from . import config # https://medium.com/data-rebels/fastapi-authentication-revisited-enabling-api-key-authentication-122dc5975680 from fastapi import Security, Depends, FastAPI, HTTPException from fastapi.security.api_key import APIKeyQuery, APIKeyCookie, APIKeyHeader, APIKey from starlette.status import HTTP_403_FORBIDDEN api_key_query = APIKeyQuery(name=config.Settings().api_key_name, auto_error=False) api_key_header = APIKeyHeader(name=config.Settings().api_key_name, auto_error=False) api_key_cookie = APIKeyCookie(name=config.Settings().api_key_name, auto_error=False) async def get_api_key( api_key_query: str = Security(api_key_query), api_key_header: str = Security(api_key_header), api_key_cookie: str = Security(api_key_cookie), ): api_tokens = config.Settings().api_tokens org = api_tokens.get(api_key_query) if org is not None: return org org = api_tokens.get(api_key_header) if org is not None: return org # since we are storing org in cookie, let us do a reverse # map lookup to see if there is a key for this org; only # for cookies if api_key_cookie is None:
from fastapi.params import Security from fastapi.responses import JSONResponse from fastapi.security.api_key import APIKey from fastapi.security.api_key import APIKeyCookie from fastapi.security.api_key import APIKeyHeader from fastapi.security.api_key import APIKeyQuery from starlette.status import HTTP_401_UNAUTHORIZED router = APIRouter() API_KEY = getenv("WEB_API_KEY") API_KEY_NAME = "access_token" api_key_query = APIKeyQuery(name=API_KEY_NAME, auto_error=False) api_key_header = APIKeyHeader(name=API_KEY_NAME, auto_error=False) api_key_cookie = APIKeyCookie(name=API_KEY_NAME, auto_error=False) async def get_api_key( api_key_query: str = Security(api_key_query), api_key_header: str = Security(api_key_header), api_key_cookie: str = Security(api_key_cookie), ): if api_key_query == API_KEY: return api_key_query elif api_key_header == API_KEY: return api_key_header elif api_key_cookie == API_KEY: return api_key_cookie else: raise HTTPException(status_code=HTTP_401_UNAUTHORIZED,
from fastapi.security.api_key import APIKeyCookie from starlette.status import HTTP_403_FORBIDDEN from fastapi import Depends, HTTPException, Security from sqlalchemy.orm import Session import jwt from api.utils.db import get_db from api.models.schema import User from api.core.jwt import get_token_payload from api import crud import os oauth2_scheme_header = OAuth2PasswordBearer(tokenUrl="/token/auth", auto_error=False) oauth2_scheme_cookie = APIKeyCookie(name="Authorization", auto_error=False) def oauth2_cookie_password_scheme( header_token: str = Security(oauth2_scheme_header), cookie_token: str = Security(oauth2_scheme_cookie)): if cookie_token: return cookie_token elif header_token: return header_token else: raise HTTPException(status_code=HTTP_403_FORBIDDEN, detail="Not authenticated") async def get_current_user(token: str = Depends(oauth2_scheme_header),
from fastapi import Depends from fastapi.security.api_key import APIKeyCookie from jose import jwt, JWTError from app.settings import SECRET_KEY from services.responses import raise_http_exception from users.shcemas import User, UserDto ####################################### # Auth & Seciruty Constants # ####################################### COOKIE_SESSION_NAME = "oreo_session_key" # You can change it and keep secret auth_schema = APIKeyCookie(name=COOKIE_SESSION_NAME) ####################################### # Auth & Seciruty Helpers # ####################################### def create_access_token(email: str, recovery_password: bool = False) -> str: """ Create a encoded JWT. Params: - email: str - The user email - recovery_password: bool - Indicate if the token must have a short expiration time Return:
async def is_authenticated(authorization: APIKey = Security( APIKeyCookie(name="Authorization", auto_error=False))): if authorization: return authorization.name return authorization
BadCredentials, BadCredentialsKeyNotFound, RevokedCredentials, UnauthorizedRequest, ) from .schema import AuthApiKeyRecord from .utils import cookie_name_from_auth_name, header_name_from_auth_name logger = logging.getLogger("opennem.auth") APP_AUTH_COOKIE_NAME = cookie_name_from_auth_name(settings.api_app_auth_name) APP_AUTH_HEADER_NAME = header_name_from_auth_name(settings.api_app_auth_name) api_key_query = APIKeyQuery(name=APP_AUTH_COOKIE_NAME, auto_error=False) api_key_header = APIKeyHeader(name=APP_AUTH_HEADER_NAME, auto_error=False) api_key_cookie = APIKeyCookie(name=APP_AUTH_COOKIE_NAME, auto_error=False) def get_api_key_record(api_key: str) -> AuthApiKeyRecord: """Get an API Key record from the database""" session = get_scoped_session() try: api_key = validate_api_key(api_key) except Exception as e: logger.error("Bad API key {}: {}".format(api_key, e)) raise UnauthorizedRequest() api_key_record: Optional[ApiKeys] = (session.query(ApiKeys).filter_by( keyid=api_key).one_or_none())
