async def create_recipe(recipe_data: RecipeCreateSchema,
cur_user=Depends(get_current_user),
db=Depends(get_db)):
"""Создание нового рецепта;
"""
if not cur_user.is_active:
raise exceptions.HTTPException(status_code=403)
recipe = RecipeService(db).create(recipe_data, cur_user)
return recipe
async def update_recipe(recipe_id: int,
recipe_data: RecipeUpdateSchema,
cur_user=Depends(get_current_user),
db=Depends(get_db)):
"""Изменение своих рецептов
"""
recipe = RecipeService(db).get(recipe_id)
if recipe.author_id != cur_user.id:
raise exceptions.HTTPException(status_code=403)
RecipeService(db).update(recipe, recipe_data)
return recipe
def get_user(id: int):
"""
Returns user if found
:param id:
:return:
"""
try:
user = USERS[id]
except KeyError:
raise exceptions.HTTPException(404, f"user {id} not found")
return user.dict()
async def login_for_access_token(
form_data: OAuth2PasswordRequestForm = Depends(), db=Depends(get_db)):
"""For support doc-view authorization"""
user = authenticate_user(db, form_data.username, form_data.password)
if not user:
raise exceptions.HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Incorrect username or password",
headers={"WWW-Authenticate": "Bearer"},
)
access_token = create_access_token(UserTokenData(sub=user.username).dict())
return {"access_token": access_token, "token_type": "bearer"}
async def obtain_token(
credentials: UserAuthCredentialsSchema, db=Depends(get_db)
) -> ResponseWithToken:
"""
Get access token by credentials
"""
user = authenticate_user(db, **credentials.dict())
if not user:
raise exceptions.HTTPException(status_code=status.HTTP_400_BAD_REQUEST,
detail="Incorrect username or password")
token = create_access_token(UserTokenData(sub=user.username).dict())
return ResponseWithToken(token=token)
async def add_recipe_to_favorites(recipe_id: int,
cur_user=Depends(get_current_user),
db=Depends(get_db)):
"""Добавление рецепта в избранное пользователя;
"""
recipe = RecipeService(db).get(recipe_id)
if recipe is None:
raise exceptions.HTTPException(status_code=404,
detail="Recipe not found")
result = RecipeService(db).add_to_user_favorites(user=cur_user,
recipe=recipe)
return result
def get_current_user(token: str = Header(...),
description="user auth token (user_id") -> User:
if token not in USER_BY_TOKEN:
raise exceptions.HTTPException(404, f"user token {token!r} not found")
user = USER_BY_TOKEN[token]
return user
from fastapi import exceptions, status, Depends
from fastapi.security import OAuth2PasswordBearer
from db import get_db
from auth.backend import get_payload
from auth.services import UserService
from auth.models import User
from .schemas import UserTokenData
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/auth/--swagger-auth",
auto_error=False)
_exception = exceptions.HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Could not validate credentials",
headers={"WWW-Authenticate": "Bearer"},
)
async def get_current_user(db=Depends(get_db),
token: str = Depends(oauth2_scheme)) -> User:
try:
token_data = UserTokenData(**get_payload(token))
username: str = token_data.sub
if username is None:
raise _exception
except (PyJWTError, ValueError):
raise _exception
user = UserService(db).get_user(username=username)
if user is None: