added integrated authentication

parent 6727f5eb
...@@ -4,6 +4,7 @@ import fastapi ...@@ -4,6 +4,7 @@ import fastapi
from .schemas import CategoryBaseSchema from .schemas import CategoryBaseSchema
from .ctrl import CategoryController from .ctrl import CategoryController
from ..dependencies import get_current_user
router = fastapi.APIRouter(prefix='/categories', tags=['Category']) router = fastapi.APIRouter(prefix='/categories', tags=['Category'])
...@@ -21,15 +22,24 @@ async def get_category(id: UUID): ...@@ -21,15 +22,24 @@ async def get_category(id: UUID):
@router.post('') @router.post('')
async def create_category(body: CategoryBaseSchema): async def create_category(
body: CategoryBaseSchema,
current_user: str = fastapi.Depends(get_current_user)
):
return await ctrl.create(**body.model_dump(exclude_none=True)) return await ctrl.create(**body.model_dump(exclude_none=True))
@router.patch('/{id}') @router.patch('/{id}')
async def update_category(id: UUID, body: CategoryBaseSchema): async def update_category(
id: UUID, body: CategoryBaseSchema,
current_user: str = fastapi.Depends(get_current_user)
):
return await ctrl.update(id, **body.model_dump(exclude_none=True)) return await ctrl.update(id, **body.model_dump(exclude_none=True))
@router.delete('/{id}') @router.delete('/{id}')
async def delete_category(id: UUID): async def delete_category(
id: UUID,
current_user: str = fastapi.Depends(get_current_user)
):
return await ctrl.delete(id) return await ctrl.delete(id)
import os
import fastapi as fa
from fastapi import Depends, HTTPException, status
from jose import jwt, JWTError
SECRET_KEY = os.getenv('SECRET_KEY')
ALGORITHM = os.getenv('ALGORITHM')
def get_token(token: str = fa.Header(...)):
return token
def authenticate_user(token: str = Depends(get_token)):
credentials_exception = HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Could not validate credentials",
headers={"WWW-Authenticate": "Bearer"},
)
try:
payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
username: str = payload.get("sub")
if username is None:
raise credentials_exception
return username
except JWTError:
raise credentials_exception
def get_current_user(username: str = Depends(authenticate_user)):
if username == "johndoe" or username == 'janedoe':
return username
else:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Not authorized",
headers={"WWW-Authenticate": "Bearer"},
)
...@@ -4,6 +4,7 @@ import fastapi ...@@ -4,6 +4,7 @@ import fastapi
from .schemas import StatusBaseSchema from .schemas import StatusBaseSchema
from .ctrl import StatusController from .ctrl import StatusController
from ..dependencies import get_current_user
router = fastapi.APIRouter(prefix='/statuses', tags=['Status']) router = fastapi.APIRouter(prefix='/statuses', tags=['Status'])
...@@ -21,15 +22,24 @@ async def get_status(id: UUID): ...@@ -21,15 +22,24 @@ async def get_status(id: UUID):
@router.post('') @router.post('')
async def create_status(body: StatusBaseSchema): async def create_status(
body: StatusBaseSchema,
current_user: str = fastapi.Depends(get_current_user)
):
return await ctrl.create(**body.model_dump(exclude_none=True)) return await ctrl.create(**body.model_dump(exclude_none=True))
@router.patch('/{id}') @router.patch('/{id}')
async def update_status(id: UUID, body: StatusBaseSchema): async def update_status(
id: UUID, body: StatusBaseSchema,
current_user: str = fastapi.Depends(get_current_user)
):
return await ctrl.update(id, **body.model_dump(exclude_none=True)) return await ctrl.update(id, **body.model_dump(exclude_none=True))
@router.delete('/{id}') @router.delete('/{id}')
async def delete_status(id: UUID): async def delete_status(
id: UUID,
current_user: str = fastapi.Depends(get_current_user)
