from fastapi import Depends, HTTPException, status from fastapi.security import OAuth2PasswordBearer from app.token import verify_token oauth2_scheme = OAuth2PasswordBearer(tokenUrl='auth/login') async def get_current_user(token: str = Depends(oauth2_scheme)): credentials_exception = HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Could not validate credentials", headers={"WWW-Authenticate": "Bearer"}, ) return verify_token(token, credentials_exception)
from pymongo.errors import DuplicateKeyError from klaud.models.user import User, UserInDB from klaud.settings import settings from klaud.utils import passwords from .models import AuthObject, Token, UpdateForm from .scopes import Scopes ALGORITHM = 'HS256' oauth2_scheme = OAuth2PasswordBearer( tokenUrl="/_token", scopes={ 'master': 'master priviliges on token (avaliable only for master account)', 'manage': 'manage current account', 'read': 'read data', 'write': 'write data' } ) router = APIRouter() credentials_exception = HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail='Invalid credentials', headers={'WWW-Authenticate': 'Bearer'}, ) async def init(): master = UserInDB( uid='',
"""Основные функции используемые для валидации пользователей и хэширования паролей""" import hashlib from fastapi import Depends, HTTPException, status from fastapi.security import OAuth2PasswordBearer from loguru import logger from core.config import database logger.add("log/password.log") oauth2_scheme = OAuth2PasswordBearer(tokenUrl="login") async def get_user_by_token(token: str = Depends(oauth2_scheme)): """ Возвращает пользователя, если такой токен существует, иначе возникает ошибка авторизации """ if not (user := await database.get_by_token(token)): raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="No such session exist", headers={"WWW-Authenticate": "Bearer"}, ) return user def hash_password(password: str): """Хэширует переданный пароль""" hashed_password = hashlib.sha256(password.encode('utf-8')).hexdigest()
from schemas.user_schema import ( SignUp, UserInDB, UserSchema, UserResponseResetPassword ) from ext.database import get_session from schemas.order_schema import CheckoutSchema from models.users import User, Address, UserResetPassword from models.role import Role from constants import DocumentType, Roles pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto") oauth2_scheme = OAuth2PasswordBearer(tokenUrl="access_token") class COUNTRY_CODE(enum.Enum): brazil = "brazil" def create_user(db: Session, obj_in: SignUp): try: logger.info(obj_in) logger.debug(Roles.USER.value) db_user = User( name=obj_in.name, document_type=DocumentType.CPF.value, document=obj_in.username,
from typing import List import jwt from starlette.requests import Request from fastapi import HTTPException, Security, Depends from fastapi.security import OAuth2PasswordBearer from passlib.context import CryptContext from bountydns.core import logger, abort from bountydns.core.token import TokenPayload from bountydns.core.user import UserRepo from bountydns.core.black_listed_token import BlackListedTokenRepo from bountydns.db.models.user import User DEFAULT_TOKEN_URL = "/api/v1/auth/token" oauth2 = OAuth2PasswordBearer(tokenUrl=DEFAULT_TOKEN_URL) context = CryptContext(schemes=["bcrypt"], deprecated="auto") def verify_password(plain_password: str, hashed_password: str): return context.verify(plain_password, hashed_password) def hash_password(password: str): return context.hash(password) def create_bearer_token(*, data: dict, expires_delta: timedelta = None,
from fastapi.security import OAuth2PasswordBearer from jwt import PyJWTError from passlib.context import CryptContext from sqlalchemy.orm import Session from starlette import status import models from database import get_db from schemas.auth_schemas import TokenData, User, UserInDB, UserRegister SECRET_KEY = "09d25e094faa6ca2556c818166b7a9563b93f7099f6f0f4caa6cf63b88e8d3e7" ALGORITHM = "HS256" ACCESS_TOKEN_EXPIRE_MINUTES = 1440 pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto") oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/auth/token") def verify_password(plain_password, hashed_password): return pwd_context.verify(plain_password, hashed_password) def get_password_hash(password): return pwd_context.hash(password) async def get_user(db: Session, username: str) -> UserInDB: db_user: UserInDB = db.query( models.User).filter(models.User.username == username).first() if db_user is not None: return db_user
from freqtrade.rpc.api_server.api_schemas import AccessAndRefreshToken, AccessToken from freqtrade.rpc.api_server.deps import get_api_config ALGORITHM = "HS256" router_login = APIRouter() def verify_auth(api_config, username: str, password: str): """Verify username/password""" return (secrets.compare_digest(username, api_config.get('username')) and secrets.compare_digest(password, api_config.get('password'))) httpbasic = HTTPBasic(auto_error=False) oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token", auto_error=False) def get_user_from_token(token, secret_key: str, token_type: str = "access"): credentials_exception = HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Could not validate credentials", headers={"WWW-Authenticate": "Bearer"}, ) try: payload = jwt.decode(token, secret_key, algorithms=[ALGORITHM]) username: str = payload.get("identity", {}).get('u') if username is None: raise credentials_exception if payload.get("type") != token_type: raise credentials_exception
# -*- coding: utf-8 -*- from datetime import timedelta, datetime from typing import Optional from fastapi import APIRouter, Depends, HTTPException, status from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm from jose.constants import ALGORITHMS from pydantic import BaseModel app06 = APIRouter() oauth2 = OAuth2PasswordBearer(tokenUrl='/chapter06/token') @app06.get('/index') def index(token: str = Depends(oauth2)): return {'token': token} user_db = { 'user1': { 'username': '******', # 123456 'hashed_password': '******', 'disabled': False }, 'user2': { 'username': '******', 'hashed_password': '******', 'disabled': True
import jwt from fastapi import Depends, HTTPException, Security from fastapi.security import OAuth2PasswordBearer from jwt import PyJWTError from sqlalchemy.orm import Session from starlette.status import HTTP_403_FORBIDDEN import crud from api.utils.db import get_db from core import config from core.jwt import ALGORITHM from models.user import User from schema.token import TokenPayload reusable_oauth2 = OAuth2PasswordBearer(tokenUrl="/api/v1/token") def get_current_user(db: Session = Depends(get_db), token: str = Security(reusable_oauth2)): try: payload = jwt.decode(token, config.SECRET_KEY, algorithms=[ALGORITHM]) token_data = TokenPayload(**payload) except PyJWTError: raise HTTPException(status_code=HTTP_403_FORBIDDEN, detail="Could not validate credentials") user = crud.user.get(db, user_id=token_data.user_id) if not user: raise HTTPException(status_code=404, detail="User not found") return user
def __init__(self, name: str = "mock"): super().__init__(name, logout=True) self.scheme = OAuth2PasswordBearer("/login", auto_error=False)
from fastapi import Depends from fastapi.security import OAuth2PasswordBearer from final_project.config import tokens_settings from final_project.data_access_layer.users import UsersDataAccessLayer from final_project.database.database import create_session, run_in_threadpool from final_project.database.models import User from final_project.exceptions import DALError from final_project.messages import Message from final_project.models import OutUser, TokensResponse, UserWithTokens from final_project.password import get_password_hash from jwt import PyJWTError SECRET_KEY = '123' ALGORITHM = 'HS256' TOKEN_TYPE = 'bearer' oauth_scheme = OAuth2PasswordBearer(tokenUrl='/auth/token') async def _get_user_from_db(user_id: int) -> UserWithTokens: user = await UsersDataAccessLayer.get_user(user_id, without_error=True, need_tokens=True) if not user: raise DALError(HTTPStatus.UNAUTHORIZED.value, Message.USER_DOES_NOT_EXISTS.value) return user # type: ignore def _get_user_id(token: str) -> int: try: payload: Dict[str, Any] = jwt.decode(token,
from typing import Generator from sqlalchemy.orm import Session from app.schemas import token as schemas from app.models import users as models from app.cruds import users as cruds from fastapi import Depends, HTTPException, status from fastapi.security import OAuth2PasswordBearer from jose import jwt from pydantic import ValidationError from app.core.settings import get_settings from app.core.db.session import SessionLocal, SessionGlobal reusable_oauth2 = OAuth2PasswordBearer( tokenUrl=f"{get_settings().API_HOST}/login/access-token") def get_db_local() -> Generator: try: db = SessionLocal() yield db finally: db.close() def get_db_global() -> Generator: try: db = SessionGlobal() yield db finally:
from jose import jwt, JWTError from passlib.context import CryptContext from starlette import status from app.app import inital_data from app.app.backend.exceptions import ObjectNotFound from app.app.backend.user import get_user_info logging.basicConfig(level=logging.INFO) log = logging.getLogger(__name__) pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto") ALGORITHM = inital_data.config['security']['ALGORITHM'] oauth2_scheme = OAuth2PasswordBearer(tokenUrl="login", scopes={ "user": "******", "developer": "Application developer" }) SECRET_KEY = inital_data.config['security']['SECRET_KEY'] ACCESS_TOKEN_EXPIRE_MINUTES = 3000 # async def decode_token(security_scopes: SecurityScopes, token: str = Depends(oauth2_scheme)): async def decode_token(token: str = Depends(oauth2_scheme)): # if security_scopes.scopes # log.info(token) credentials_exception = HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Could not validate credentials", headers={"WWW-Authenticate": "Bearer"}, )
from fastapi import Depends, HTTPException, status, Security from fastapi.security import OAuth2PasswordBearer from jose import jwt, JWTError from pydantic import ValidationError from sqlalchemy.orm import Session from fastapi.security import ( OAuth2PasswordBearer, SecurityScopes, ) from crud import crud_user import schemas from core.config import settings from db.database import SessionLocal from core.role import scope oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/login/token", scopes=scope.SCOPES) def get_db() -> Generator: try: db = SessionLocal() yield db finally: db.close() async def get_current_user(security_scopes: SecurityScopes, token: str = Depends(oauth2_scheme), db: Session = Depends(get_db)): if security_scopes.scopes: authenticate_value = f'Bearer scope="{security_scopes.scope_str}"'
from passlib.context import CryptContext from models.jwt_user import JWTUser from datetime import datetime, timedelta from utils.const import JWT_EXPIRATION_TIME_MINUTES, JWT_SECRET_KEY, JWT_ALGORITHM import jwt import time from fastapi import Depends, HTTPException from fastapi.security import OAuth2PasswordBearer from starlette.status import HTTP_401_UNAUTHORIZED pwd_context = CryptContext(schemes=['bcrypt']) oauth_schema = OAuth2PasswordBearer(tokenUrl='/token') jwt_user1 = { "username": '******', 'password': '******', 'disabled': False, 'role': 'admin' } fake_jwt_user1 = JWTUser(**jwt_user1) def get_hashed_password(password: str): return pwd_context.hash(password) def verify_password(plain_password, hashed_password): return pwd_context.verify(plain_password, hashed_password) # Authenticate username and password to give JWT token def authenticate_user(user: JWTUser):
from fastapi import Depends, HTTPException, Security from fastapi.security import OAuth2PasswordBearer from jwt import PyJWTError, ExpiredSignatureError from starlette.status import HTTP_403_FORBIDDEN, HTTP_401_UNAUTHORIZED, HTTP_400_BAD_REQUEST, HTTP_404_NOT_FOUND from starlette.requests import Request from app import crud from app.core import config from app.core.jwt import ALGORITHM from app.fields.token import TokenPayload from app.fields.user import User from app.mongodb_models.user import User as DBUser from app.core.casbin_auth import join_tags from app.core.permission import enforcer reusable_oauth2 = OAuth2PasswordBearer(tokenUrl="/api/v1/login/access-token") def get_current_user( request: Request, token: str = Security(reusable_oauth2)) -> Optional[User]: try: payload = jwt.decode(token, config.SECRET_KEY, algorithms=[ALGORITHM]) token_data = TokenPayload(**payload) except ExpiredSignatureError: raise HTTPException(status_code=HTTP_401_UNAUTHORIZED, detail="Expired token") except PyJWTError as e: print(e) raise HTTPException(status_code=HTTP_401_UNAUTHORIZED, detail="Could not validate credentials")
from fastapi.security import OAuth2PasswordBearer from models import User from pydantic import BaseModel # Shared variables JWT_SECRET = '391e1f0185495a70caef9d3693ef115a' OAUTH2_SCHEME = OAuth2PasswordBearer(tokenUrl='/auth/login') ALLOWED_ROLES = ["admin"] class Status(BaseModel): """BaseModel class to print messages""" detail: str
from passlib.context import CryptContext import jwt from jwt import PyJWTError from fastapi import HTTPException, Security from fastapi.security import OAuth2PasswordBearer from starlette.status import HTTP_403_FORBIDDEN from api.utils.jwt import ALGORITHM from api.models.token import TokenPayload from config.config import ServiceConfig, UserSettings from api.constants.constants import WalletPermission pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto") reusable_oauth2 = OAuth2PasswordBearer(tokenUrl="/api/auth/login") def user_authenticate(username: str, password: str) -> Optional[UserSettings]: config = ServiceConfig() for user in config.users: if user.username != username: continue logging.info(f'trying to match {get_password_hash(password)}') if not verify_password(password, user.password_hash.get_secret_value()): continue return user
