quivr/backend/auth/auth_bearer.py

import os
from typing import Optional

from auth.api_key_handler import get_user_from_api_key, verify_api_key
from auth.jwt_token_handler import decode_access_token, verify_token
from fastapi import Depends, HTTPException, Request
from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
from models.users import User


class AuthBearer(HTTPBearer):
    def __init__(self, auto_error: bool = True):
        super().__init__(auto_error=auto_error)

    async def __call__(
        self,
        request: Request,
    ):
        credentials: Optional[HTTPAuthorizationCredentials] = await super().__call__(
            request
        )
        self.check_scheme(credentials)
        token = credentials.credentials
        return await self.authenticate(
            token,
        )

    def check_scheme(self, credentials):
        if credentials and credentials.scheme != "Bearer":
            raise HTTPException(status_code=401, detail="Token must be Bearer")
        elif not credentials:
            raise HTTPException(
                status_code=403, detail="Authentication credentials missing"
            )

    async def authenticate(
        self,
        token: str,
    ):
        if os.environ.get("AUTHENTICATE") == "false":
            return self.get_test_user()
        elif verify_token(token):
            return decode_access_token(token)
        elif await verify_api_key(
            token,
        ):
            return await get_user_from_api_key(
                token,
            )
        else:
            raise HTTPException(status_code=401, detail="Invalid token or api key.")

    def get_test_user(self):
        return {"email": "test@example.com"}  # replace with test user information


def get_current_user(credentials: dict = Depends(AuthBearer())) -> User:
    return User(email=credentials.get("email", "none"), id=credentials.get("sub", "none"))
feat(auth): now application has authentication (#144) * feat(auth): backend authentification verification * feat(auth): added to all endpoints * feat(auth): added to all endpoints * feat(auth): redirect if not connected * chore(print): removed * feat(login): redirect * feat(icon): added * chore(yarn): removed lock * chore(gitignore): removed 2023-05-24 23:21:22 +03:00			`import os`
Feat/multiple brains backend (#340) * 🗃️ add new tables for multiple brains * 🗑️ remove date input from fetch_user_id_from_credentials * ✨ new /brain endpoints * ♻️ refactor backend utils by splitting it into files * 💡 comments for next actions to update /upload 2023-06-17 00:36:53 +03:00			`from typing import Optional`
feat(auth): now application has authentication (#144) * feat(auth): backend authentification verification * feat(auth): added to all endpoints * feat(auth): added to all endpoints * feat(auth): redirect if not connected * chore(print): removed * feat(login): redirect * feat(icon): added * chore(yarn): removed lock * chore(gitignore): removed 2023-05-24 23:21:22 +03:00
Feat/multiple brains backend (#340) * 🗃️ add new tables for multiple brains * 🗑️ remove date input from fetch_user_id_from_credentials * ✨ new /brain endpoints * ♻️ refactor backend utils by splitting it into files * 💡 comments for next actions to update /upload 2023-06-17 00:36:53 +03:00			`from auth.api_key_handler import get_user_from_api_key, verify_api_key`
feat: user can create api keys (#329) * feat: user can create api keys * fix: linting on build * Update backend/routes/api_key_routes.py * chore: rename and refactor AuthBearer * chore: add types 2023-06-14 22:21:13 +03:00			`from auth.jwt_token_handler import decode_access_token, verify_token`
Feat/multiple brains backend (#340) * 🗃️ add new tables for multiple brains * 🗑️ remove date input from fetch_user_id_from_credentials * ✨ new /brain endpoints * ♻️ refactor backend utils by splitting it into files * 💡 comments for next actions to update /upload 2023-06-17 00:36:53 +03:00			`from fastapi import Depends, HTTPException, Request`
			`from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer`
feat: user can create api keys (#329) * feat: user can create api keys * fix: linting on build * Update backend/routes/api_key_routes.py * chore: rename and refactor AuthBearer * chore: add types 2023-06-14 22:21:13 +03:00			`from models.users import User`
Feat/multiple brains backend (#340) * 🗃️ add new tables for multiple brains * 🗑️ remove date input from fetch_user_id_from_credentials * ✨ new /brain endpoints * ♻️ refactor backend utils by splitting it into files * 💡 comments for next actions to update /upload 2023-06-17 00:36:53 +03:00
feat(auth): now application has authentication (#144) * feat(auth): backend authentification verification * feat(auth): added to all endpoints * feat(auth): added to all endpoints * feat(auth): redirect if not connected * chore(print): removed * feat(login): redirect * feat(icon): added * chore(yarn): removed lock * chore(gitignore): removed 2023-05-24 23:21:22 +03:00
feat: user can create api keys (#329) * feat: user can create api keys * fix: linting on build * Update backend/routes/api_key_routes.py * chore: rename and refactor AuthBearer * chore: add types 2023-06-14 22:21:13 +03:00			`class AuthBearer(HTTPBearer):`
feat(auth): now application has authentication (#144) * feat(auth): backend authentification verification * feat(auth): added to all endpoints * feat(auth): added to all endpoints * feat(auth): redirect if not connected * chore(print): removed * feat(login): redirect * feat(icon): added * chore(yarn): removed lock * chore(gitignore): removed 2023-05-24 23:21:22 +03:00			`def __init__(self, auto_error: bool = True):`
			`super().__init__(auto_error=auto_error)`

Feat/error handling (#366) * feat: improve error handling * docs: explain error handling system 2023-06-23 11:36:55 +03:00			`async def __call__(`
			`self,`
			`request: Request,`
			`):`
Feat: chat name edit (#343) * feat(chat): add name update * chore(linting): add flake8 * feat: add chat name edit 2023-06-20 10:54:23 +03:00			`credentials: Optional[HTTPAuthorizationCredentials] = await super().__call__(`
			`request`
			`)`
feat: user can create api keys (#329) * feat: user can create api keys * fix: linting on build * Update backend/routes/api_key_routes.py * chore: rename and refactor AuthBearer * chore: add types 2023-06-14 22:21:13 +03:00			`self.check_scheme(credentials)`
			`token = credentials.credentials`
Feat/error handling (#366) * feat: improve error handling * docs: explain error handling system 2023-06-23 11:36:55 +03:00			`return await self.authenticate(`
			`token,`
			`)`
feat: user can create api keys (#329) * feat: user can create api keys * fix: linting on build * Update backend/routes/api_key_routes.py * chore: rename and refactor AuthBearer * chore: add types 2023-06-14 22:21:13 +03:00
			`def check_scheme(self, credentials):`
Feat/error handling (#366) * feat: improve error handling * docs: explain error handling system 2023-06-23 11:36:55 +03:00			`if credentials and credentials.scheme != "Bearer":`
			`raise HTTPException(status_code=401, detail="Token must be Bearer")`
feat: user can create api keys (#329) * feat: user can create api keys * fix: linting on build * Update backend/routes/api_key_routes.py * chore: rename and refactor AuthBearer * chore: add types 2023-06-14 22:21:13 +03:00			`elif not credentials:`
Feat/error handling (#366) * feat: improve error handling * docs: explain error handling system 2023-06-23 11:36:55 +03:00			`raise HTTPException(`
			`status_code=403, detail="Authentication credentials missing"`
			`)`
feat(auth): now application has authentication (#144) * feat(auth): backend authentification verification * feat(auth): added to all endpoints * feat(auth): added to all endpoints * feat(auth): redirect if not connected * chore(print): removed * feat(login): redirect * feat(icon): added * chore(yarn): removed lock * chore(gitignore): removed 2023-05-24 23:21:22 +03:00
Feat/error handling (#366) * feat: improve error handling * docs: explain error handling system 2023-06-23 11:36:55 +03:00			`async def authenticate(`
			`self,`
			`token: str,`
			`):`
feat: user can create api keys (#329) * feat: user can create api keys * fix: linting on build * Update backend/routes/api_key_routes.py * chore: rename and refactor AuthBearer * chore: add types 2023-06-14 22:21:13 +03:00			`if os.environ.get("AUTHENTICATE") == "false":`
			`return self.get_test_user()`
			`elif verify_token(token):`
			`return decode_access_token(token)`
Feat/error handling (#366) * feat: improve error handling * docs: explain error handling system 2023-06-23 11:36:55 +03:00			`elif await verify_api_key(`
			`token,`
			`):`
			`return await get_user_from_api_key(`
			`token,`
Feat: chat name edit (#343) * feat(chat): add name update * chore(linting): add flake8 * feat: add chat name edit 2023-06-20 10:54:23 +03:00			`)`
Feat/error handling (#366) * feat: improve error handling * docs: explain error handling system 2023-06-23 11:36:55 +03:00			`else:`
			`raise HTTPException(status_code=401, detail="Invalid token or api key.")`
Feat: backend refactor (#306) * fix: edge cases on migration scripts * chore: remove unused deps. * refactor: user_routes * refactor: chat_routes * refactor: upload_routes * refactor: explore_routes * refactor: crawl_routes * chore(refactor): get current user * refactor: more dead dependencies * bug: wrap email in credentials dict. --------- Co-authored-by: Stan Girard <girard.stanislas@gmail.com> 2023-06-12 18:58:05 +03:00
feat: user can create api keys (#329) * feat: user can create api keys * fix: linting on build * Update backend/routes/api_key_routes.py * chore: rename and refactor AuthBearer * chore: add types 2023-06-14 22:21:13 +03:00			`def get_test_user(self):`
Feat: chat name edit (#343) * feat(chat): add name update * chore(linting): add flake8 * feat: add chat name edit 2023-06-20 10:54:23 +03:00			`return {"email": "test@example.com"} # replace with test user information`

Feat: backend refactor (#306) * fix: edge cases on migration scripts * chore: remove unused deps. * refactor: user_routes * refactor: chat_routes * refactor: upload_routes * refactor: explore_routes * refactor: crawl_routes * chore(refactor): get current user * refactor: more dead dependencies * bug: wrap email in credentials dict. --------- Co-authored-by: Stan Girard <girard.stanislas@gmail.com> 2023-06-12 18:58:05 +03:00
feat: user can create api keys (#329) * feat: user can create api keys * fix: linting on build * Update backend/routes/api_key_routes.py * chore: rename and refactor AuthBearer * chore: add types 2023-06-14 22:21:13 +03:00			`def get_current_user(credentials: dict = Depends(AuthBearer())) -> User:`
Feat/multiple brains files (#361) 2023-06-28 20:39:27 +03:00			`return User(email=credentials.get("email", "none"), id=credentials.get("sub", "none"))`