FilesExpand file tree

 main

/

main.py

Copy path

BlameMore file actions

BlameMore file actions

Latest commit

 

History

History

History

146 lines (108 loc) · 4.92 KB

 main

/

main.py

Top

File metadata and controls

• Code
• Blame

146 lines (108 loc) · 4.92 KB

Raw

Copy raw file

Download raw file

Open symbols panel

Edit and raw actions

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

from typing import List, Optional

from datetime import datetime, timedelta

from fastapi import Depends, FastAPI, HTTPException, status

from sqlalchemy.orm import Session

from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm

from jose import JWTError, jwt

from passlib.context import CryptContext

from . import crud, models, schemas

from .database import SessionLocal, engine

models.Base.metadata.create_all(bind=engine)

pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")

oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")

app = FastAPI()

SECRET_KEY = "09d25e094faa6ca2556c818166b7a9563b93f7099f6f0f4caa6cf63b88e8d3e7"

ALGORITHM = "HS256"

ACCESS_TOKEN_EXPIRE_MINUTES = 30

def verify_password(plain_password, hashed_password):

return pwd_context.verify(plain_password, hashed_password)

def get_password_hash(password):

return pwd_context.hash(password)

def get_db():

db = SessionLocal()

try:

yield db

finally:

db.close()

def authenticate_user(db, username: str, password: str):

user = crud.get_user_by_email(db, email=username)

if not user:

return False

if not verify_password(password, user.hashed_password):

return False

return user

def create_access_token(data: dict, expires_delta: Optional[timedelta] = None):

to_encode = data.copy()

if expires_delta:

expire = datetime.utcnow() + expires_delta

else:

expire = datetime.utcnow() + timedelta(minutes=15)

to_encode.update({"exp": expire})

encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)

return encoded_jwt

async def get_current_user(token: str = Depends(oauth2_scheme), db: Session = Depends(get_db)):

credentials_exception = HTTPException(

status_code=status.HTTP_401_UNAUTHORIZED,

detail="Could not validate credentials",

headers={"WWW-Authenticate": "Bearer"},

)

try:

payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])

username: str = payload.get("sub")

if username is None:

raise credentials_exception

token_data = schemas.TokenData(username=username)

except JWTError:

raise credentials_exception

user = crud.get_user_by_email(db, email=token_data.username)

if user is None:

raise credentials_exception

return user

async def get_current_active_user(current_user: schemas.User = Depends(get_current_user)):

if not current_user.is_active:

raise HTTPException(status_code=400, detail="Inactive user")

return current_user

@app.post("/token", response_model=schemas.Token)

async def login_for_access_token(form_data: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(get_db)):

user = authenticate_user(db, form_data.username, form_data.password)

if not user:

raise HTTPException(

status_code=status.HTTP_401_UNAUTHORIZED,

detail="Incorrect username or password",

headers={"WWW-Authenticate": "Bearer"},

)

if not user.is_active:

raise HTTPException(status_code=400, detail="Inactive user")

access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)

access_token = create_access_token(

data={"sub": user.email}, expires_delta=access_token_expires

)

return {"access_token": access_token, "token_type": "bearer"}

@app.post("/users/", response_model=schemas.User)

def create_user(user: schemas.UserCreate, db: Session = Depends(get_db)):

db_user = crud.get_user_by_email(db, email=user.email)

if db_user:

raise HTTPException(status_code=400, detail="Email already registered")

return crud.create_user(db=db, user=user)

@app.get("/users/", response_model=List[schemas.User], dependencies=[Depends(get_current_active_user)])

def read_users(skip: int = 0, limit: int = 100, db: Session = Depends(get_db)):

users = crud.get_users(db, skip=skip, limit=limit)

return users

@app.get("/users/{user_id}", response_model=schemas.User, dependencies=[Depends(get_current_active_user)])

def read_user(user_id: int, db: Session = Depends(get_db)):

db_user = crud.get_user(db, user_id=user_id)

if db_user is None:

raise HTTPException(status_code=404, detail="User not found")

return db_user

@app.post("/users/{user_id}/items/", response_model=schemas.Item, dependencies=[Depends(get_current_active_user)])

def create_item_for_user(

user_id: int, item: schemas.ItemCreate, db: Session = Depends(get_db)

):

return crud.create_user_item(db=db, item=item, user_id=user_id)

@app.get("/items/", response_model=List[schemas.Item], dependencies=[Depends(get_current_active_user)])

def read_items(skip: int = 0, limit: int = 100, db: Session = Depends(get_db)):

items = crud.get_items(db, skip=skip, limit=limit)

return items

@app.get("/users/me/", response_model=schemas.User)

async def read_users_me(current_user: schemas.User = Depends(get_current_active_user)):

return current_user