diff options
author | Rasmus Luha <rasmus.luha@gmail.com> | 2022-02-06 13:10:32 +0200 |
---|---|---|
committer | Rasmus Luha <rasmus.luha@gmail.com> | 2022-02-06 13:10:32 +0200 |
commit | 5e19a0569288de21365c61b0db78639880732dd0 (patch) | |
tree | e1d3add7376b53157fe8830cbd81b02c1a3a3586 /Projekt/app/oauth2.py |
inital commit
Diffstat (limited to 'Projekt/app/oauth2.py')
-rw-r--r-- | Projekt/app/oauth2.py | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/Projekt/app/oauth2.py b/Projekt/app/oauth2.py new file mode 100644 index 0000000..f381f97 --- /dev/null +++ b/Projekt/app/oauth2.py @@ -0,0 +1,49 @@ +from fastapi import Depends, status, HTTPException +from jose import JWTError, jwt +from datetime import datetime, timedelta +from sqlalchemy.orm import Session +from . import schemas, database, models +from fastapi.security import OAuth2PasswordBearer +from .config import settings + +oaut2_scheme = OAuth2PasswordBearer(tokenUrl="login") + +#Secrete_Key +#Algorütm +#Säilivusaeg, expiration time + +SECRET_KEY = settings.secret_key +ALGORITHM = settings.algorithm +ACCESS_TOKEN_EXPIRE_MINUTES = settings.access_token_expire_minutes + +def create_access_token(data: dict): + to_encode = data.copy() + + expire = datetime.utcnow() + timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES) + to_encode.update( {"exp" : expire} ) + + encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM) + return encoded_jwt + +def verify_access_token(token: str, credentials_exception): + + try: + payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM]) #Decodeme tokeni + id: str = payload.get("user_id") # Ekstraktime tokenist id + if id is None: + raise credentials_exception + token_data = schemas.TokenData(id=id) + except JWTError: + raise credentials_exception + + return token_data + + +def get_current_user( token: str = Depends(oaut2_scheme), db: Session = Depends(database.get_db)): + credentials_exception = HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, + detail=f"Could not validate credentials", headers={"WWW-Authenticate": "Bearer"} ) + + token = verify_access_token(token, credentials_exception) + user = db.query(models.User).filter(models.User.id == token.id).first() + + return user |