コード例 #1
0
ファイル: auth.py プロジェクト: udit-pandey/kairon
    async def get_current_user(
        request: Request, token: str = Depends(DataUtility.oauth2_scheme)
    ):
        """
        validates jwt token

        :param token: jwt token, default extracted by fastapi
        :param request: http request object
        :return: dict of user details
        """
        credentials_exception = HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Could not validate credentials",
            headers={"WWW-Authenticate": "Bearer"},
        )
        try:
            payload = Utility.decode_limited_access_token(token)
            username: str = payload.get("sub")
            Authentication.validate_limited_access_token(request, payload.get("access-limit"))
            if username is None:
                raise credentials_exception
            token_data = TokenData(username=username)
            user = AccountProcessor.get_user_details(token_data.username)
            if user is None:
                raise credentials_exception
            user_model = User(**user)
            if payload.get("type") != TOKEN_TYPE.LOGIN.value:
                Authentication.validate_bot_request(request.path_params.get('bot'), payload.get('bot'))
                if payload.get("type") == TOKEN_TYPE.INTEGRATION.value:
                    Authentication.validate_integration_token(payload)
                alias_user = request.headers.get("X-USER")
                if Utility.check_empty_string(alias_user) and payload.get("type") == TOKEN_TYPE.INTEGRATION.value:
                    raise HTTPException(
                        status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
                        detail="Alias user missing for integration",
                        headers={"WWW-Authenticate": "Bearer"},
                    )
                user_model.active_bot = payload.get('bot')
                user_model.is_integration_user = True
                user_model.alias_user = alias_user or username
                user_model.role = payload.get('role')
            return user_model
        except PyJWTError:
            raise credentials_exception
コード例 #2
0
    def get_user_from_token(token: Text, request: HTTPServerRequest, **kwargs):
        """
        validates jwt token

        :param token: jwt token
        :param request: http request object
        :return: dict of user details
        """
        credentials_exception = ServiceHandlerException(
            "Could not validate credentials", 401,
            {"WWW-Authenticate": "Bearer"})
        try:
            payload = Utility.decode_limited_access_token(token)
            username: str = payload.get("sub")
            TornadoAuthenticate.validate_limited_access_token(
                request, payload.get("access-limit"))
            if username is None:
                raise credentials_exception
        except PyJWTError:
            raise credentials_exception
        user = AccountProcessor.get_user_details(username)
        if user is None:
            raise credentials_exception
        user_model = User(**user)
        if payload.get("type") != TOKEN_TYPE.LOGIN.value:
            TornadoAuthenticate.validate_bot_request(kwargs.get('bot'),
                                                     payload.get('bot'))
            if payload.get("type") == TOKEN_TYPE.INTEGRATION.value:
                TornadoAuthenticate.validate_integration_token(payload)
            alias_user = request.headers.get("X-USER")
            if Utility.check_empty_string(alias_user) and payload.get(
                    "type") == TOKEN_TYPE.INTEGRATION.value:
                raise ServiceHandlerException(
                    "Alias user missing for integration", 401)
            alias_user = alias_user or username
            user_model.alias_user = alias_user
            user_model.is_integration_user = True
            user_model.role = payload.get('role')

        return user_model