async def login(
user_login: UserInLogin = Body(..., embed=True, alias="user"),
users_repo: UsersRepository = Depends(get_repository(UsersRepository)),
) -> UserInResponse:
wrong_login_error = HTTPException(
status_code=HTTP_400_BAD_REQUEST, detail=strings.INCORRECT_LOGIN_INPUT
)
try:
user = await users_repo.get_user_by_email(email=user_login.email)
except EntityDoesNotExist as existence_error:
raise wrong_login_error from existence_error
if not user.check_password(user_login.password):
raise wrong_login_error
token = jwt.create_access_token_for_user(user, str(config.SECRET_KEY))
return UserInResponse(
user=UserWithToken(
username=user.username,
email=user.email,
bio=user.bio,
image=user.image,
token=token,
)
)
async def register(
user_create: UserInCreate = Body(..., embed=True, alias="user"),
users_repo: UsersRepository = Depends(get_repository(UsersRepository)),
) -> UserInResponse:
if await check_username_is_taken(users_repo, user_create.username):
raise HTTPException(
status_code=HTTP_400_BAD_REQUEST, detail=strings.USERNAME_TAKEN
)
if await check_email_is_taken(users_repo, user_create.email):
raise HTTPException(
status_code=HTTP_400_BAD_REQUEST, detail=strings.EMAIL_TAKEN
)
user = await users_repo.create_user(**user_create.dict())
token = jwt.create_access_token_for_user(user, str(config.SECRET_KEY))
return UserInResponse(
user=UserWithToken(
username=user.username,
email=user.email,
bio=user.bio,
image=user.image,
token=token,
)
)
async def update_current_user(
user_update: UserInUpdate = Body(..., embed=True, alias="user"),
current_user: User = Depends(get_current_user_authorizer()),
users_repo: UsersRepository = Depends(get_repository(UsersRepository)),
) -> UserInResponse:
if user_update.name and user_update.name != current_user.name:
if await check_username_is_taken(users_repo, user_update.name):
raise HTTPException(
status_code=HTTP_400_BAD_REQUEST,
detail=strings.USERNAME_TAKEN,
)
if user_update.email and user_update.email != current_user.email:
if await check_email_is_taken(users_repo, user_update.email):
raise HTTPException(
status_code=HTTP_400_BAD_REQUEST,
detail=strings.EMAIL_TAKEN,
)
user = await users_repo.update_user(user=current_user,
**user_update.dict())
token = jwt.create_access_token_for_user(user, str(config.SECRET_KEY))
return UserInResponse(user=UserWithToken(
name=user.name,
email=user.email,
bio=user.bio,
image=user.image,
token=token,
), )
async def test_unable_to_login_when_user_does_not_exist_any_more(
app: FastAPI, client: Client, authorization_prefix: str) -> None:
token = create_access_token_for_user(
User(username="******", email="*****@*****.**"), "secret")
response = await client.get(
app.url_path_for("users:get-current-user"),
headers={"Authorization": f"{authorization_prefix} {token}"},
)
assert response.status_code == HTTP_403_FORBIDDEN
async def retrieve_current_user(
user: User = Depends(get_current_user_authorizer()),
) -> UserInResponse:
token = jwt.create_access_token_for_user(user, str(config.SECRET_KEY))
return UserInResponse(user=UserWithToken(
name=user.name,
email=user.email,
bio=user.bio,
image=user.image,
token=token,
), )
async def retrieve_current_user(
user: User = Depends(get_current_user_authorizer()),
settings: AppSettings = Depends(get_app_settings),
) -> UserInResponse:
token = jwt.create_access_token_for_user(
user,
str(settings.secret_key.get_secret_value()),
)
return UserInResponse(user=UserWithToken(
username=user.username,
email=user.email,
bio=user.bio,
image=user.image,
token=token,
), )
def token(test_user: UserInDB) -> str:
return jwt.create_access_token_for_user(test_user, environ["SECRET_KEY"])
async def retrieve_current_user(user: User = Depends(
get_current_user_authorizer())) -> UserInResponse:
token = jwt.create_access_token_for_user(user, str(config.SECRET_KEY))
return UserInResponse(user=UserWithToken(**user.dict(), token=token))
def test_retrieving_token_from_user(test_user: UserInDB) -> None:
token = create_access_token_for_user(user=test_user, secret_key="secret")
username = get_username_from_token(token, "secret")
assert username == test_user.username
def test_creating_token_for_user(test_user: UserInDB) -> None:
token = create_access_token_for_user(user=test_user, secret_key="secret")
parsed_payload = jwt.decode(token, "secret", algorithms=[ALGORITHM])
assert parsed_payload["username"] == test_user.username
def token(test_user: UserInDB) -> str:
from app.core.config import SECRET_KEY
return jwt.create_access_token_for_user(test_user, SECRET_KEY)
