summaryrefslogtreecommitdiff
path: root/Projekt/app/oauth2.py
diff options
context:
space:
mode:
authorRasmus Luha <rasmus.luha@gmail.com>2022-02-06 13:10:32 +0200
committerRasmus Luha <rasmus.luha@gmail.com>2022-02-06 13:10:32 +0200
commit5e19a0569288de21365c61b0db78639880732dd0 (patch)
treee1d3add7376b53157fe8830cbd81b02c1a3a3586 /Projekt/app/oauth2.py
inital commit
Diffstat (limited to 'Projekt/app/oauth2.py')
-rw-r--r--Projekt/app/oauth2.py49
1 files changed, 49 insertions, 0 deletions
diff --git a/Projekt/app/oauth2.py b/Projekt/app/oauth2.py
new file mode 100644
index 0000000..f381f97
--- /dev/null
+++ b/Projekt/app/oauth2.py
@@ -0,0 +1,49 @@
+from fastapi import Depends, status, HTTPException
+from jose import JWTError, jwt
+from datetime import datetime, timedelta
+from sqlalchemy.orm import Session
+from . import schemas, database, models
+from fastapi.security import OAuth2PasswordBearer
+from .config import settings
+
+oaut2_scheme = OAuth2PasswordBearer(tokenUrl="login")
+
+#Secrete_Key
+#Algorütm
+#Säilivusaeg, expiration time
+
+SECRET_KEY = settings.secret_key
+ALGORITHM = settings.algorithm
+ACCESS_TOKEN_EXPIRE_MINUTES = settings.access_token_expire_minutes
+
+def create_access_token(data: dict):
+ to_encode = data.copy()
+
+ expire = datetime.utcnow() + timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
+ to_encode.update( {"exp" : expire} )
+
+ encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
+ return encoded_jwt
+
+def verify_access_token(token: str, credentials_exception):
+
+ try:
+ payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM]) #Decodeme tokeni
+ id: str = payload.get("user_id") # Ekstraktime tokenist id
+ if id is None:
+ raise credentials_exception
+ token_data = schemas.TokenData(id=id)
+ except JWTError:
+ raise credentials_exception
+
+ return token_data
+
+
+def get_current_user( token: str = Depends(oaut2_scheme), db: Session = Depends(database.get_db)):
+ credentials_exception = HTTPException(status_code=status.HTTP_401_UNAUTHORIZED,
+ detail=f"Could not validate credentials", headers={"WWW-Authenticate": "Bearer"} )
+
+ token = verify_access_token(token, credentials_exception)
+ user = db.query(models.User).filter(models.User.id == token.id).first()
+
+ return user