quivr/backend/auth/auth_bearer.py

import os
from typing import Optional

from fastapi import HTTPException, Request, Depends
from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
from models.users import User
from .auth_handler import decode_access_token


class JWTBearer(HTTPBearer):
    def __init__(self, auto_error: bool = True):
        super().__init__(auto_error=auto_error)

    async def __call__(self, request: Request):
        credentials: Optional[HTTPAuthorizationCredentials] = await super().__call__(request)
        if os.environ.get("AUTHENTICATE") == "false":
            return True
        if credentials:
            if not credentials.scheme == "Bearer":
                raise HTTPException(status_code=402, detail="Invalid authorization scheme.")
            token = credentials.credentials
            if not self.verify_jwt(token):
                raise HTTPException(status_code=402, detail="Invalid token or expired token.")
            return self.verify_jwt(token)  # change this line
        else:
            raise HTTPException(status_code=403, detail="Invalid authorization code.")

    def verify_jwt(self, jwtoken: str):
        payload = decode_access_token(jwtoken)
        return payload


def get_current_user(credentials: dict = Depends(JWTBearer())) -> User:
    return User(email=credentials.get('email', 'none'))
feat(auth): now application has authentication (#144) * feat(auth): backend authentification verification * feat(auth): added to all endpoints * feat(auth): added to all endpoints * feat(auth): redirect if not connected * chore(print): removed * feat(login): redirect * feat(icon): added * chore(yarn): removed lock * chore(gitignore): removed 2023-05-24 23:21:22 +03:00			`import os`
Feat/single brain (#215) * feat(llm): update * feat(singlebrain): added new table with user-id * feat(user): get user from email * feat(user_id): added search * ✨ add user_id to most endpoints * docs(readme): new script --------- Co-authored-by: gozineb <zinebe@theodo.fr> 2023-05-31 14:51:23 +03:00			`from typing import Optional`
feat(auth): now application has authentication (#144) * feat(auth): backend authentification verification * feat(auth): added to all endpoints * feat(auth): added to all endpoints * feat(auth): redirect if not connected * chore(print): removed * feat(login): redirect * feat(icon): added * chore(yarn): removed lock * chore(gitignore): removed 2023-05-24 23:21:22 +03:00
Feat: backend refactor (#306) * fix: edge cases on migration scripts * chore: remove unused deps. * refactor: user_routes * refactor: chat_routes * refactor: upload_routes * refactor: explore_routes * refactor: crawl_routes * chore(refactor): get current user * refactor: more dead dependencies * bug: wrap email in credentials dict. --------- Co-authored-by: Stan Girard <girard.stanislas@gmail.com> 2023-06-12 18:58:05 +03:00			`from fastapi import HTTPException, Request, Depends`
Feat/single brain (#215) * feat(llm): update * feat(singlebrain): added new table with user-id * feat(user): get user from email * feat(user_id): added search * ✨ add user_id to most endpoints * docs(readme): new script --------- Co-authored-by: gozineb <zinebe@theodo.fr> 2023-05-31 14:51:23 +03:00			`from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer`
Feat: backend refactor (#306) * fix: edge cases on migration scripts * chore: remove unused deps. * refactor: user_routes * refactor: chat_routes * refactor: upload_routes * refactor: explore_routes * refactor: crawl_routes * chore(refactor): get current user * refactor: more dead dependencies * bug: wrap email in credentials dict. --------- Co-authored-by: Stan Girard <girard.stanislas@gmail.com> 2023-06-12 18:58:05 +03:00			`from models.users import User`
Back/refacto files (#240) * feat(docker): added docker for prod * feat(refacto): moved to modules 2023-06-04 00:12:42 +03:00			`from .auth_handler import decode_access_token`

feat(auth): now application has authentication (#144) * feat(auth): backend authentification verification * feat(auth): added to all endpoints * feat(auth): added to all endpoints * feat(auth): redirect if not connected * chore(print): removed * feat(login): redirect * feat(icon): added * chore(yarn): removed lock * chore(gitignore): removed 2023-05-24 23:21:22 +03:00
			`class JWTBearer(HTTPBearer):`
			`def __init__(self, auto_error: bool = True):`
			`super().__init__(auto_error=auto_error)`

			`async def __call__(self, request: Request):`
			`credentials: Optional[HTTPAuthorizationCredentials] = await super().__call__(request)`
			`if os.environ.get("AUTHENTICATE") == "false":`
			`return True`
			`if credentials:`
			`if not credentials.scheme == "Bearer":`
			`raise HTTPException(status_code=402, detail="Invalid authorization scheme.")`
			`token = credentials.credentials`
			`if not self.verify_jwt(token):`
			`raise HTTPException(status_code=402, detail="Invalid token or expired token.")`
Feat/single brain (#215) * feat(llm): update * feat(singlebrain): added new table with user-id * feat(user): get user from email * feat(user_id): added search * ✨ add user_id to most endpoints * docs(readme): new script --------- Co-authored-by: gozineb <zinebe@theodo.fr> 2023-05-31 14:51:23 +03:00			`return self.verify_jwt(token) # change this line`
feat(auth): now application has authentication (#144) * feat(auth): backend authentification verification * feat(auth): added to all endpoints * feat(auth): added to all endpoints * feat(auth): redirect if not connected * chore(print): removed * feat(login): redirect * feat(icon): added * chore(yarn): removed lock * chore(gitignore): removed 2023-05-24 23:21:22 +03:00			`else:`
			`raise HTTPException(status_code=403, detail="Invalid authorization code.")`

Feat/single brain (#215) * feat(llm): update * feat(singlebrain): added new table with user-id * feat(user): get user from email * feat(user_id): added search * ✨ add user_id to most endpoints * docs(readme): new script --------- Co-authored-by: gozineb <zinebe@theodo.fr> 2023-05-31 14:51:23 +03:00			`def verify_jwt(self, jwtoken: str):`
feat(auth): now application has authentication (#144) * feat(auth): backend authentification verification * feat(auth): added to all endpoints * feat(auth): added to all endpoints * feat(auth): redirect if not connected * chore(print): removed * feat(login): redirect * feat(icon): added * chore(yarn): removed lock * chore(gitignore): removed 2023-05-24 23:21:22 +03:00			`payload = decode_access_token(jwtoken)`
Feat: backend refactor (#306) * fix: edge cases on migration scripts * chore: remove unused deps. * refactor: user_routes * refactor: chat_routes * refactor: upload_routes * refactor: explore_routes * refactor: crawl_routes * chore(refactor): get current user * refactor: more dead dependencies * bug: wrap email in credentials dict. --------- Co-authored-by: Stan Girard <girard.stanislas@gmail.com> 2023-06-12 18:58:05 +03:00			`return payload`


			`def get_current_user(credentials: dict = Depends(JWTBearer())) -> User:`
			`return User(email=credentials.get('email', 'none'))`