):
return await ctrl.delete(id) return await ctrl.delete(id)
from uuid import UUID from uuid import UUID
import fastapi import fastapi
from fastapi_pagination import Page, paginate
from .schemas import ( from .schemas import (
TaskBaseSchema, TaskPostSchema, TaskPatchSchema, TaskPostSchema, TaskPatchSchema, CommentSchema
CommentSchema
) )
from .ctrl import TaskController from .ctrl import TaskController
from ..dependencies import get_current_user
router = fastapi.APIRouter(prefix='/tasks', tags=['Task']) router = fastapi.APIRouter(prefix='/tasks', tags=['Task'])
...@@ -40,17 +39,27 @@ async def get_task(id: UUID): ...@@ -40,17 +39,27 @@ async def get_task(id: UUID):
@router.post('') @router.post('')
async def create_task(body: TaskPostSchema): async def create_task(
body: TaskPostSchema,
current_user: str = fastapi.Depends(get_current_user)
):
return await ctrl.create(**body.model_dump(exclude_none=True)) return await ctrl.create(**body.model_dump(exclude_none=True))
@router.patch('/{id}') @router.patch('/{id}')
async def update_task(id: UUID, body: TaskPatchSchema): async def update_task(
id: UUID,
body: TaskPatchSchema,
current_user: str = fastapi.Depends(get_current_user)
):
return await ctrl.update(id, **body.model_dump(exclude_none=True)) return await ctrl.update(id, **body.model_dump(exclude_none=True))
@router.delete('/{id}') @router.delete('/{id}')
async def delete_task(id: UUID): async def delete_task(
id: UUID,
current_user: str = fastapi.Depends(get_current_user)
):
return await ctrl.delete(id) return await ctrl.delete(id)
...@@ -60,12 +69,19 @@ async def get_comments(id: UUID): ...@@ -60,12 +69,19 @@ async def get_comments(id: UUID):
@router.post('/{id}/comments') @router.post('/{id}/comments')
async def add_comment(id: UUID, body: CommentSchema): async def add_comment(
id: UUID,
body: CommentSchema,
current_user: str = fastapi.Depends(get_current_user)
):
return await ctrl.add_comment(id, **body.model_dump(exclude_none=True)) return await ctrl.add_comment(id, **body.model_dump(exclude_none=True))
@router.delete('/comments/{id}') @router.delete('/comments/{id}')
async def delete_comment(id: UUID): async def delete_comment(
id: UUID,
current_user: str = fastapi.Depends(get_current_user)
):
return await ctrl.delete_comment(id) return await ctrl.delete_comment(id)
......
...@@ -4,6 +4,7 @@ import fastapi ...@@ -4,6 +4,7 @@ import fastapi
from .schemas import TypeBaseSchema from .schemas import TypeBaseSchema
from .ctrl import TypeController from .ctrl import TypeController
from ..dependencies import get_current_user
router = fastapi.APIRouter(prefix='/types', tags=['Type']) router = fastapi.APIRouter(prefix='/types', tags=['Type'])
...@@ -21,15 +22,25 @@ async def get_type(id: UUID): ...@@ -21,15 +22,25 @@ async def get_type(id: UUID):
@router.post('') @router.post('')
async def create_type(body: TypeBaseSchema): async def create_type(
body: TypeBaseSchema,
current_user: str = fastapi.Depends(get_current_user)
):
return await ctrl.create(**body.model_dump(exclude_none=True)) return await ctrl.create(**body.model_dump(exclude_none=True))
@router.patch('/{id}') @router.patch('/{id}')
async def update_type(id: UUID, body: TypeBaseSchema): async def update_type(
id: UUID,
body: TypeBaseSchema,
current_user: str = fastapi.Depends(get_current_user)
):
return await ctrl.update(id, **body.model_dump(exclude_none=True)) return await ctrl.update(id, **body.model_dump(exclude_none=True))
@router.delete('/{id}') @router.delete('/{id}')
async def delete_type(id: UUID): async def delete_type(
id: UUID,
current_user: str = fastapi.Depends(get_current_user)
):
return await ctrl.delete(id) return await ctrl.delete(id)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment