def get_current_user(
db: Session = Depends(get_db), token: str = Depends(reusable_oauth2)
) -> models.User:
invitation = crud.invite.get_by_token(db, token)
if invitation:
if invitation.expires_in <= datetime.now(tz=timezone.utc):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN, detail="Invalid credentials"
)
try:
payload = jwt.decode(
token, settings.SECRET_KEY, algorithms=[security.ALGORITHM]
)
token_data = schemas.TokenPayload(**payload)
except (jwt.JWTError, ValidationError):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Could not validate credentials",
)
user = crud.user.get(db, id=token_data.sub)
if not user:
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND, detail="User not found"
)
return user
async def get_current_user(
security_scopes: SecurityScopes, token: str = Depends(oauth2_scheme)
) -> models.User:
if security_scopes.scopes:
authenticate_value = f'Bearer scope="{security_scopes.scope_str}"'
else:
authenticate_value = f"Bearer"
credentials_exception = HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Could not validate credentials",
headers={"WWW-Authenticate": authenticate_value},
)
try:
payload = jwt.decode(token,
settings.SECRET_KEY,
algorithms=[security.ALGORITHM])
token_data = schemas.TokenPayload(**payload)
if token_data.sub is None:
raise credentials_exception
except (jwt.JWTError, ValidationError):
raise credentials_exception
user = await crud.user.get_by_email_or_username(username=token_data.sub)
if not user:
raise credentials_exception
token_scopes = token_data.scopes.split(" ")
for scope in security_scopes.scopes:
if scope not in token_scopes:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Not enough permissions",
headers={"WWW-Authenticate": authenticate_value},
)
return user
def jwt_decode(token: str):
try:
payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
token_data = schemas.TokenPayload(**payload)
sub: str = token_data.sub
except (jwt.JWTError, ValidationError):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Could not validate credentials",
)
return sub
async def get_current_user(db: AsyncSession = Depends(get_db),
token: str = Depends(
reusable_oauth2)) -> models.User:
try:
payload = jwt.decode(token,
settings.SECRET_KEY,
algorithms=[security.ALGORITHM])
token_data = schemas.TokenPayload(**payload)
except (jwt.InvalidTokenError, ValidationError):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Could not validate credentials",
)
return await get_user_or_404(db, user_id=token_data.sub)
def get_current_user(token: str = Depends(reusable_oauth2)) -> User:
try:
payload = jwt.decode(token,
settings.SECRET_KEY,
algorithms=[security.ALGORITHM])
token_data = schemas.TokenPayload(**payload)
except (jwt.JWTError, ValidationError):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Could not validate credentials",
)
user = dao.user.get_user_by_id(id=token_data.sub)
if not user:
raise HTTPException(status_code=404, detail="User not found")
return user
def get_current_user(db: Session = Depends(get_db),
token: str = Depends(oauth_2)):
try:
payload = jwt.decode(token,
settings.secret_key,
algorithms=[security.ALGORITHM])
token_data = schemas.TokenPayload(**payload)
except ValidationError:
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN,
detail='Could not validate credentials')
user = crud.user.get(db, id=token_data.sub)
if not user:
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND,
detail='User not found')
return user
def get_current_client(db: Session = Depends(get_db),
token: str = Depends(reusable_oauth2)) -> models.Client:
try:
payload = jwt.decode(token,
settings.SECRET_KEY,
algorithms=[security.ALGORITHM])
token_data = schemas.TokenPayload(**payload)
except (jwt.JWTError, ValidationError):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Could not validate credentials",
)
client = crud.client.get(db, id=token_data.sub)
if not client:
raise HTTPException(status_code=404, detail="Client not found")
return client
def get_current_user_by_query_token(*, token: str) -> models.User:
try:
payload = jwt.decode(token,
settings.SECRET_KEY,
algorithms=[security.ALGORITHM])
token_data = schemas.TokenPayload(**payload)
except (jwt.JWTError, ValidationError):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Could not validate credentials",
)
user = crud.user.get(db, id=token_data.sub)
if not user:
raise HTTPException(status_code=400,
detail='Please login and try again!')
return user
def get_current_user(db: Session = Depends(get_db),
token: str = Depends(reusable_oauth2)) -> models.User:
try:
payload = jwt.decode(token,
key=config.SECRET_KEY,
algorithms=[security.ALGORITHM])
token_data = schemas.TokenPayload(**payload)
except (jwt.JWSError, ValidationError):
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN,
detail="Could not validate credentials")
user = crud.user.get(db, id=token_data.sub)
if not user:
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND,
detail="User not found")
return user
def get_current_user(db: Session = Depends(get_db),
token: str = Depends(
oauth2_password_bearer)) -> models.User:
try:
payload = jwt.decode(token,
app_settings.SECRET_KEY,
algorithms=[security.ALGORITHM])
token_data = schemas.TokenPayload(**payload)
except (jwt.JWTError, ValidationError):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail='Validation of credentials failed',
)
user = operations.user_operations.get(db, id=token_data.sub)
if not user:
raise HTTPException(status_code=404, detail='User not found')
return user
def get_current_user(db: Session = Depends(get_db),
token: str = Depends(reusable_oauth2)) -> models.User:
from config import AppConfig
try:
payload = jwt.decode(token,
AppConfig.SERVER_TYPE,
algorithms=[AppConfig.SECURITY_ALGORITHM])
token_data = schemas.TokenPayload(**payload)
except (jwt.JWTError, ValidationError):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Could not validate credentials",
)
user = crud.user.get(db, id=token_data.sub)
if not user:
raise HTTPException(status_code=404, detail="User not found")
return user
def get_current_user(db: Session = Depends(get_db),
token: str = Depends(oauth2_scheme)) -> models.User:
try:
payload = jwt.decode(token,
settings.SECRET_KEY,
algorithms=[security.ALGORITHM])
token_data = schemas.TokenPayload(**payload)
except (jwt.JWTError):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Could not validate credentials.",
)
user = None
if token_data.sub:
user = crud.user.get(db, id=token_data.sub)
if not user:
raise HTTPException(status_code=404, detail="User not found")
return user
def get_current_user(
db: Session = Depends(get_db), token: str = Depends(reusable_oauth2)
) -> User:
print("---!!!" + token)
try:
payload = jwt.decode(
token, settings.SECRET_KEY, algorithms=[security.ALGORITHM]
)
token_data = schemas.TokenPayload(**payload)
except (jwt.PyJWTError, ValidationError):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Could not validate credentials",
)
user = crud.user.get_by_userName(db, userName=token_data.sub)
if not user:
raise HTTPException(status_code=404, detail="User not found")
return user
async def get_current_user(
token: HTTPAuthorizationCredentials = Depends(auth_scheme),
) -> UserPydantic:
try:
payload = jwt.decode(token.credentials,
settings.SECRET_KEY,
algorithms=[security.ALGORITHM])
token_data = schemas.TokenPayload(**payload)
except (jwt.PyJWTError, ValidationError):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Could not validate credentials",
)
try:
return await User.get(id=token_data.sub)
except DoesNotExist:
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED,
detail="User does not exist")
def get_current_user(
cls, token: str = Depends(reusable_oauth2)) -> schemas.Kd99:
logger.info("开始验证token" + token)
try:
payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
logger.info(payload.values())
token_data = schemas.TokenPayload(**payload)
except (jwt.JWTError, ValidationError):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Could not validate credentials",
)
logger.info("-------------------------------------")
logger.info(token_data.json())
user = cls.get_kd99_by_opcode(token_data.sub)
if not user:
raise HTTPException(status_code=404, detail="User not found")
return user
def get_current_user(
security_scopes: SecurityScopes,
db: Session = Depends(get_db),
token: str = Depends(reusable_oauth2),
) -> models.User:
if security_scopes.scopes:
authenticate_value = f'Bearer scope="{security_scopes.scope_str}"'
else:
authenticate_value = "Bearer"
credentials_exception = HTTPException(
status_code=401,
detail="Could not validate credentials",
headers={"WWW-Authenticate": authenticate_value},
)
try:
payload = jwt.decode(token,
settings.SECRET_KEY,
algorithms=[security.ALGORITHM])
if payload.get("id") is None:
raise credentials_exception
token_data = schemas.TokenPayload(**payload)
except (jwt.JWTError, ValidationError):
logger.error("Error Decoding Token", exc_info=True)
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Could not validate credentials",
)
user = crud.user.get(db, id=token_data.id)
if not user:
raise credentials_exception
if security_scopes.scopes and not token_data.role:
raise HTTPException(
status_code=401,
detail="Not enough permissions",
headers={"WWW-Authenticate": authenticate_value},
)
if (security_scopes.scopes
and token_data.role not in security_scopes.scopes):
raise HTTPException(
status_code=401,
detail="Not enough permissions",
headers={"WWW-Authenticate": authenticate_value},
)
return user
def get_user_from_token(token: str, token_type: str, db: Session) -> models.User:
try:
payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[security.ALGORITHM])
token_data = schemas.TokenPayload(**payload)
if token_data.type != token_type:
raise BadRequestException(
detail="Invalid token",
)
except ExpiredSignatureError:
raise ForbiddenException(detail="Token has expired")
except (jwt.JWTError, ValidationError) as e:
logging.error(e.__str__())
raise ForbiddenException(
detail="Could not validate credentials",
)
if user := crud.user.get(db, id=token_data.sub):
