brewman/brewman/brewman/routers/login.py

from datetime import timedelta

from fastapi import (
    APIRouter,
    Cookie,
    Depends,
    Form,
    HTTPException,
    Response,
    Security,
    status,
)
from fastapi.responses import JSONResponse
from fastapi.security import OAuth2PasswordRequestForm
from sqlalchemy.orm import Session

from .. import __version__
from ..core.config import settings
from ..core.security import (
    Token,
    authenticate_user,
    client_allowed,
    create_access_token,
    get_current_active_user,
)
from ..db.session import SessionLocal
from ..schemas.auth import UserToken


router = APIRouter()


# Dependency
def get_db():
    try:
        db = SessionLocal()
        yield db
    finally:
        db.close()


@router.post("/token", response_model=Token)
async def login_for_access_token(
    response: Response,
    form_data: OAuth2PasswordRequestForm = Depends(),
    client_id: int = Cookie(None),
    otp: int = Form(None),
    db: Session = Depends(get_db),
):
    user = authenticate_user(form_data.username, form_data.password, client_id, otp, db)
    if not user:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Incorrect username or password",
            headers={"WWW-Authenticate": "Bearer"},
        )
    allowed, c_id = client_allowed(user, client_id, otp, db)
    db.commit()
    if c_id and c_id != client_id:
        response.set_cookie(
            key="client_id", value=str(c_id), max_age=10 * 365 * 24 * 60 * 60
        )
    if not allowed:
        not_allowed_response = JSONResponse(
            status_code=status.HTTP_401_UNAUTHORIZED,
            headers={"WWW-Authenticate": "Bearer"},
            content={"detail": "Client is not registered"},
        )
        not_allowed_response.set_cookie(
            key="client_id", value=str(c_id), max_age=10 * 365 * 24 * 60 * 60
        )
        return not_allowed_response
    access_token_expires = timedelta(minutes=settings.JWT_TOKEN_EXPIRE_MINUTES)
    access_token = create_access_token(
        data={
            "sub": user.name,
            "scopes": ["authenticated"]
            + list(
                set(
                    [
                        p.name.replace(" ", "-").lower()
                        for r in user.roles
                        for p in r.permissions
                    ]
                )
            ),
            "userId": str(user.id),
            "lockedOut": user.locked_out,
            "ver": __version__.__version__,
        },
        expires_delta=access_token_expires,
    )
    return {"access_token": access_token, "token_type": "bearer"}


@router.post("/refresh", response_model=Token)
async def refresh_token(user: UserToken = Security(get_current_active_user)):
    access_token_expires = timedelta(minutes=settings.JWT_TOKEN_EXPIRE_MINUTES)
    access_token = create_access_token(
        data={
            "sub": user.name,
            "scopes": user.permissions,
            "userId": str(user.id_),
            "lockedOut": user.locked_out,
            "ver": __version__.__version__,
        },
        expires_delta=access_token_expires,
    )
    return {"access_token": access_token, "token_type": "bearer"}
Moving to FastAPI Config is not properly working with .env file as of now Cost Centre is mostly working, going to work on Accounts now 2020-05-08 04:52:25 +00:00			`from datetime import timedelta`