from typing import Optional from fastapi import Depends, FastAPI from fastapi.security import OAuth2PasswordBearer from pydantic import BaseModel import uvicorn app = FastAPI() oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token") @app.get("/items/") async def read_items(token: str = Depends(oauth2_scheme)): return {"token": token} app = FastAPI() oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token") class User(BaseModel): username: str email: Optional[str] = None full_name: Optional[str] = None disabled: Optional[bool] = None def fake_decode_token(token): return User(
from db_interactions import get_topic, get_thread, get_user_by_name, get_user_by_token from db_interactions import user_exists, add_user, init_db, set_user_token, thread_exists from db_interactions import add_post, post_belongs_to_user, remove_post from db_interactions import topic_exists, add_topic, add_thread from db_interactions import topic_belongs_to_user, thread_belongs_to_user from db_interactions import remove_topic, remove_thread, change_user_password from utils import password_is_good, check_password from schema import TopicResponse, ThreadResponse, User, TokenResponse, Error from sqlalchemy.orm import Session init_db() app = FastAPI() oauth2_schema = OAuth2PasswordBearer(tokenUrl='/api/authenticate') def get_db(): db = DBSession() try: yield db finally: db.close() def require_user(token: str = Depends(oauth2_schema), db: Session = Depends(get_db)): user = get_user_by_token(db, token) if user is None: raise HTTPException(status_code=401, detail='Invalid token') return user
# Database configuration DB = { 'auth': { 'username': '******', 'password': '******' }, 'connection': { 'schema': 'mongodb+srv', 'host': 'cluster0-ind5n.mongodb.net', 'path': 'test?retryWrites=true&w=majority' } } CONNECTION_STRING = '{schema}://{username}:{password}@{host}/{path}'.format( **DB['auth'], **DB['connection']) database = MongoClient(CONNECTION_STRING).portfolio # Auth configuration SECRET_KEY = "09d25e094faa6ca2556c818166b7a9563b93f7099f6f0f4caa6cf63b88e8d3e7" ALGORITHM = "HS256" ACCESS_TOKEN_EXPIRE_MINUTES = 30 oauth2_scheme = OAuth2PasswordBearer(tokenUrl='/sessions') password_context = CryptContext(schemes=['bcrypt'], deprecated='auto') CORS_ORIGINS = ('http://localhost:3000', )
class User(BaseModel): username: str email: Optional[str] = None full_name: Optional[str] = None disabled: Optional[bool] = None class UserInDB(User): hashed_password: str pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto") oauth2_scheme = OAuth2PasswordBearer(tokenUrl="http://localhost:9090/login", scopes={ "me": "description", "items": "description" }) app = FastAPI() def verify_password(plain_password, hashed_password): return pwd_context.verify(plain_password, hashed_password) def get_password_hash(password): return pwd_context.hash(password) def get_user(db, username: str):
from fastapi import Depends from fastapi import APIRouter, Request from fastapi.responses import HTMLResponse from pony.orm import db_session from app.utils.pydantic_security import * from app.settings.config import cfg from app.dependencies import * from app.db import models as m from app.utils.utils_of_security import generate_security, basic_login, scopes_to_db from app.utils.jinja2_utils import _roles_to_home_urls SECRET_KEY = cfg.get('keys', "direction_expert") ACCESS_TOKEN_TIME = int(cfg.get('keys', "direction_expert_time")) token_path = "direction_expert_token" direction_expert_oauth2_scheme = OAuth2PasswordBearer(tokenUrl=token_path) [ get_direction_expert, authenticate_direction_expert, get_current_direction_expert, create_direction_expert_access_token ] = generate_security(m.DirectionExpert) direction_expert = APIRouter( tags=["direction_expert"], responses={404: { "description": "Not found" }}, # dependencies=[Depends(open_db_session)] ) @direction_expert.post("/" + token_path, response_model=Token)
from fastapi import Depends, HTTPException from fastapi.security import OAuth2PasswordBearer from jwt import PyJWTError from passlib.context import CryptContext from sqlalchemy.orm import Session from starlette import status from starlette.requests import Request from starlette.responses import Response import const import models import schemas from database import SessionLocal import db.user oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/v1/login", auto_error=False) pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto") def get_password_hash(password): return pwd_context.hash(password) def verify_password(plain_password, hashed_password): return pwd_context.verify(plain_password, hashed_password) async def db_session_middleware(request: Request, call_next): response = Response("Internal server error (Database error)", status_code=500) try:
