async def login_for_access_token(
form_data: OAuth2PasswordRequestForm = Depends()):
"""
OAuth2 compatible token login, get an access token for future requests.
"""
db = get_default_db()
user = db.user.authenticate(username=form_data.username,
password=form_data.password)
if not user:
raise HTTPException(status_code=HTTP_401_UNAUTHORIZED,
detail="Incorrect email or password")
elif not db.user.is_active(user):
raise HTTPException(status_code=HTTP_401_UNAUTHORIZED,
detail="Inactive user")
access_token_expires = timedelta(
minutes=int(config['JWT']['ACCESS_TOKEN_EXPIRE_MINUTES']))
return {
"access_token":
create_access_token(data={
"sub": f"username:{user.username}",
"scopes": form_data.scopes
},
expires_delta=access_token_expires),
"token_type":
"bearer",
}
def login_access_token(
db: Session = Depends(get_db),
# *,
# body: dict,
# form_data: dict,
# form_data: OAuth2PasswordRequestForm = Depends()
):
log.debug("yeah")
log.debug(body)
"""
OAuth2 compatible token login, get an access token for future requests
"""
user = crud.user.authenticate(db,
email=form_data.username,
password=form_data.password)
if not user:
raise HTTPException(status_code=400,
detail="Incorrect email or password")
elif not crud.user.is_active(user):
raise HTTPException(status_code=400, detail="Inactive user")
access_token_expires = timedelta(
minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
return {
"access_token":
create_access_token(data={"user_id": users.id},
expires_delta=access_token_expires),
"token_type":
"bearer",
}
async def login(request: OAuth2PasswordRequestForm = Depends(),
db: AsyncIOMotorClient = Depends(get_database)):
dbuser = await get_user(db, request.username)
if not dbuser or not dbuser.check_password(request.password):
raise HTTPException(status_code=HTTP_400_BAD_REQUEST,
detail="Incorrect email or password")
access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
token = create_access_token(data={"username": dbuser.username},
expires_delta=access_token_expires)
return {"access_token": token, "token_type": "Bearer"}
async def register(user: UserInCreate = Body(..., embed=True),
db: AsyncIOMotorClient = Depends(get_database)):
await check_free_username_and_email(db, user.username, user.email)
async with await db.start_session() as s:
async with s.start_transaction():
dbuser = await create_user(db, user)
access_token_expires = timedelta(
minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
token = create_access_token(data={"username": dbuser.username},
expires_delta=access_token_expires)
return UserInResponse(user=User(**dbuser.dict(), token=token))
async def login(user: UserInLogin = Body(..., embed=True),
db: AsyncIOMotorClient = Depends(get_database)):
dbuser = await get_user_by_email(db, user.email)
print(str(dbuser._id))
print(dbuser.created_at)
if not dbuser or not dbuser.check_password(user.password):
raise HTTPException(status_code=HTTP_400_BAD_REQUEST,
detail="Incorrect email or password")
access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
token = create_access_token(data={"username": dbuser.username},
expires_delta=access_token_expires)
return UserInResponse(user=User(**dbuser.dict(), token=token))
async def login_user(form_data: OAuth2PasswordRequestForm = Depends()):
resp = {"access_token": "", "token_type": ""}
user = await find_user_by_username(form_data.username)
if not user:
raise HTTPException(status.HTTP_404_NOT_FOUND)
encoded_jwt, expire = create_access_token(data=TokenPayload(
user_id=str(user.get("id")), group=user.get("group")).dict())
added_token_in_db = await add_token_in_db(
user_id=user.get("id"), token=encoded_jwt.decode("utf-8"))
if encoded_jwt and expire and added_token_in_db:
resp.update(access_token=encoded_jwt.decode("utf-8"),
token_type="bearer")
return resp
def login(form_data: OAuth2PasswordRequestForm):
user_name = form_data.username
password = form_data.password
user_exists = find_user_by_user_name(user_name)
if not user_exists:
return {"detail": "User does not exists"}, 404
password_matched = verify_password(password, user_exists["password"])
if not password_matched:
return {"detail": "Incorrect credential combination"}, 401
encoded_jwt, expire = create_access_token(data=TokenPayload(
user_id=user_exists["id"]).dict())
return LoginResp(access_token=encoded_jwt.decode("utf-8"),
token_type="bearer"), 200
def create_user_access_token(db: Session = Depends(get_db), *, user: UserLogin):
user = crud.user.authenticate(
db, username=user.username, password=user.password
)
if not user or not crud.user.is_active(user):
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Incorrect user")
access_token_expires = timedelta(minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
access_token_result = {
"access_token": create_access_token(
data={"user_id": user.id}, expires_delta=access_token_expires
),
"token_type": "bearer",
"expires_in": access_token_expires.total_seconds()
}
return dict(result=access_token_result)
async def login(form_data: OAuth2PasswordRequestForm = Depends()):
"""
OAuth2 compatible token login, get an access token for future requests.
