async def login( form_data: OAuth2PasswordRequestForm = Depends(), ) -> Dict[str, Union[str, bytes]]: db_user = await authenticate_user( username=form_data.username, password=form_data.password, ) if not db_user: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail='Неверное имя пользователя или пароль', ) if not db_user['is_active']: raise HTTPException( status_code=status.HTTP_409_CONFLICT, detail='Учётная запись не подтверждена', ) if db_user['is_banned']: raise HTTPException( status_code=status.HTTP_410_GONE, detail='Учётная запись заблокирована', ) access_token = create_access_token(data={'sub': db_user['username']}) return {'access_token': access_token, 'token_type': 'bearer'}
async def refresh_route(refresh_token: str): refresh_tokens = redis.lrange('refresh_tokens', 0, redis.llen('refresh_tokens')) if refresh_token.encode('utf-8') not in refresh_tokens: print('NOT IN CACHE') raise HTTPException(status_code=401, detail='Invalid Refresh Token') try: refresh_data = jwt.decode(refresh_token, SECRET_KEY, algorithms=[ALGORITHM]) except jwt.exceptions.InvalidTokenError as e: if isinstance(e, jwt.exceptions.ExpiredSignatureError): raise HTTPException(status_code=401, detail='Refresh Token is expired') else: raise HTTPException(status_code=401, detail='Refresh Token is invalid') user = db.query(User).filter(User.id == refresh_data['userid']).first() access_token_data = { "user": { "id": user.id, "username": user.username, "admin": user.admin } } access_token = create_access_token(access_token_data) return {"access_token": access_token, "token_type": "bearer"}
def test_create_access_token_with_default_expiration(): """Check whether token expiration date is created with default timedelta""" data = {'sub': 'some_username'} secret_key = 'notsosecret' with patch('app.auth.SECRET_KEY', secret_key): token = create_access_token(data) decoded = jwt.decode(token, secret_key, algorithms=[ALGORITHM]) assert decoded['sub'] == data['sub'] assert decoded['exp'] == (date + timedelta(minutes=15)).timestamp()
def test_create_access_token_with_expiration(): """Check whether token expiration date considers passed timedelta""" data = {'sub': 'some_username'} delta = timedelta(days=1) secret_key = 'notsosecret' with patch('app.auth.SECRET_KEY', secret_key): token = create_access_token(data, delta) decoded = jwt.decode(token, secret_key, algorithms=[ALGORITHM]) assert decoded['sub'] == data['sub'] assert decoded['exp'] == (date + delta).timestamp()
async def login_for_access_token( form_data: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(get_db)): user = auth.authenticate_user(db, form_data.username, form_data.password) if not user: raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Incorrect username or password", headers={"WWW-Authenticate": "Bearer"}, ) access_token_expires = timedelta(minutes=auth.ACCESS_TOKEN_EXPIRE_MINUTES) access_token = auth.create_access_token(data={"sub": user.username}, expires_delta=access_token_expires) return {"access_token": access_token, "token_type": "bearer"}
async def login(db: Session = Depends(deps.get_db), form_data: OAuth2PasswordRequestForm = Depends()) -> Any: user = authenticate(email=form_data.username, password=form_data.password, db=db) if not user: raise HTTPException(status_code=400, detail="Incorrect username or password") user_jwt_payload = get_user_jwt_payload(user) return { "access_token": create_access_token(user.id, user_jwt_payload), "token_type": "bearer", }
async def token_route(username: str, password: str): user = db.query(User).filter(User.username == username).first() if not user: raise HTTPException(status_code=401, detail='Incorrect username or password') if not pwd_context.verify(password, user.password): raise HTTPException(status_code=401, detail='Incorrect username or password') access_token_data = { "user": { "id": user.id, "username": user.username, "admin": user.admin } } access_token = create_access_token(access_token_data) refresh_token = create_access_token({'userid': user.id}, timedelta(minutes=60 * 24)) redis.lpush('refresh_tokens', refresh_token) return { "access_token": access_token, "token_type": "bearer", "refresh_token": refresh_token }
async def login(form_data: LoginSchema): user = await UserModel.query.where(UserModel.email == form_data.email ).gino.first() if not user: raise HTTPException(status_code=400, detail="Incorrect username or password") if not verify_password(form_data.password, user.password_hash): raise HTTPException(status_code=400, detail="Incorrect username or password") access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES) access_token = create_access_token(data={"user_id": user.id}, expires_delta=access_token_expires) return {"access_token": access_token, "token_type": "bearer"}
def login(db=Depends(get_db), form_data: OAuth2PasswordRequestForm = Depends()): user = authenticate_user(db, email=form_data.username, password=form_data.password) if not user: raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail='Incorrect username or password', headers={'Authenticate': 'Bearer'}) access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRES_MINUTES) access_token = create_access_token(data={'sub': user.email}, expires_delta=access_token_expires) return {'access_token': access_token, 'token_type': 'bearer'}
async def login_for_access_token( form_data: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(get_db)): """ Authentication. :param form_data: Form Data {login, password} :param db: db Session :return: Token object """ user = authenticate_user(db, form_data.username, form_data.password) if not user: raise HTTPException( status_code=401, detail="Incorrect username or password", headers={"WWW-Authenticate": "Bearer"}, ) access_token = create_access_token(data={"sub": user.nickname}) return {"access_token": access_token, "token_type": "bearer"}
def login(db: Session = Depends(dependencies.get_db), form_data: OAuth2PasswordRequestForm = Depends()) -> Any: """ OAuth2 compatible token login, get an access token for future requests """ user = models.User.authenticate_user(db, email=form_data.username, password=form_data.password) if not user: raise HTTPException(status_code=400, detail="Incorrect email or password") access_token_expires = timedelta( minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES) access_token = auth.create_access_token(data={ "sub": str(user.id), "email": user.email }, expires_delta=access_token_expires) return { "access_token": access_token, "token_type": "Bearer", }
def create_auth_header(username: str) -> Dict[str, str]: token = create_access_token(data={'sub': username}) return {'Authorization': f'Bearer {token}'}