
| 8 |
+
from jose import jwt
|
| 9 |
+
from passlib.context import CryptContext
|
| 10 |
+
from datetime import datetime, timedelta
|
| 11 |
|
| 12 |
+
router = APIRouter()
|
| 13 |
app = FastAPI()
|
| 14 |
|
| 15 |
+
class AuthViews:
|
| 16 |
+
def __init__(self):
|
| 17 |
+
self.pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
|
| 18 |
+
self.SECRET_KEY = "your-secret-key" # Replace with your actual secret key
|
| 19 |
+
self.ALGORITHM = "HS256"
|
| 20 |
+
self.ACCESS_TOKEN_EXPIRE_MINUTES = 30
|
| 21 |
+
|
| 22 |
+
def register(self, user: UserCreate, db: Session = Depends(get_db)):
|
| 23 |
+
# Validate email format and check for existing users
|
| 24 |
+
db_user = database.get_user_by_email(db, user.email)
|
| 25 |
+
if db_user:
|
| 26 |
+
raise HTTPException(status_code=400, detail="Email already registered")
|
| 27 |
+
|
| 28 |
+
# Hash the password
|
| 29 |
+
hashed_password = self.pwd_context.hash(user.password)
|
| 30 |
+
|
| 31 |
+
# Generate a verification token
|
| 32 |
+
verification_token = email.generate_verification_token(user.email)
|
| 33 |
+
|
| 34 |
+
# Send a verification email (implement email.send_verification_email)
|
| 35 |
+
|
| 36 |
+
# Create the user in the database
|
| 37 |
+
user_in_db = models.User(email=user.email, hashed_password=hashed_password)
|
| 38 |
+
db.add(user_in_db)
|
| 39 |
+
db.commit()
|
| 40 |
+
db.refresh(user_in_db)
|
| 41 |
+
|
| 42 |
+
return user_in_db
|
| 43 |
+
|
| 44 |
+
def verify_email(self, verification_token: str, db: Session = Depends(get_db)):
|
| 45 |
+
# Verify the email using the token (implement email.verify_token)
|
| 46 |
+
email = email.verify_token(verification_token)
|
| 47 |
+
if not email:
|
| 48 |
+
raise HTTPException(status_code=400, detail="Invalid verification token")
|
| 49 |
+
|
| 50 |
+
# Get the user by email
|
| 51 |
+
user = database.get_user_by_email(db, email)
|
| 52 |
+
if not user:
|
| 53 |
+
raise HTTPException(status_code=400, detail="User not found")
|
| 54 |
+
|
| 55 |
+
if user.is_verified:
|
| 56 |
+
raise HTTPException(status_code=400, detail="Email already verified")
|
| 57 |
+
|
| 58 |
+
# Mark the email as verified
|
| 59 |
+
user.is_verified = True
|
| 60 |
+
db.commit()
|
| 61 |
+
return {"message": "Email verification successful"}
|
| 62 |
+
|
| 63 |
+
|
| 64 |
+
def login(self, form_data: OAuth2PasswordRequestForm = Depends()):
|
| 65 |
+
# Check email verification
|
| 66 |
+
db_user = database.get_user_by_email(db, form_data.username)
|
| 67 |
+
if not db_user or not self.pwd_context.verify(form_data.password, db_user.hashed_password):
|
| 68 |
+
raise HTTPException(status_code=400, detail="Incorrect email or password")
|
| 69 |
+
|
| 70 |
+
if not db_user.is_verified:
|
| 71 |
+
raise HTTPException(status_code=400, detail="Email not verified")
|
| 72 |
+
|
| 73 |
+
# Generate an access token
|
| 74 |
+
access_token_expires = timedelta(minutes=self.ACCESS_TOKEN_EXPIRE_MINUTES)
|
| 75 |
+
access_token = jwt.encode(
|
| 76 |
+
{"sub": db_user.email, "exp": datetime.utcnow() + access_token_expires},
|
| 77 |
+
self.SECRET_KEY,
|
| 78 |
+
algorithm=self.ALGORITHM,
|
| 79 |
+
)
|
| 80 |
+
|
| 81 |
+
return {"access_token": access_token, "token_type": "bearer"}
|
| 82 |
+
|
| 83 |
+
|
| 84 |
+
# Import User model and database functions
|
| 85 |
+
from app.models import User
|
| 86 |
+
from app.database import get_user_by_email
|
| 87 |
+
|
| 88 |
+
# ...
|
| 89 |
+
|
| 90 |
+
# User authentication (protected route)
|
| 91 |
+
@router.get("/protected", response_model=str)
|
| 92 |
+
def protected_route(token: str = Depends(oauth2_scheme), db: Session = Depends(get_db)):
|
| 93 |
+
# Verify the access token
|
| 94 |
+
user = verify_token(token, SECRET_KEY, ALGORITHM)
|
| 95 |
+
if user is None:
|
| 96 |
+
raise HTTPException(status_code=401, detail="Invalid or expired token")
|
| 97 |
+
|
| 98 |
+
# Check if the user exists in the database
|
| 99 |
+
db_user = get_user_by_email(db, user) # Modify this to match your database query
|
| 100 |
+
|
| 101 |
+
if db_user is None:
|
| 102 |
+
raise HTTPException(status_code=401, detail="User not found in the database")
|
| 103 |
+
|
| 104 |
+
# The user exists in the database, and you can perform the protected route logic
|
| 105 |
+
return f"Protected route for user: {user}"
|
| 106 |
+
|
| 107 |
+
|
| 108 |
+
auth_views = AuthViews()
|
| 109 |
|
| 110 |
# User registration route
|
| 111 |
+
@router.post("/register", response_model=User)
|
| 112 |
def register(user: UserCreate, db: Session = Depends(get_db)):
|
| 113 |
+
return auth_views.register(user, db)
|
|
|
|
|
|
|
| 114 |
|
| 115 |
# Email verification route
|
| 116 |
+
@router.get("/verify/{verification_token}")
|
| 117 |
def verify_email(verification_token: str, db: Session = Depends(get_db)):
|
| 118 |
+
return auth_views.verify_email(verification_token, db)
|
|
|
|
| 119 |
|
| 120 |
# User login route
|
| 121 |
+
@router.post("/login", response_model=dict)
|
| 122 |
def login(form_data: OAuth2PasswordRequestForm = Depends()):
|
| 123 |
+
return auth_views.login(form_data)
|
|
|
|
| 124 |
|
| 125 |
# User authentication (protected route)
|
| 126 |
+
@router.get("/protected", response_model=str)
|
| 127 |
def protected_route(token: str = Depends(oauth2_scheme), db: Session = Depends(get_db)):
|
| 128 |
+
return auth_views.protected_route(token)
|
|
|