Blacked all lines with -l 120 2020-05-31 09:11:11 +00:00			`from fastapi import (`
			`APIRouter,`
			`Cookie,`
Chore: Blacked and isorted all files 2020-10-07 15:18:43 +00:00			`Depends,`
Blacked all lines with -l 120 2020-05-31 09:11:11 +00:00			`Form,`
Chore: Blacked and isorted all files 2020-10-07 15:18:43 +00:00			`HTTPException,`
Blacked all lines with -l 120 2020-05-31 09:11:11 +00:00			`Response,`
Chore: Blacked and isorted all files 2020-10-07 15:18:43 +00:00			`Security,`
			`status,`
Blacked all lines with -l 120 2020-05-31 09:11:11 +00:00			`)`
Clients also implemented. I think the only things left are the login history and other past errors 2020-05-30 10:11:55 +00:00			`from fastapi.responses import JSONResponse`
Chore: Blacked and isorted all files 2020-10-07 15:18:43 +00:00			`from fastapi.security import OAuth2PasswordRequestForm`
Moving to FastAPI Config is not properly working with .env file as of now Cost Centre is mostly working, going to work on Accounts now 2020-05-08 04:52:25 +00:00			`from sqlalchemy.orm import Session`
Chore: Blacked and isorted all files 2020-10-07 15:18:43 +00:00
Showing the frontend and backend version in the settings panel. Bumped the version to 7.6.0 2020-10-07 17:57:54 +00:00			`from .. import __version__`
Chore: Blacked and isorted all files 2020-10-07 15:18:43 +00:00			`from ..core.config import settings`
Moving to FastAPI Config is not properly working with .env file as of now Cost Centre is mostly working, going to work on Accounts now 2020-05-08 04:52:25 +00:00			`from ..core.security import (`
			`Token,`
			`authenticate_user,`
Chore: Blacked and isorted all files 2020-10-07 15:18:43 +00:00			`client_allowed,`
Blacked all lines with -l 120 2020-05-31 09:11:11 +00:00			`create_access_token,`
			`get_current_active_user,`
Moving to FastAPI Config is not properly working with .env file as of now Cost Centre is mostly working, going to work on Accounts now 2020-05-08 04:52:25 +00:00			`)`
			`from ..db.session import SessionLocal`
DbImage works!! Credit Salary works!! Refresh router created, now need to use it in angular Errors should now show up in the frontend. 2020-05-29 20:28:17 +00:00			`from ..schemas.auth import UserToken`
Moving to FastAPI Config is not properly working with .env file as of now Cost Centre is mostly working, going to work on Accounts now 2020-05-08 04:52:25 +00:00
Chore: Blacked and isorted all files 2020-10-07 15:18:43 +00:00
Moving to FastAPI Config is not properly working with .env file as of now Cost Centre is mostly working, going to work on Accounts now 2020-05-08 04:52:25 +00:00			`router = APIRouter()`


			`# Dependency`
			`def get_db():`
			`try:`
			`db = SessionLocal()`
			`yield db`
			`finally:`
			`db.close()`


			`@router.post("/token", response_model=Token)`
			`async def login_for_access_token(`
Clients also implemented. I think the only things left are the login history and other past errors 2020-05-30 10:11:55 +00:00			`response: Response,`
			`form_data: OAuth2PasswordRequestForm = Depends(),`
			`client_id: int = Cookie(None),`
			`otp: int = Form(None),`
			`db: Session = Depends(get_db),`
Moving to FastAPI Config is not properly working with .env file as of now Cost Centre is mostly working, going to work on Accounts now 2020-05-08 04:52:25 +00:00			`):`
Clients also implemented. I think the only things left are the login history and other past errors 2020-05-30 10:11:55 +00:00			`user = authenticate_user(form_data.username, form_data.password, client_id, otp, db)`
Moving to FastAPI Config is not properly working with .env file as of now Cost Centre is mostly working, going to work on Accounts now 2020-05-08 04:52:25 +00:00			`if not user:`
			`raise HTTPException(`
			`status_code=status.HTTP_401_UNAUTHORIZED,`
			`detail="Incorrect username or password",`
			`headers={"WWW-Authenticate": "Bearer"},`
			`)`
Clients also implemented. I think the only things left are the login history and other past errors 2020-05-30 10:11:55 +00:00			`allowed, c_id = client_allowed(user, client_id, otp, db)`
			`db.commit()`
			`if c_id and c_id != client_id:`
Blacked all files 2020-10-07 16:59:24 +00:00			`response.set_cookie(`
			`key="client_id", value=str(c_id), max_age=10 * 365 * 24 * 60 * 60`
			`)`
Clients also implemented. I think the only things left are the login history and other past errors 2020-05-30 10:11:55 +00:00			`if not allowed:`
			`not_allowed_response = JSONResponse(`
			`status_code=status.HTTP_401_UNAUTHORIZED,`
			`headers={"WWW-Authenticate": "Bearer"},`
Blacked all lines with -l 120 2020-05-31 09:11:11 +00:00			`content={"detail": "Client is not registered"},`
Clients also implemented. I think the only things left are the login history and other past errors 2020-05-30 10:11:55 +00:00			`)`
Blacked all files 2020-10-07 16:59:24 +00:00			`not_allowed_response.set_cookie(`
			`key="client_id", value=str(c_id), max_age=10 * 365 * 24 * 60 * 60`
			`)`
Clients also implemented. I think the only things left are the login history and other past errors 2020-05-30 10:11:55 +00:00			`return not_allowed_response`
Settings working now. Everything working now. Time for docker and beta test 2020-05-30 18:09:02 +00:00			`access_token_expires = timedelta(minutes=settings.JWT_TOKEN_EXPIRE_MINUTES)`
Moving to FastAPI Config is not properly working with .env file as of now Cost Centre is mostly working, going to work on Accounts now 2020-05-08 04:52:25 +00:00			`access_token = create_access_token(`
			`data={`
			`"sub": user.name,`
			`"scopes": ["authenticated"]`
Blacked all files 2020-10-07 16:59:24 +00:00			`+ list(`
			`set(`
			`[`
			`p.name.replace(" ", "-").lower()`
			`for r in user.roles`
			`for p in r.permissions`
			`]`
			`)`
			`),`
Changes in the login so that the token works with my solution 2020-05-11 16:23:38 +00:00			`"userId": str(user.id),`
			`"lockedOut": user.locked_out,`
Showing the frontend and backend version in the settings panel. Bumped the version to 7.6.0 2020-10-07 17:57:54 +00:00			`"ver": __version__.__version__,`
Moving to FastAPI Config is not properly working with .env file as of now Cost Centre is mostly working, going to work on Accounts now 2020-05-08 04:52:25 +00:00			`},`
			`expires_delta=access_token_expires,`
			`)`
			`return {"access_token": access_token, "token_type": "bearer"}`
DbImage works!! Credit Salary works!! Refresh router created, now need to use it in angular Errors should now show up in the frontend. 2020-05-29 20:28:17 +00:00

			`@router.post("/refresh", response_model=Token)`
Blacked all lines with -l 120 2020-05-31 09:11:11 +00:00			`async def refresh_token(user: UserToken = Security(get_current_active_user)):`
Settings working now. Everything working now. Time for docker and beta test 2020-05-30 18:09:02 +00:00			`access_token_expires = timedelta(minutes=settings.JWT_TOKEN_EXPIRE_MINUTES)`
DbImage works!! Credit Salary works!! Refresh router created, now need to use it in angular Errors should now show up in the frontend. 2020-05-29 20:28:17 +00:00			`access_token = create_access_token(`
Chore: Blacked and isorted all files 2020-10-07 15:18:43 +00:00			`data={`
			`"sub": user.name,`
			`"scopes": user.permissions,`
			`"userId": str(user.id_),`
			`"lockedOut": user.locked_out,`
Showing the frontend and backend version in the settings panel. Bumped the version to 7.6.0 2020-10-07 17:57:54 +00:00			`"ver": __version__.__version__,`
Chore: Blacked and isorted all files 2020-10-07 15:18:43 +00:00			`},`
DbImage works!! Credit Salary works!! Refresh router created, now need to use it in angular Errors should now show up in the frontend. 2020-05-29 20:28:17 +00:00			`expires_delta=access_token_expires,`
			`)`
			`return {"access_token": access_token, "token_type": "bearer"}`