91 lines
2.9 KiB
Python
91 lines
2.9 KiB
Python
from typing import Optional
|
|
|
|
from fastapi import Depends, Request
|
|
from fastapi.security import OAuth2PasswordRequestForm
|
|
from fastapi_users import BaseUserManager, FastAPIUsers, IntegerIDMixin
|
|
from fastapi_users.authentication import (
|
|
AuthenticationBackend,
|
|
BearerTransport,
|
|
JWTStrategy,
|
|
)
|
|
from fastapi_users.db import SQLAlchemyUserDatabase
|
|
from sqlalchemy.ext.asyncio import AsyncSession
|
|
from authlib.integrations.starlette_client import OAuth
|
|
from starlette.config import Config
|
|
from starlette.middleware.sessions import SessionMiddleware
|
|
from starlette.responses import Response
|
|
|
|
from .database import get_async_session
|
|
from .models import User
|
|
from .config import settings
|
|
|
|
# OAuth2 configuration
|
|
config = Config('.env')
|
|
oauth = OAuth(config)
|
|
|
|
# Google OAuth2 setup
|
|
oauth.register(
|
|
name='google',
|
|
server_metadata_url='https://accounts.google.com/.well-known/openid-configuration',
|
|
client_kwargs={
|
|
'scope': 'openid email profile',
|
|
'redirect_uri': settings.GOOGLE_REDIRECT_URI
|
|
}
|
|
)
|
|
|
|
# Apple OAuth2 setup
|
|
oauth.register(
|
|
name='apple',
|
|
server_metadata_url='https://appleid.apple.com/.well-known/openid-configuration',
|
|
client_kwargs={
|
|
'scope': 'openid email name',
|
|
'redirect_uri': settings.APPLE_REDIRECT_URI
|
|
}
|
|
)
|
|
|
|
class UserManager(IntegerIDMixin, BaseUserManager[User, int]):
|
|
reset_password_token_secret = settings.SECRET_KEY
|
|
verification_token_secret = settings.SECRET_KEY
|
|
|
|
async def on_after_register(self, user: User, request: Optional[Request] = None):
|
|
print(f"User {user.id} has registered.")
|
|
|
|
async def on_after_forgot_password(
|
|
self, user: User, token: str, request: Optional[Request] = None
|
|
):
|
|
print(f"User {user.id} has forgot their password. Reset token: {token}")
|
|
|
|
async def on_after_request_verify(
|
|
self, user: User, token: str, request: Optional[Request] = None
|
|
):
|
|
print(f"Verification requested for user {user.id}. Verification token: {token}")
|
|
|
|
async def on_after_login(
|
|
self, user: User, request: Optional[Request] = None, response: Optional[Response] = None
|
|
):
|
|
print(f"User {user.id} has logged in.")
|
|
|
|
async def get_user_db(session: AsyncSession = Depends(get_async_session)):
|
|
yield SQLAlchemyUserDatabase(session, User)
|
|
|
|
async def get_user_manager(user_db: SQLAlchemyUserDatabase = Depends(get_user_db)):
|
|
yield UserManager(user_db)
|
|
|
|
bearer_transport = BearerTransport(tokenUrl="auth/jwt/login")
|
|
|
|
def get_jwt_strategy() -> JWTStrategy:
|
|
return JWTStrategy(secret=settings.SECRET_KEY, lifetime_seconds=settings.ACCESS_TOKEN_EXPIRE_MINUTES * 60)
|
|
|
|
auth_backend = AuthenticationBackend(
|
|
name="jwt",
|
|
transport=bearer_transport,
|
|
get_strategy=get_jwt_strategy,
|
|
)
|
|
|
|
fastapi_users = FastAPIUsers[User, int](
|
|
get_user_manager,
|
|
[auth_backend],
|
|
)
|
|
|
|
current_active_user = fastapi_users.current_user(active=True)
|
|
current_superuser = fastapi_users.current_user(active=True, superuser=True) |