"""
db = await get_database()
user = await authenticate_user(db, form_data.username, form_data.password)
if not user:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Incorrect username or password",
headers={"WWW-Authenticate": "Bearer"},
)
access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
access_token = create_access_token(data={"username": user.username},
expires_delta=access_token_expires)
return {"access_token": access_token, "token_type": "bearer"}
async def refresh(request: Request, db: Session = Depends(get_db)):
refresh_token = request.headers.get('refresh-token')
print(refresh_token)
if refresh_token is None:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Incorrect username or password",
headers={"WWW-Authenticate": "Bearer"},
)
user = get_current_user_by_refresh_token(db_session=db,
token=refresh_token)
access_token = create_access_token(data={
"username": user.username,
"user_id": user.id
})
return {
"access_token": access_token,
"refresh_token": refresh_token,
"token_type": "bearer"
}
async def login_for_access_token(
form_data: OAuth2PasswordRequestForm = Depends()):
user = authenticate_user(fake_users_db, form_data.username,
form_data.password)
if not user:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Incorrect username or password",
headers={"WWW-Authenticate": "Bearer"},
)
access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
access_token = create_access_token(data={"sub": user.username},
expires_delta=access_token_expires)
return {"access_token": access_token, "token_type": "bearer"}
def dev_login_access_token(username: str = Form(...),
password: str = Form(...),
db: Session = Depends(get_db)):
"""
OAuth2 compatible token login, get an access token for future requests
"""
user = user_service.authenticate(db, email=username, password=password)
if not user:
return JSONResponse(
status_code=400,
content={"message": "Incorrect username or password"})
elif not user_service.is_active(user):
return JSONResponse(status_code=400,
content={"message": "Inactive user"})
access_token_expires = timedelta(
minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
return {
"access_token":
create_access_token(user=user, expires_delta=access_token_expires),
"token_type":
"bearer",
}
def get_token(db: Session = Depends(get_db),
form_data: OAuth2PasswordRequestForm = Depends()):
"""
OAuth2 compatible token login, get an access token for future requests
"""
user = crud.user.authenticate(db,
email=form_data.username,
password=form_data.password)
if not user:
raise HTTPException(status_code=400,
detail="Invalid email or password")
elif not user.is_active:
raise HTTPException(status_code=400, detail="Account Deactivated")
access_token_expires = timedelta(
minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
return {
"access_token":
create_access_token(data={"user_id": user.id},
expires_delta=access_token_expires),
"token_type":
"bearer",
}
async def resolve_login(_, info, **kwargs):
user = await find_user_by_email(kwargs["email"])
if not user:
return {"error": "User with that email not found"}
password_matched = verify_password(kwargs["password"], user["password"])
if not password_matched:
return {"error": "Incorrect credentials combination."}
encoded_jwt, expire = create_access_token(data={
"user_id": str(user["id"]),
"group": user["group"]
})
added_token_in_db = await add_token_in_db(
user_id=str(user["id"]), token=encoded_jwt.decode("utf-8"))
return {
"token": {
"access_token": encoded_jwt.decode("utf-8"),
"token_type": "bearer"
}
}
async def login(form_data: OAuth2PasswordRequestForm = Depends(),
db: Session = Depends(get_db)):
user = services.user.check_password(db, form_data.username,
form_data.password)
if not user:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Incorrect username or password",
headers={"WWW-Authenticate": "Bearer"},
)
access_token = create_access_token(data={
"username": user.username,
"user_id": user.id
})
refresh_token = create_refresh_token(data={
"username": user.username,
"user_id": user.id
})
return {
"access_token": access_token,
"refresh_token": refresh_token,
"token_type": "bearer"
}
def auth_by_vk(vk_access_token_settings: Optional[str],
vk_app_id: Optional[int],
vk_are_notifications_enabled: Optional[int],
vk_is_app_user: Optional[int],
vk_is_favorite: Optional[int],
vk_language: Optional[str],
vk_platform: Optional[str],
vk_ref: Optional[str],
vk_user_id: Optional[int],
sign: Optional[str],
request: Request,
referrer_id: Optional[int] = None,
db: Session = Depends(get_db)):
"""
Authenticate user from vk app.
"""
query = dict(parse_qsl(request.url.query, keep_blank_values=True))
is_secret_valid = is_vk_sign_valid(query=query,
secret=config.VK_APP_SECRET)
if not is_secret_valid:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Vk sign is invalid",
headers={"WWW-Authenticate": "Bearer"},
)
vk_id = request.query_params.get('vk_user_id')
vk_user = services.vk_service.get_user_by_id(vk_id)
if vk_user is None:
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND,
detail="Vk user id is invalid",
)
username = request.query_params.get('username') or vk_id
user = services.user.get_by_username(db, username)
if user is None:
user_to_create: UserCreate = UserCreate(
username=vk_id,
first_name=vk_user['first_name'],
last_name=vk_user['last_name'],
is_admin=False,
vk_id=vk_id,
avatar_url=vk_user['photo_50'],
password=random_string())
user = services.user.create_user(db, user_to_create)
access_token = create_access_token(data={
"username": user.username,
"user_id": user.id
})
refresh_token = create_refresh_token(data={
"username": user.username,
"user_id": user.id
})
return {
"access_token": access_token,
"refresh_token": refresh_token,
"token_type": "bearer",
}
def test_create_access_token():
access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
access_token = create_access_token(data={"username": str("john")},
expires_delta=access_token_expires)
assert access_token is not None
