Hugging Face's logo

Spaces:
Gregniuki
/
Loginauth
Sleeping

App Files Community
Gregniuki commited on
Commit
b4e60c6
·
1 Parent(s): 5129ab3

Update app.py

Browse files
Files changed (1) hide show
  1. app.py +59 -4
app.py CHANGED
@@ -90,15 +90,35 @@ async def auth_callback(request: Request, db: Session = Depends(get_db)):
90
 
91
  @app.post("/login")
92
  async def login(form_data: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(get_db)):
93
- user = authenticate_user(db, form_data.username, form_data.password)
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
94
  if not user:
95
  raise HTTPException(
96
  status_code=status.HTTP_401_UNAUTHORIZED,
97
- detail="Incorrect username or password",
98
  headers={"WWW-Authenticate": "Bearer"},
99
  )
100
- access_token = create_access_token(data={"sub": user.username})
101
  return {"access_token": access_token, "token_type": "bearer"}
 
102
  @app.get("/login", response_class=HTMLResponse)
103
  async def login(request: Request, db: Session = Depends(get_db)):
104
  access_token = request.cookies.get("access_token")
@@ -141,7 +161,42 @@ async def login(request: Request, db: Session = Depends(get_db)):
141
  # If not authenticated, show the login page with Google OAuth option
142
  google_oauth_url = request.url_for("login_oauth") # URL to initiate Google OAuth
143
  return templates.TemplateResponse("login.html", {"request": request, "google_oauth_url": google_oauth_url})
144
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
145
  @app.get("/", response_class=HTMLResponse)
146
  async def landing(request: Request):
147
  return templates.TemplateResponse("landing.html", {"request": request})
 
90
 
91
  @app.post("/login")
92
  async def login(form_data: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(get_db)):
93
+ # Perform reCAPTCHA verification first
94
+
95
+ recaptcha_secret = '6LeSJgwpAAAAAJrLrvlQYhRsOjf2wKXee_Jc4Z-k' # Replace with your reCAPTCHA secret key
96
+ recaptcha_url = 'https://www.google.com/recaptcha/api/siteverify'
97
+ recaptcha_data = {
98
+ 'secret': recaptcha_secret,
99
+ 'response': recaptcha_token
100
+ }
101
+
102
+ async with httpx.AsyncClient() as client:
103
+ recaptcha_response = await client.post(recaptcha_url, data=recaptcha_data)
104
+
105
+ recaptcha_result = recaptcha_response.json()
106
+ print(recaptcha_result) # or use proper logging
107
+ if not recaptcha_result.get('success', False):
108
+ raise HTTPException(status_code=400, detail="reCAPTCHA validation failed.")
109
+ if not email or not password:
110
+ raise HTTPException(status_code=400, detail="Invalid email or password")
111
+
112
+ user = authenticate_user(db, form_data.email, form_data.password)
113
  if not user:
114
  raise HTTPException(
115
  status_code=status.HTTP_401_UNAUTHORIZED,
116
+ detail="Incorrect email or password",
117
  headers={"WWW-Authenticate": "Bearer"},
118
  )
119
+ access_token = create_access_token(data={"sub": user.email})
120
  return {"access_token": access_token, "token_type": "bearer"}
121
+
122
  @app.get("/login", response_class=HTMLResponse)
123
  async def login(request: Request, db: Session = Depends(get_db)):
124
  access_token = request.cookies.get("access_token")
 
161
  # If not authenticated, show the login page with Google OAuth option
162
  google_oauth_url = request.url_for("login_oauth") # URL to initiate Google OAuth
163
  return templates.TemplateResponse("login.html", {"request": request, "google_oauth_url": google_oauth_url})
164
+
165
+ @app.get("/register/google")
166
+ async def register_google(request: Request):
167
+ # Redirect to Google OAuth
168
+ redirect_uri = request.url_for('auth_callback')
169
+ return await oauth.google.authorize_redirect(request, redirect_uri)
170
+
171
+ @app.get("/auth/callback")
172
+ async def auth_callback(request: Request, db: Session = Depends(get_db)):
173
+ # Handle the Google OAuth callback and user registration
174
+ token = await oauth.google.authorize_access_token(request)
175
+ user_info = await oauth.google.parse_id_token(request, token)
176
+
177
+ # Check if user already exists
178
+ existing_user = db.query(User).filter(User.email == user_info['email']).first()
179
+ if existing_user:
180
+ # User already exists, handle accordingly (e.g., log in the user)
181
+ # ...
182
+ pass
183
+ else:
184
+ # Register new user
185
+ new_user = User(
186
+ email=user_info['email'],
187
+ username=user_info.get('name'),
188
+ is_verified=True # Assuming Google users are verified by default
189
+ )
190
+ db.add(new_user)
191
+ db.commit()
192
+ db.refresh(new_user)
193
+ # Store user info in session or create a token as needed
194
+ request.session["user_info"] = {"username": new_user.username, "email": new_user.email}
195
+ # ...
196
+
197
+ # Redirect to a success or dashboard page
198
+ return RedirectResponse(url="/registration_successful")
199
+
200
  @app.get("/", response_class=HTMLResponse)
201
  async def landing(request: Request):
202
  return templates.TemplateResponse("landing.html", {"request": request})