Compare commits
3 commits
53e01033c4
...
1a81be210a
| Author | SHA1 | Date | |
|---|---|---|---|
| 1a81be210a | |||
| 2d60b4fcc5 | |||
| 05a405cbe6 |
5 changed files with 26 additions and 12 deletions
|
|
@ -19,6 +19,7 @@ from fastapi.security import OpenIdConnect
|
|||
from src.auth.exceptions import UnauthorizedException
|
||||
from src.auth.config import auth_settings
|
||||
from src.user.service import add_user_to_db
|
||||
from src.database import db_dependency
|
||||
|
||||
|
||||
oidc = OpenIdConnect(openIdConnectUrl=auth_settings.OIDC_CONFIG)
|
||||
|
|
@ -28,7 +29,7 @@ def get_dev_user():
|
|||
return {"db_id": 1}
|
||||
|
||||
|
||||
async def get_current_user(oidc_auth_string: oidc_dependency) -> dict[str, Any]:
|
||||
async def get_current_user(oidc_auth_string: oidc_dependency, db: db_dependency) -> dict[str, Any]:
|
||||
config_url = urlopen(auth_settings.OIDC_CONFIG)
|
||||
config = json.loads(config_url.read())
|
||||
jwks_uri = config["jwks_uri"]
|
||||
|
|
@ -51,7 +52,7 @@ async def get_current_user(oidc_auth_string: oidc_dependency) -> dict[str, Any]:
|
|||
claims_requests.validate(token.claims)
|
||||
except ExpiredTokenError:
|
||||
raise UnauthorizedException(message="Token is expired")
|
||||
db_id = await add_user_to_db(token.claims)
|
||||
db_id = await add_user_to_db(db, token.claims)
|
||||
|
||||
token.claims["db_id"] = db_id
|
||||
|
||||
|
|
|
|||
|
|
@ -48,6 +48,9 @@ _QUOTED_DATABASE_PASSWORD = parse.quote_plus(str(_DATABASE_CREDENTIAL_PASSWORD))
|
|||
|
||||
SQLALCHEMY_DATABASE_URI = SecretStr(f"postgresql+psycopg://{_DATABASE_CREDENTIAL_USER}:{_QUOTED_DATABASE_PASSWORD}@{DATABASE_HOSTNAME}:{DATABASE_PORT}/{DATABASE_NAME}")
|
||||
|
||||
if settings.ENVIRONMENT == Environment.TESTING:
|
||||
SQLALCHEMY_DATABASE_URI = SecretStr("sqlite:///:memory:")
|
||||
|
||||
app_configs: dict[str, Any] = {"title": "App API"}
|
||||
if settings.ENVIRONMENT.is_deployed:
|
||||
app_configs["root_path"] = f"/v{settings.APP_VERSION}"
|
||||
|
|
|
|||
|
|
@ -7,13 +7,19 @@ Exports:
|
|||
"""
|
||||
from typing import Annotated
|
||||
from sqlalchemy import create_engine
|
||||
from sqlalchemy.orm import declarative_base, sessionmaker, Session
|
||||
from sqlalchemy.orm import DeclarativeBase, sessionmaker, Session
|
||||
|
||||
from fastapi import Depends
|
||||
|
||||
from src.config import SQLALCHEMY_DATABASE_URI
|
||||
from src.constants import Environment
|
||||
from src.config import SQLALCHEMY_DATABASE_URI, settings as global_settings
|
||||
|
||||
engine = create_engine(SQLALCHEMY_DATABASE_URI.get_secret_value())
|
||||
if global_settings.ENVIRONMENT == Environment.TESTING:
|
||||
connect_args = {"check_same_thread": False}
|
||||
else:
|
||||
connect_args = {}
|
||||
|
||||
engine = create_engine(SQLALCHEMY_DATABASE_URI.get_secret_value(), connect_args=connect_args)
|
||||
|
||||
SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
|
||||
|
||||
|
|
@ -30,4 +36,5 @@ def get_db():
|
|||
|
||||
|
||||
db_dependency = Annotated[Session, Depends(get_db)]
|
||||
Base = declarative_base()
|
||||
class Base(DeclarativeBase):
|
||||
pass
|
||||
|
|
|
|||
|
|
@ -8,6 +8,7 @@ from fastapi import FastAPI
|
|||
from starlette.middleware.sessions import SessionMiddleware
|
||||
from starlette.middleware.cors import CORSMiddleware
|
||||
|
||||
from src.constants import Environment
|
||||
from src.config import settings
|
||||
from src.api import api_router
|
||||
|
||||
|
|
@ -66,7 +67,7 @@ app.add_middleware(
|
|||
allow_headers=settings.CORS_HEADERS,
|
||||
)
|
||||
|
||||
if settings.ENVIRONMENT == "local" and settings.DISABLE_AUTH:
|
||||
if settings.DISABLE_AUTH and (settings.ENVIRONMENT == Environment.LOCAL or settings.ENVIRONMENT == Environment.TESTING):
|
||||
app.dependency_overrides[get_current_user] = get_dev_user
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -6,29 +6,31 @@ Exports:
|
|||
"""
|
||||
from typing import Any
|
||||
|
||||
from src.database import get_db
|
||||
from sqlalchemy.orm import Session
|
||||
|
||||
from src.exceptions import UnprocessableContentException
|
||||
|
||||
from src.user.schemas import OIDCUser
|
||||
from src.user.models import User
|
||||
|
||||
|
||||
async def add_user_to_db(user_claims: dict[str, Any]) -> int:
|
||||
async def add_user_to_db(db: Session, user_claims: dict[str, Any]) -> int:
|
||||
try:
|
||||
valid_user = OIDCUser(first_name=user_claims["given_name"], last_name=user_claims["family_name"], email=user_claims["email"], oidc_id=user_claims["sub"])
|
||||
except Exception as e:
|
||||
print(e)
|
||||
raise UnprocessableContentException("Invalid or missing OIDC data")
|
||||
|
||||
db = next(get_db())
|
||||
db_user = db.query(User).filter(User.oidc_id == valid_user.oidc_id).first()
|
||||
|
||||
if not db_user:
|
||||
user_model = User(**valid_user.model_dump())
|
||||
db.add(user_model)
|
||||
user_id = user_model.id
|
||||
db.commit()
|
||||
return user_model.id
|
||||
return user_id
|
||||
else:
|
||||
user_id = db_user.id
|
||||
change = False
|
||||
if db_user.first_name != valid_user.first_name:
|
||||
db_user.first_name = valid_user.first_name
|
||||
|
|
@ -39,4 +41,4 @@ async def add_user_to_db(user_claims: dict[str, Any]) -> int:
|
|||
if change:
|
||||
db.add(db_user)
|
||||
db.commit()
|
||||
return db_user.id
|
||||
return user_id
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue