Commit f7393bf

committed

Замена libs и создание класса PWD в Security

Удалил passlib, теперь использую bcrypt и специально для него создал класс PWD Заменил python-jose на pyjwt

1 parent 21ac5c4 commit f7393bfCopy full SHA for f7393bf

File tree

12 files changed

+271

-322

lines changed

app
- __init__.py
- api/endpoints/users
  - auth.py
  - create.py
- core
  - __init__.py
  - db.py
  - deps.py
  - exps.py
  - security
poetry.lock
pyproject.toml

12 files changed

+271

-322

lines changed

`‎app/init.py‎`

Lines changed: 3 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -12,9 +12,9 @@`
`12`	`12`	`root_path=settings.APP_PATH,`
`13`	`13`	`version=settings.APP_VERSION,`
`14`	`14`	`contact={`
`15`		`- "name": "Fast Code",`
`16`		`- "url": "https://fast-code.pro/",`
`17`		`- "email": "fast.code.auth@gmail.com",`
	`15`	`+ 'name': 'Fast Code',`
	`16`	`+ 'url': 'https://fast-code.pro/',`
	`17`	`+ 'email': 'fast.code.auth@gmail.com',`
`18`	`18`	`},`
`19`	`19`	`)`
`20`	`20`

`‎app/api/endpoints/users/auth.py‎`

Lines changed: 5 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,24 +1,24 @@`
`1`	`1`	`from fastapi import APIRouter`
`2`	`2`
`3`	`3`	`from app.api import anotations`
`4`		`-from app.core import deps, exps`
	`4`	`+from app.core import exps`
`5`	`5`	`from app.models.token import AccessToken`
`6`	`6`	`from app.models.user import UserCreate`
`7`	`7`
`8`		`-router = APIRouter(prefix="/auth")`
	`8`	`+router = APIRouter(prefix='/auth')`
`9`	`9`
`10`	`10`
`11`		`-@router.post("/token/", response_model=AccessToken)`
	`11`	`+@router.post('/token/', response_model=AccessToken)`
`12`	`12`	`async def token(`
`13`	`13`	`data: UserCreate, db: anotations.Database, security: anotations.Security`
`14`	`14`	`):`
`15`	`15`	`"""`
`16`	`16`	`Retrieve new access token`
`17`	`17`	`"""`
`18`	`18`	`if user := await db.user.retrieve_by_email(data.email):`
`19`		`- if not deps.pwd_context.verify(data.password, user.password):`
	`19`	`+ if not security.pwd.checkpwd(data.password, user.password):`
`20`	`20`	`raise exps.USER_IS_CORRECT`
`21`		`- access_token = security.jwt.encode_token({"id": user.id}, 1440)`
	`21`	`+ access_token = security.jwt.encode_token({'id': user.id}, 1440)`
`22`	`22`	`return AccessToken(token=access_token)`
`23`	`23`
`24`	`24`	`raise exps.USER_NOT_FOUND`

`‎app/api/endpoints/users/create.py‎`

Lines changed: 5 additions & 6 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,24 +1,23 @@`
`1`	`1`	`from fastapi import APIRouter`
`2`	`2`
`3`	`3`	`from app.api import anotations`
`4`		`-from app.core import deps, exps`
	`4`	`+from app.core import exps`
`5`	`5`	`from app.models.user import User, UserCreate, UserRead`
`6`	`6`
`7`		`-router = APIRouter(prefix="/create")`
	`7`	`+router = APIRouter(prefix='/create')`
`8`	`8`
`9`	`9`
`10`		`-@router.post("/", response_model=UserRead)`
	`10`	`+@router.post('/', response_model=UserRead)`
`11`	`11`	`async def registration(`
`12`		`- data: UserCreate,`
`13`		`- db: anotations.Database,`
	`12`	`+ data: UserCreate, db: anotations.Database, security: anotations.Security`
`14`	`13`	`):`
`15`	`14`	`"""`
`16`	`15`	`Create user`
`17`	`16`	`"""`
`18`	`17`	`if await db.user.retrieve_by_email(data.email):`
`19`	`18`	`raise exps.USER_EXISTS`
`20`	`19`
`21`		`- password_hash = deps.pwd_context.hash(data.password)`
	`20`	`+ password_hash = security.pwd.hashpwd(data.password)`
`22`	`21`	`model = User(email=data.email, password=password_hash)`
`23`	`22`	`user = await db.user.create(model)`
`24`	`23`	`return user`

`‎app/core/init.py‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -4,4 +4,4 @@`
`4`	`4`
`5`	`5`	`from .security import Security`
`6`	`6`
`7`		`-__all__ = ["Security"]`
	`7`	`+__all__ = ['Security']`

`‎app/core/db.py‎`

Lines changed: 2 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -2,7 +2,8 @@`
`2`	`2`	`Database`
`3`	`3`	`"""`
`4`	`4`
`5`		`-from sqlalchemy.ext.asyncio import AsyncEngine, async_sessionmaker, create_async_engine`
	`5`	`+from sqlalchemy.ext.asyncio import (AsyncEngine, async_sessionmaker,`
	`6`	`+ create_async_engine)`
`6`	`7`	`from sqlmodel.ext.asyncio.session import AsyncSession`
`7`	`8`
`8`	`9`	`from app import repositories as repos`