from typing import Generator from fastapi import Depends, HTTPException, status from fastapi.security import OAuth2PasswordBearer from jose import jwt from pydantic import ValidationError from sqlalchemy.orm import Session from app import crud, models, schemas from app.core import security from app.core.config import settings from app.db.session import SessionLocal reusable_oauth2 = OAuth2PasswordBearer( tokenUrl=f"{settings.API_V1_STR}/login/access-token") def get_db() -> Generator: try: db = SessionLocal() yield db finally: db.close() def get_current_client(db: Session = Depends(get_db), token: str = Depends(reusable_oauth2)) -> models.Client: try: payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[security.ALGORITHM])
from sqlalchemy.orm import Session from app.middlewares.deps import get_db from app.schemas.user_schema import User from app.schemas.token_schema import TokenData from app.utils.hash import verify_hassing from app.usecases.user_service import UserService # to get a string like this run: # openssl rand -hex 32 SECRET_KEY = settings.SECRET_KEY ALGORITHM = "HS256" ACCESS_TOKEN_EXPIRE_MINUTES = settings.ACCESS_TOKEN_EXPIRE_MINUTES pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto") oauth2_scheme = OAuth2PasswordBearer(tokenUrl=settings.API_PREFIX + "/users/token") def authenticate_user(db, email: str, password: str): user = UserService.read_by_email(db, email) if not user: return False if not verify_hassing(password, user.hashed_password): return False return user def create_access_token(data: dict, expires_delta: Optional[timedelta] = None): to_encode = data.copy() expire = datetime.utcnow() + expires_delta to_encode.update({"exp": expire})
class User(BaseModel): username: str email: str = None full_name: str = None disabled: bool = None class UserInDB(User): hashed_password: str pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto") oauth2_scheme = OAuth2PasswordBearer( tokenUrl="/token", scopes={"me": "Read information about the current user.", "items": "Read items."}, ) app = FastAPI() def verify_password(plain_password, hashed_password): return pwd_context.verify(plain_password, hashed_password) def get_password_hash(password): return pwd_context.hash(password) def get_user(db, username: str): if username in db:
from api.config.configuration import AUTH_KEYCLOAK, AUTH_REALM, AUTH_CLIENT_ID, AUTH_SECRET, AUTH_USER_API from api.models.pydantic.utilisateur_connecte import UtilisateurConnecte from api.models.pydantic.utilisateur_inscription import UtilisateurInscription from api.models.tortoise.utilisateur import Utilisateur from api.models.tortoise.utilisateur_droits import UtilisateurDroits_Pydantic, UtilisateurDroits router = APIRouter(prefix='/v2/auth') token_endpoint = f'{AUTH_KEYCLOAK}/auth/realms/{AUTH_REALM}/protocol/openid-connect/token' auth_endpoint = f'{AUTH_KEYCLOAK}/auth/realms/{AUTH_REALM}/protocol/openid-connect/auth' certs_endpoint = f'{AUTH_KEYCLOAK}/auth/realms/{AUTH_REALM}/protocol/openid-connect/certs' userinfo_endpoint = f'{AUTH_KEYCLOAK}/auth/realms/{AUTH_REALM}/protocol/openid-connect/userinfo' users_endpoint = f'{AUTH_USER_API}/api/users' count_endpoint = f'{AUTH_USER_API}/api/supervision/count' oauth2_scheme = OAuth2PasswordBearer(tokenUrl=token_endpoint) verified_token_cache = deque( maxlen=1000) # cache verified tokens to limit calls to ADEME keycloak async def get_user_from_header(token: str = Depends( oauth2_scheme)) -> UtilisateurConnecte: """Retrieve user info from the token.""" if AUTH_DISABLED_DUMMY_USER: return UtilisateurConnecte(ademe_user_id='dummy', prenom='Dummy', nom='Territoires en Transitions', email='*****@*****.**', access_token=token, refresh_token='')
from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm from jose import JWTError, jwt from passlib.context import CryptContext pwd_context = CryptContext(schemes=['bcrypt'], deprecated='auto') oauth2_scheme = OAuth2PasswordBearer(tokenUrl='token')
from fastapi import Depends, HTTPException, status from fastapi.security import OAuth2PasswordBearer, SecurityScopes from jose import JWTError, jwt from pydantic import ValidationError from app.api import crud from app.db import accesses, users, devices import app.config as cfg from app.api.schemas import AccessRead, TokenPayload, DeviceOut, UserRead # Scope definition reusable_oauth2 = OAuth2PasswordBearer( tokenUrl="login/access-token", scopes={ "me": "Read information about the current user.", "admin": "Admin rights on all routes.", "device": "Send heartbeat signal and media to the API for only one device" } ) def unauthorized_exception(detail: str, authenticate_value: str) -> HTTPException: return HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail=detail, headers={"WWW-Authenticate": authenticate_value}, ) async def get_current_access(security_scopes: SecurityScopes, token: str = Depends(reusable_oauth2)) -> AccessRead: """ Dependency to use as fastapi.security.Security with scopes.