if user.is_active:
return user
raise ConflictException("User account is disabled")
def get_current_user(token: str = Depends(reusable_oauth2)) -> Optional[schemas.User]:
try:
payload = jwt.decode(
token, settings.SECRET_KEY, algorithms=[security.ALGORITHM]
)
token_data = schemas.TokenPayload(**payload)
except (jwt.JWTError, ValidationError, AttributeError) as e:
if type(e) != AttributeError:
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Could not validate credentials",
)
else:
return None
assert token_data.sub is not None
user = services.user.get_user(token_data.sub)
if not user:
raise HTTPException(status_code=404, detail="User not found")
return schemas.User.from_dto(user)
async def get_current_user(db: Session = Depends(get_db),
token: str = Depends(oauth2_scheme)) -> models.User:
credentials_exception = HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Could not validate credentials",
headers={"WWW-Authenticate": "Bearer"},
)
try:
payload = jwt.decode(token,
config.SECRET_KEY,
algorithms=[config.ALGORITHM],
options={'leeway': 99999999999})
token_data = schemas.TokenPayload(**payload)
except (JWTError, ValidationError):
raise credentials_exception
user = models.User.get_user(db, id=token_data.sub)
if not user:
raise HTTPException(status_code=404, detail="User not found")
return user
def get_current_user(
uow: user_uow.AbstractUnitOfWork = Depends(user_uow.get_sqlalchemy_uow),
token: str = Depends(reusable_oauth2),
) -> schemas.User:
try:
payload = jwt.decode(
token, settings.SECRET_KEY, algorithms=[security.ALGORITHM]
)
token_data = schemas.TokenPayload(**payload)
except (jwt.JWTError, ValidationError):
raise InvalidToken
with uow:
id = user_id(str(token_data.sub))
user = uow.users.get_by_id(id)
if not user:
raise UserNotFound(id)
return_user = schemas.User(**user.__dict__)
uow.commit()
return return_user
def get_current_user(token: str = Depends(reusable_oauth2)) -> schemas.User:
try:
payload = jwt.decode(token,
settings.SECRET_KEY,
algorithms=[security.ALGORITHM])
token_data = schemas.TokenPayload(**payload)
except (jwt.JWTError, ValidationError):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Could not validate credentials",
)
# Проверить пользователя с логином token_data.sub по БД - заглушка
user = {"login": token_data.sub, "full_name": settings.TEST_USER_FULL_NAME}
if not user:
raise HTTPException(status_code=404, detail="User not found")
return user
async def get_current_user(
db: Session = Depends(get_db),
redis: aioredis.Redis = Depends(get_redis),
token: str = Depends(reusable_oauth2),
) -> schemas.UserInDB:
try:
payload = jwt.decode(token,
settings.SECRET_KEY,
algorithms=[security.ALGORITHM])
token_data = schemas.TokenPayload(**payload)
except (jwt.JWTError, ValidationError):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Could not validate credentials",
)
user = await crud.user_cachedb.get(db, redis, id=token_data.sub)
if user is None:
raise HTTPException(status_code=404, detail="User not found")
return user
def get_current_user(db: Session = Depends(get_db),
token: str = Depends(oauth2_scheme)) -> models.User:
"""get current user by token"""
try:
# verify jwt token
payload = jwt.decode(token,
settings.SECRET_KEY,
algorithms=[settings.TOKEN_ALGORITHMS])
# unpack payload data
token_data = schemas.TokenPayload(**payload)
except (jwt.JWTError, ValidationError):
raise HTTPException(status_code=403,
detail="Could not validate credentials")
# get user by unpacked id
user = db.query(models.User).get(token_data.sub)
if not user:
raise HTTPException(status_code=404, detail="User not found")
return user
def get_current_user(
request: Request,
X_Token: str = Header(...)
) -> models.User:
token = X_Token
try:
payload = jwt.decode(
token, settings.SECRET_KEY, algorithms=[security.ALGORITHM]
)
token_data = schemas.TokenPayload(**payload)
except (jwt.JWTError, ValidationError):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Could not validate credentials",
)
with request.pony_session:
user = models.User.get(id=token_data.sub)
if not user:
raise HTTPException(status_code=404, detail="User not found")
# print(f"model.users={user.to_dict()}")
return user
def get_current_user(db: Session = Depends(get_db),
token: str = Depends(reusable_oauth2)) -> models.User:
try:
payload = jwt.decode(token,
settings.SECRET_KEY,
algorithms=[security.ALGORITHM])
token_data = schemas.TokenPayload(**payload)
except jwt.ExpiredSignatureError:
logger.info("Validation expired with token as " + token)
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED,
detail="Access token has expired")
except (jwt.JWTError, ValidationError) as e:
logger.info("Validation failed with" + str(e) + "with jwt as " + token)
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Could not validate credentials",
)
user = crud.user.get(db, id=token_data.sub)
if not user:
raise HTTPException(status_code=404, detail="User not found")
return user
def get_current_user_with_query_param(
request: Request,
token: str = Query(...)
) -> models.User:
now_secret = settings.SECRET_KEY
# print("get_current_user_with_query_param now Secret = ", now_secret)
try:
payload = jwt.decode(
token, now_secret, algorithms=[security.ALGORITHM]
)
token_data = schemas.TokenPayload(**payload)
except (jwt.JWTError, ValidationError):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Could not validate credentials",
)
with request.pony_session:
user = models.User.get(id=token_data.sub)
if not user:
raise HTTPException(status_code=404, detail="User not found")
user_dict = user.to_dict()
roles = user_dict.get("roles", "")
user_dict["roles"] = [roles]
return user_dict
