async def login( user_login: UserInLogin = Body(..., embed=True, alias="user"), users_repo: UsersRepository = Depends(get_repository(UsersRepository)), ) -> UserInResponse: wrong_login_error = HTTPException( status_code=HTTP_400_BAD_REQUEST, detail=strings.INCORRECT_LOGIN_INPUT ) try: user = await users_repo.get_user_by_email(email=user_login.email) except EntityDoesNotExist as existence_error: raise wrong_login_error from existence_error if not user.check_password(user_login.password): raise wrong_login_error token = jwt.create_access_token_for_user(user, str(config.SECRET_KEY)) return UserInResponse( user=UserWithToken( username=user.username, email=user.email, bio=user.bio, image=user.image, token=token, ) )
async def register( user_create: UserInCreate = Body(..., embed=True, alias="user"), users_repo: UsersRepository = Depends(get_repository(UsersRepository)), ) -> UserInResponse: if await check_username_is_taken(users_repo, user_create.username): raise HTTPException( status_code=HTTP_400_BAD_REQUEST, detail=strings.USERNAME_TAKEN ) if await check_email_is_taken(users_repo, user_create.email): raise HTTPException( status_code=HTTP_400_BAD_REQUEST, detail=strings.EMAIL_TAKEN ) user = await users_repo.create_user(**user_create.dict()) token = jwt.create_access_token_for_user(user, str(config.SECRET_KEY)) return UserInResponse( user=UserWithToken( username=user.username, email=user.email, bio=user.bio, image=user.image, token=token, ) )
async def update_current_user( user_update: UserInUpdate = Body(..., embed=True, alias="user"), current_user: User = Depends(get_current_user_authorizer()), users_repo: UsersRepository = Depends(get_repository(UsersRepository)), ) -> UserInResponse: if user_update.name and user_update.name != current_user.name: if await check_username_is_taken(users_repo, user_update.name): raise HTTPException( status_code=HTTP_400_BAD_REQUEST, detail=strings.USERNAME_TAKEN, ) if user_update.email and user_update.email != current_user.email: if await check_email_is_taken(users_repo, user_update.email): raise HTTPException( status_code=HTTP_400_BAD_REQUEST, detail=strings.EMAIL_TAKEN, ) user = await users_repo.update_user(user=current_user, **user_update.dict()) token = jwt.create_access_token_for_user(user, str(config.SECRET_KEY)) return UserInResponse(user=UserWithToken( name=user.name, email=user.email, bio=user.bio, image=user.image, token=token, ), )
async def test_unable_to_login_when_user_does_not_exist_any_more( app: FastAPI, client: Client, authorization_prefix: str) -> None: token = create_access_token_for_user( User(username="******", email="*****@*****.**"), "secret") response = await client.get( app.url_path_for("users:get-current-user"), headers={"Authorization": f"{authorization_prefix} {token}"}, ) assert response.status_code == HTTP_403_FORBIDDEN
async def retrieve_current_user( user: User = Depends(get_current_user_authorizer()), ) -> UserInResponse: token = jwt.create_access_token_for_user(user, str(config.SECRET_KEY)) return UserInResponse(user=UserWithToken( name=user.name, email=user.email, bio=user.bio, image=user.image, token=token, ), )
async def retrieve_current_user( user: User = Depends(get_current_user_authorizer()), settings: AppSettings = Depends(get_app_settings), ) -> UserInResponse: token = jwt.create_access_token_for_user( user, str(settings.secret_key.get_secret_value()), ) return UserInResponse(user=UserWithToken( username=user.username, email=user.email, bio=user.bio, image=user.image, token=token, ), )
def token(test_user: UserInDB) -> str: return jwt.create_access_token_for_user(test_user, environ["SECRET_KEY"])
async def retrieve_current_user(user: User = Depends( get_current_user_authorizer())) -> UserInResponse: token = jwt.create_access_token_for_user(user, str(config.SECRET_KEY)) return UserInResponse(user=UserWithToken(**user.dict(), token=token))
def test_retrieving_token_from_user(test_user: UserInDB) -> None: token = create_access_token_for_user(user=test_user, secret_key="secret") username = get_username_from_token(token, "secret") assert username == test_user.username
def test_creating_token_for_user(test_user: UserInDB) -> None: token = create_access_token_for_user(user=test_user, secret_key="secret") parsed_payload = jwt.decode(token, "secret", algorithms=[ALGORITHM]) assert parsed_payload["username"] == test_user.username
def token(test_user: UserInDB) -> str: from app.core.config import SECRET_KEY return jwt.create_access_token_for_user(test_user, SECRET_KEY)