`‎app/core/deps.py‎`

Lines changed: 0 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -4,15 +4,12 @@`
`4`	`4`
`5`	`5`	`from fastapi import Depends`
`6`	`6`	`from fastapi.security import APIKeyHeader`
`7`		`-from passlib.context import CryptContext`
`8`	`7`	`from typing_extensions import Annotated, AsyncGenerator`
`9`	`8`
`10`	`9`	`from app.models.user import User`
`11`	`10`
`12`	`11`	`from . import Security, db, exps`
`13`	`12`
`14`		`-pwd_context = CryptContext(schemes=['bcrypt'], deprecated='auto')`
`15`		`-`
`16`	`13`
`17`	`14`	`async def get_db() -> AsyncGenerator[db.Database]:`
`18`	`15`	`async with db.SessionLocal() as session:`

`‎app/core/exps.py‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,7 @@`
`8`	`8`	`USER_EXISTS = HTTPException(status.HTTP_409_CONFLICT, 'User is already taken.')`
`9`	`9`	`USER_NOT_FOUND = HTTPException(status.HTTP_404_NOT_FOUND, 'User not found.')`
`10`	`10`	`USER_IS_CORRECT = HTTPException(`
`11`		`- status.HTTP_401_UNAUTHORIZED, 'Authorization failed. Please try again'`
	`11`	`+ status.HTTP_401_UNAUTHORIZED, 'User is correct'`
`12`	`12`	`)`
`13`	`13`
`14`	`14`	`# Tokens`

`‎app/core/security/init.py‎`

Lines changed: 3 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -1,11 +1,13 @@`
`1`	`1`	`from app.core.settings import settings`
`2`	`2`
`3`	`3`	`from .jwt import JWT`
	`4`	`+from .pwd import PWD`
`4`	`5`
`5`	`6`
`6`	`7`	`class Security:`
`7`	`8`	`def __init__(self):`
`8`	`9`	`self.jwt = JWT(settings.APP_SECRET_KEY)`
	`10`	`+ self.pwd = PWD()`
`9`	`11`
`10`	`12`
`11`		`-__all__ = ["Security"]`
	`13`	`+__all__ = ['Security']`

`‎app/core/security/jwt.py‎`

Lines changed: 5 additions & 7 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`import datetime as dt`
`2`	`2`
`3`		`-fromjoseimportJWTError, jwt`
`4`		`-from jose.constants import ALGORITHMS`
	`3`	`+import jwt`
	`4`	`+from jwt import PyJWTError`
`5`	`5`
`6`	`6`	`from app.core import exps`
`7`	`7`
`@@ -12,10 +12,8 @@ def __init__(self, secret_key: str):`
`12`	`12`
`13`	`13`	`def decode_token(self, token: str) -> dict \| None:`
`14`	`14`	`try:`
`15`		`- payload = jwt.decode(`
`16`		`- token, self.secret_key, algorithms=[ALGORITHMS.HS256]`
`17`		`- )`
`18`		`- except JWTError:`
	`15`	`+ payload = jwt.decode(token, self.secret_key, algorithms=['HS256'])`
	`16`	`+ except PyJWTError:`
`19`	`17`	`raise exps.TOKEN_INVALID`
`20`	`18`
`21`	`19`	`exp = payload.get('exp')`
`@@ -28,4 +26,4 @@ def encode_token(self, payload: dict, minutes: int) -> str:`
`28`	`26`	`'payload': payload,`
`29`	`27`	`'exp': dt.datetime.now(dt.UTC) + dt.timedelta(minutes=minutes),`
`30`	`28`	`}`
`31`		`- return jwt.encode(claims, self.secret_key, algorithm=ALGORITHMS.HS256)`
	`29`	`+ return jwt.encode(claims, self.secret_key, algorithm='HS256')`

`‎app/core/security/pwd.py‎`

Lines changed: 9 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,9 @@`
	`1`	`+import bcrypt`
	`2`	`+`
	`3`	`+`
	`4`	`+class PWD:`
	`5`	`+ def hashpwd(self, password: str) -> str:`
	`6`	`+ return bcrypt.hashpw(password.encode(), bcrypt.gensalt()).decode()`
	`7`	`+`
	`8`	`+ def checkpwd(self, password: str, hashed_password: str) -> bool:`
	`9`	`+ return bcrypt.checkpw(password.encode(), hashed_password.encode())`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit f7393bf

File tree

12 files changed

12 files changed

`‎app/init.py‎`

`‎app/api/endpoints/users/auth.py‎`

`‎app/api/endpoints/users/create.py‎`

`‎app/core/init.py‎`

`‎app/core/db.py‎`

`‎app/core/deps.py‎`

`‎app/core/exps.py‎`

`‎app/core/security/init.py‎`

`‎app/core/security/jwt.py‎`

`‎app/core/security/pwd.py‎`

0 commit comments