def get_current_user( db: Session = Depends(get_db), token: str = Depends(reusable_oauth2) ) -> models.User: invitation = crud.invite.get_by_token(db, token) if invitation: if invitation.expires_in <= datetime.now(tz=timezone.utc): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Invalid credentials" ) try: payload = jwt.decode( token, settings.SECRET_KEY, algorithms=[security.ALGORITHM] ) token_data = schemas.TokenPayload(**payload) except (jwt.JWTError, ValidationError): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Could not validate credentials", ) user = crud.user.get(db, id=token_data.sub) if not user: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="User not found" ) return user
async def get_current_user( security_scopes: SecurityScopes, token: str = Depends(oauth2_scheme) ) -> models.User: if security_scopes.scopes: authenticate_value = f'Bearer scope="{security_scopes.scope_str}"' else: authenticate_value = f"Bearer" credentials_exception = HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Could not validate credentials", headers={"WWW-Authenticate": authenticate_value}, ) try: payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[security.ALGORITHM]) token_data = schemas.TokenPayload(**payload) if token_data.sub is None: raise credentials_exception except (jwt.JWTError, ValidationError): raise credentials_exception user = await crud.user.get_by_email_or_username(username=token_data.sub) if not user: raise credentials_exception token_scopes = token_data.scopes.split(" ") for scope in security_scopes.scopes: if scope not in token_scopes: raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Not enough permissions", headers={"WWW-Authenticate": authenticate_value}, ) return user
def jwt_decode(token: str): try: payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM]) token_data = schemas.TokenPayload(**payload) sub: str = token_data.sub except (jwt.JWTError, ValidationError): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Could not validate credentials", ) return sub
async def get_current_user(db: AsyncSession = Depends(get_db), token: str = Depends( reusable_oauth2)) -> models.User: try: payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[security.ALGORITHM]) token_data = schemas.TokenPayload(**payload) except (jwt.InvalidTokenError, ValidationError): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Could not validate credentials", ) return await get_user_or_404(db, user_id=token_data.sub)
def get_current_user(token: str = Depends(reusable_oauth2)) -> User: try: payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[security.ALGORITHM]) token_data = schemas.TokenPayload(**payload) except (jwt.JWTError, ValidationError): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Could not validate credentials", ) user = dao.user.get_user_by_id(id=token_data.sub) if not user: raise HTTPException(status_code=404, detail="User not found") return user
def get_current_user(db: Session = Depends(get_db), token: str = Depends(oauth_2)): try: payload = jwt.decode(token, settings.secret_key, algorithms=[security.ALGORITHM]) token_data = schemas.TokenPayload(**payload) except ValidationError: raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail='Could not validate credentials') user = crud.user.get(db, id=token_data.sub) if not user: raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail='User not found') return user
def get_current_client(db: Session = Depends(get_db), token: str = Depends(reusable_oauth2)) -> models.Client: try: payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[security.ALGORITHM]) token_data = schemas.TokenPayload(**payload) except (jwt.JWTError, ValidationError): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Could not validate credentials", ) client = crud.client.get(db, id=token_data.sub) if not client: raise HTTPException(status_code=404, detail="Client not found") return client
def get_current_user_by_query_token(*, token: str) -> models.User: try: payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[security.ALGORITHM]) token_data = schemas.TokenPayload(**payload) except (jwt.JWTError, ValidationError): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Could not validate credentials", ) user = crud.user.get(db, id=token_data.sub) if not user: raise HTTPException(status_code=400, detail='Please login and try again!') return user
def get_current_user(db: Session = Depends(get_db), token: str = Depends(reusable_oauth2)) -> models.User: try: payload = jwt.decode(token, key=config.SECRET_KEY, algorithms=[security.ALGORITHM]) token_data = schemas.TokenPayload(**payload) except (jwt.JWSError, ValidationError): raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Could not validate credentials") user = crud.user.get(db, id=token_data.sub) if not user: raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="User not found") return user
def get_current_user(db: Session = Depends(get_db), token: str = Depends( oauth2_password_bearer)) -> models.User: try: payload = jwt.decode(token, app_settings.SECRET_KEY, algorithms=[security.ALGORITHM]) token_data = schemas.TokenPayload(**payload) except (jwt.JWTError, ValidationError): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail='Validation of credentials failed', ) user = operations.user_operations.get(db, id=token_data.sub) if not user: raise HTTPException(status_code=404, detail='User not found') return user
def get_current_user(db: Session = Depends(get_db), token: str = Depends(reusable_oauth2)) -> models.User: from config import AppConfig try: payload = jwt.decode(token, AppConfig.SERVER_TYPE, algorithms=[AppConfig.SECURITY_ALGORITHM]) token_data = schemas.TokenPayload(**payload) except (jwt.JWTError, ValidationError): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Could not validate credentials", ) user = crud.user.get(db, id=token_data.sub) if not user: raise HTTPException(status_code=404, detail="User not found") return user
def get_current_user(db: Session = Depends(get_db), token: str = Depends(oauth2_scheme)) -> models.User: try: payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[security.ALGORITHM]) token_data = schemas.TokenPayload(**payload) except (jwt.JWTError): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Could not validate credentials.", ) user = None if token_data.sub: user = crud.user.get(db, id=token_data.sub) if not user: raise HTTPException(status_code=404, detail="User not found") return user
def get_current_user( db: Session = Depends(get_db), token: str = Depends(reusable_oauth2) ) -> User: print("---!!!" + token) try: payload = jwt.decode( token, settings.SECRET_KEY, algorithms=[security.ALGORITHM] ) token_data = schemas.TokenPayload(**payload) except (jwt.PyJWTError, ValidationError): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Could not validate credentials", ) user = crud.user.get_by_userName(db, userName=token_data.sub) if not user: raise HTTPException(status_code=404, detail="User not found") return user
async def get_current_user( token: HTTPAuthorizationCredentials = Depends(auth_scheme), ) -> UserPydantic: try: payload = jwt.decode(token.credentials, settings.SECRET_KEY, algorithms=[security.ALGORITHM]) token_data = schemas.TokenPayload(**payload) except (jwt.PyJWTError, ValidationError): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Could not validate credentials", ) try: return await User.get(id=token_data.sub) except DoesNotExist: raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="User does not exist")
def get_current_user( cls, token: str = Depends(reusable_oauth2)) -> schemas.Kd99: logger.info("开始验证token" + token) try: payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM]) logger.info(payload.values()) token_data = schemas.TokenPayload(**payload) except (jwt.JWTError, ValidationError): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Could not validate credentials", ) logger.info("-------------------------------------") logger.info(token_data.json()) user = cls.get_kd99_by_opcode(token_data.sub) if not user: raise HTTPException(status_code=404, detail="User not found") return user
def get_current_user( security_scopes: SecurityScopes, db: Session = Depends(get_db), token: str = Depends(reusable_oauth2), ) -> models.User: if security_scopes.scopes: authenticate_value = f'Bearer scope="{security_scopes.scope_str}"' else: authenticate_value = "Bearer" credentials_exception = HTTPException( status_code=401, detail="Could not validate credentials", headers={"WWW-Authenticate": authenticate_value}, ) try: payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[security.ALGORITHM]) if payload.get("id") is None: raise credentials_exception token_data = schemas.TokenPayload(**payload) except (jwt.JWTError, ValidationError): logger.error("Error Decoding Token", exc_info=True) raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Could not validate credentials", ) user = crud.user.get(db, id=token_data.id) if not user: raise credentials_exception if security_scopes.scopes and not token_data.role: raise HTTPException( status_code=401, detail="Not enough permissions", headers={"WWW-Authenticate": authenticate_value}, ) if (security_scopes.scopes and token_data.role not in security_scopes.scopes): raise HTTPException( status_code=401, detail="Not enough permissions", headers={"WWW-Authenticate": authenticate_value}, ) return user
def get_user_from_token(token: str, token_type: str, db: Session) -> models.User: try: payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[security.ALGORITHM]) token_data = schemas.TokenPayload(**payload) if token_data.type != token_type: raise BadRequestException( detail="Invalid token", ) except ExpiredSignatureError: raise ForbiddenException(detail="Token has expired") except (jwt.JWTError, ValidationError) as e: logging.error(e.__str__()) raise ForbiddenException( detail="Could not validate credentials", ) if user := crud.user.get(db, id=token_data.sub): if user.is_active: return user raise ConflictException("User account is disabled")
def get_current_user(token: str = Depends(reusable_oauth2)) -> Optional[schemas.User]: try: payload = jwt.decode( token, settings.SECRET_KEY, algorithms=[security.ALGORITHM] ) token_data = schemas.TokenPayload(**payload) except (jwt.JWTError, ValidationError, AttributeError) as e: if type(e) != AttributeError: raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Could not validate credentials", ) else: return None assert token_data.sub is not None user = services.user.get_user(token_data.sub) if not user: raise HTTPException(status_code=404, detail="User not found") return schemas.User.from_dto(user)
async def get_current_user(db: Session = Depends(get_db), token: str = Depends(oauth2_scheme)) -> models.User: credentials_exception = HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Could not validate credentials", headers={"WWW-Authenticate": "Bearer"}, ) try: payload = jwt.decode(token, config.SECRET_KEY, algorithms=[config.ALGORITHM], options={'leeway': 99999999999}) token_data = schemas.TokenPayload(**payload) except (JWTError, ValidationError): raise credentials_exception user = models.User.get_user(db, id=token_data.sub) if not user: raise HTTPException(status_code=404, detail="User not found") return user
def get_current_user( uow: user_uow.AbstractUnitOfWork = Depends(user_uow.get_sqlalchemy_uow), token: str = Depends(reusable_oauth2), ) -> schemas.User: try: payload = jwt.decode( token, settings.SECRET_KEY, algorithms=[security.ALGORITHM] ) token_data = schemas.TokenPayload(**payload) except (jwt.JWTError, ValidationError): raise InvalidToken with uow: id = user_id(str(token_data.sub)) user = uow.users.get_by_id(id) if not user: raise UserNotFound(id) return_user = schemas.User(**user.__dict__) uow.commit() return return_user
def get_current_user(token: str = Depends(reusable_oauth2)) -> schemas.User: try: payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[security.ALGORITHM]) token_data = schemas.TokenPayload(**payload) except (jwt.JWTError, ValidationError): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Could not validate credentials", ) # Проверить пользователя с логином token_data.sub по БД - заглушка user = {"login": token_data.sub, "full_name": settings.TEST_USER_FULL_NAME} if not user: raise HTTPException(status_code=404, detail="User not found") return user
async def get_current_user( db: Session = Depends(get_db), redis: aioredis.Redis = Depends(get_redis), token: str = Depends(reusable_oauth2), ) -> schemas.UserInDB: try: payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[security.ALGORITHM]) token_data = schemas.TokenPayload(**payload) except (jwt.JWTError, ValidationError): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Could not validate credentials", ) user = await crud.user_cachedb.get(db, redis, id=token_data.sub) if user is None: raise HTTPException(status_code=404, detail="User not found") return user
def get_current_user(db: Session = Depends(get_db), token: str = Depends(oauth2_scheme)) -> models.User: """get current user by token""" try: # verify jwt token payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[settings.TOKEN_ALGORITHMS]) # unpack payload data token_data = schemas.TokenPayload(**payload) except (jwt.JWTError, ValidationError): raise HTTPException(status_code=403, detail="Could not validate credentials") # get user by unpacked id user = db.query(models.User).get(token_data.sub) if not user: raise HTTPException(status_code=404, detail="User not found") return user
def get_current_user( request: Request, X_Token: str = Header(...) ) -> models.User: token = X_Token try: payload = jwt.decode( token, settings.SECRET_KEY, algorithms=[security.ALGORITHM] ) token_data = schemas.TokenPayload(**payload) except (jwt.JWTError, ValidationError): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Could not validate credentials", ) with request.pony_session: user = models.User.get(id=token_data.sub) if not user: raise HTTPException(status_code=404, detail="User not found") # print(f"model.users={user.to_dict()}") return user
def get_current_user(db: Session = Depends(get_db), token: str = Depends(reusable_oauth2)) -> models.User: try: payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[security.ALGORITHM]) token_data = schemas.TokenPayload(**payload) except jwt.ExpiredSignatureError: logger.info("Validation expired with token as " + token) raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Access token has expired") except (jwt.JWTError, ValidationError) as e: logger.info("Validation failed with" + str(e) + "with jwt as " + token) raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Could not validate credentials", ) user = crud.user.get(db, id=token_data.sub) if not user: raise HTTPException(status_code=404, detail="User not found") return user
def get_current_user_with_query_param( request: Request, token: str = Query(...) ) -> models.User: now_secret = settings.SECRET_KEY # print("get_current_user_with_query_param now Secret = ", now_secret) try: payload = jwt.decode( token, now_secret, algorithms=[security.ALGORITHM] ) token_data = schemas.TokenPayload(**payload) except (jwt.JWTError, ValidationError): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Could not validate credentials", ) with request.pony_session: user = models.User.get(id=token_data.sub) if not user: raise HTTPException(status_code=404, detail="User not found") user_dict = user.to_dict() roles = user_dict.get("roles", "") user_dict["roles"] = [roles] return user_dict