import hashlib from fastapi import Security, HTTPException, status, Depends from fastapi.security.api_key import APIKeyQuery, APIKeyCookie, APIKeyHeader from sqlalchemy import select from sqlalchemy.sql import bindparam from core.pydantic_models import UserInDB from core.setting import get_setting, redisDBenum from db.connector import db, get_redis from db.models.user import user access_token_query = APIKeyQuery(name="access_token", auto_error=False) access_token_header = APIKeyHeader(name="access_token", auto_error=False) access_token_cookie = APIKeyCookie(name="access_token", auto_error=False) def hash_password(password: str) -> str: temp_hash = password for _ in range(10000): temp_hash = hashlib.sha512(temp_hash.encode("utf-8")).hexdigest() return temp_hash async def get_access_token( access_token_query: str = Security(access_token_query), access_token_header: str = Security(access_token_header), access_token_cookie: str = Security(access_token_cookie), ): if access_token_query is not None:
from .exceptions import unauthorized_401 ################# # Auth Settings # ################# SECRET = settings.SECRET_JWT ALGORITHM = "HS256" ACCESS_TOKEN_EXPIRE_DAYS = 30 # One month ###################### # Security Instances # ###################### pwd_context = CryptContext(schemes=["bcrypt"]) auth_scheme = APIKeyCookie(name=settings.COOKIE_SESSION_NAME) ########################## # Helper Auth Functions # ########################## def verify_password(plain_password: str, hashed_password: str) -> bool: """Verify the enter password with the hashed password stored in db. Params: ------- - plain_password: str - The plain password from the request form. - hashed_password: str -The hashed password stored in db. Return:
from fastapi.security.api_key import APIKeyCookie, APIKeyHeader API_KEY_NAME = "api_key" cookie_scheme = APIKeyCookie(name="bgm-tv-auto-tracker", auto_error=False) API_KEY_HEADER = APIKeyHeader(name="api-key", auto_error=False) API_KEY_COOKIES = APIKeyCookie(name="api-key", auto_error=False)
from typing import List, Optional from fastapi import Depends, HTTPException, Request, Response, Security, status from fastapi.security.api_key import APIKeyCookie, APIKeyHeader from sqlalchemy.orm import Session from lation.modules.base.models.end_user import EndUser, EndUserToken from lation.modules.base.models.payment import PaymentGateway from lation.modules.base_fastapi.dependencies import get_session from lation.modules.customer.customer import CustomerApp from lation.modules.customer.models.platform import Platform # https://medium.com/data-rebels/fastapi-authentication-revisited-enabling-api-key-authentication-122dc5975680 access_token_cookie_scheme = APIKeyCookie(scheme_name='Access Token Cookie Scheme', name=CustomerApp.ACCESS_TOKEN_COOKIE_KEY, auto_error=False) access_token_header_scheme = APIKeyHeader(scheme_name='Access Token Header Scheme', name=CustomerApp.ACCESS_TOKEN_HEADER_KEY, auto_error=False) async def get_access_token(access_token_cookie:Optional[str]=Security(access_token_cookie_scheme), access_token_header:Optional[str]=Security(access_token_header_scheme)) -> str: if access_token_cookie: return access_token_cookie elif access_token_header: return access_token_header else: raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail='Access token required') async def login_required(request:Request, access_token:str=Depends(get_access_token), session:Session=Depends(get_session)): end_user_token = session.query(EndUserToken)\
# Inspired by: https://gist.github.com/nilsdebruin/a78c5e200e7df014a92580b4fc51c53f # Purpose: Restrict access to the API with an API key. # To chose an API key, put a file called ".env" in this folder, and write "API_KEY=something" to make "something" the key/password. from fastapi.security.api_key import APIKeyQuery, APIKeyCookie, APIKeyHeader from fastapi import Security, HTTPException from starlette.status import HTTP_403_FORBIDDEN import os API_KEY = os.environ['API_KEY'] if not API_KEY: print('API_KEY is not set! Exiting...') exit(1) api_key_query = APIKeyQuery(name='api_key', auto_error=False) api_key_header = APIKeyHeader(name='api_key', auto_error=False) api_key_cookie = APIKeyCookie(name='api_key', auto_error=False) async def get_api_key( api_key_query: str = Security(api_key_query), api_key_header: str = Security(api_key_header), api_key_cookie: str = Security(api_key_cookie), ): if api_key_query == API_KEY: return api_key_query elif api_key_header == API_KEY: return api_key_header elif api_key_cookie == API_KEY: return api_key_cookie else: raise HTTPException(status_code=HTTP_403_FORBIDDEN,