quivr/backend/auth/auth_bearer.py

import os
from typing import Optional

from fastapi import Depends, HTTPException, Request
from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
from models.users import User

from auth.api_key_handler import get_user_from_api_key, verify_api_key
from auth.jwt_token_handler import decode_access_token, verify_token


class AuthBearer(HTTPBearer):
    def __init__(self, auto_error: bool = True):
        super().__init__(auto_error=auto_error)

    async def __call__(
        self,
        request: Request,
    ):
        credentials: Optional[HTTPAuthorizationCredentials] = await super().__call__(
            request
        )
        self.check_scheme(credentials)
        token = credentials.credentials  # pyright: ignore reportPrivateUsage=none
        return await self.authenticate(
            token,
        )

    def check_scheme(self, credentials):
        if credentials and credentials.scheme != "Bearer":
            raise HTTPException(status_code=401, detail="Token must be Bearer")
        elif not credentials:
            raise HTTPException(
                status_code=403, detail="Authentication credentials missing"
            )

    async def authenticate(
        self,
        token: str,
    ) -> User:
        if os.environ.get("AUTHENTICATE") == "false":
            return self.get_test_user()
        elif verify_token(token):
            return decode_access_token(token)
        elif await verify_api_key(
            token,
        ):
            return await get_user_from_api_key(
                token,
            )
        else:
            raise HTTPException(status_code=401, detail="Invalid token or api key.")

    def get_test_user(self) -> User:
        return User(
            email="test@example.com", id="XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"  # type: ignore
        )  # replace with test user information


def get_current_user(user: User = Depends(AuthBearer())) -> User:
    return user
feat(auth): now application has authentication (#144) * feat(auth): backend authentification verification * feat(auth): added to all endpoints * feat(auth): added to all endpoints * feat(auth): redirect if not connected * chore(print): removed * feat(login): redirect * feat(icon): added * chore(yarn): removed lock * chore(gitignore): removed 2023-05-24 23:21:22 +03:00			`import os`
Feat/multiple brains backend (#340) * 🗃️ add new tables for multiple brains * 🗑️ remove date input from fetch_user_id_from_credentials * ✨ new /brain endpoints * ♻️ refactor backend utils by splitting it into files * 💡 comments for next actions to update /upload 2023-06-17 00:36:53 +03:00			`from typing import Optional`
feat(auth): now application has authentication (#144) * feat(auth): backend authentification verification * feat(auth): added to all endpoints * feat(auth): added to all endpoints * feat(auth): redirect if not connected * chore(print): removed * feat(login): redirect * feat(icon): added * chore(yarn): removed lock * chore(gitignore): removed 2023-05-24 23:21:22 +03:00
Feat/multiple brains backend (#340) * 🗃️ add new tables for multiple brains * 🗑️ remove date input from fetch_user_id_from_credentials * ✨ new /brain endpoints * ♻️ refactor backend utils by splitting it into files * 💡 comments for next actions to update /upload 2023-06-17 00:36:53 +03:00			`from fastapi import Depends, HTTPException, Request`
			`from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer`
feat: user can create api keys (#329) * feat: user can create api keys * fix: linting on build * Update backend/routes/api_key_routes.py * chore: rename and refactor AuthBearer * chore: add types 2023-06-14 22:21:13 +03:00			`from models.users import User`
Feat/multiple brains backend (#340) * 🗃️ add new tables for multiple brains * 🗑️ remove date input from fetch_user_id_from_credentials * ✨ new /brain endpoints * ♻️ refactor backend utils by splitting it into files * 💡 comments for next actions to update /upload 2023-06-17 00:36:53 +03:00
Feat/static analysis (#582) * feat: add static analysis * chore: update Makefile add static analysis script * chore: add vscode extensions recommandations 2023-07-10 15:27:49 +03:00			`from auth.api_key_handler import get_user_from_api_key, verify_api_key`
			`from auth.jwt_token_handler import decode_access_token, verify_token`

feat(auth): now application has authentication (#144) * feat(auth): backend authentification verification * feat(auth): added to all endpoints * feat(auth): added to all endpoints * feat(auth): redirect if not connected * chore(print): removed * feat(login): redirect * feat(icon): added * chore(yarn): removed lock * chore(gitignore): removed 2023-05-24 23:21:22 +03:00
feat: user can create api keys (#329) * feat: user can create api keys * fix: linting on build * Update backend/routes/api_key_routes.py * chore: rename and refactor AuthBearer * chore: add types 2023-06-14 22:21:13 +03:00			`class AuthBearer(HTTPBearer):`
feat(auth): now application has authentication (#144) * feat(auth): backend authentification verification * feat(auth): added to all endpoints * feat(auth): added to all endpoints * feat(auth): redirect if not connected * chore(print): removed * feat(login): redirect * feat(icon): added * chore(yarn): removed lock * chore(gitignore): removed 2023-05-24 23:21:22 +03:00			`def __init__(self, auto_error: bool = True):`
			`super().__init__(auto_error=auto_error)`

Feat/error handling (#366) * feat: improve error handling * docs: explain error handling system 2023-06-23 11:36:55 +03:00			`async def __call__(`
			`self,`
			`request: Request,`
			`):`
Feat: chat name edit (#343) * feat(chat): add name update * chore(linting): add flake8 * feat: add chat name edit 2023-06-20 10:54:23 +03:00			`credentials: Optional[HTTPAuthorizationCredentials] = await super().__call__(`
			`request`
			`)`
feat: user can create api keys (#329) * feat: user can create api keys * fix: linting on build * Update backend/routes/api_key_routes.py * chore: rename and refactor AuthBearer * chore: add types 2023-06-14 22:21:13 +03:00			`self.check_scheme(credentials)`
Feat/static analysis (#582) * feat: add static analysis * chore: update Makefile add static analysis script * chore: add vscode extensions recommandations 2023-07-10 15:27:49 +03:00			`token = credentials.credentials # pyright: ignore reportPrivateUsage=none`
Feat/error handling (#366) * feat: improve error handling * docs: explain error handling system 2023-06-23 11:36:55 +03:00			`return await self.authenticate(`
			`token,`
			`)`
feat: user can create api keys (#329) * feat: user can create api keys * fix: linting on build * Update backend/routes/api_key_routes.py * chore: rename and refactor AuthBearer * chore: add types 2023-06-14 22:21:13 +03:00
			`def check_scheme(self, credentials):`
Feat/error handling (#366) * feat: improve error handling * docs: explain error handling system 2023-06-23 11:36:55 +03:00			`if credentials and credentials.scheme != "Bearer":`
			`raise HTTPException(status_code=401, detail="Token must be Bearer")`
feat: user can create api keys (#329) * feat: user can create api keys * fix: linting on build * Update backend/routes/api_key_routes.py * chore: rename and refactor AuthBearer * chore: add types 2023-06-14 22:21:13 +03:00			`elif not credentials:`
Feat/error handling (#366) * feat: improve error handling * docs: explain error handling system 2023-06-23 11:36:55 +03:00			`raise HTTPException(`
			`status_code=403, detail="Authentication credentials missing"`
			`)`
feat(auth): now application has authentication (#144) * feat(auth): backend authentification verification * feat(auth): added to all endpoints * feat(auth): added to all endpoints * feat(auth): redirect if not connected * chore(print): removed * feat(login): redirect * feat(icon): added * chore(yarn): removed lock * chore(gitignore): removed 2023-05-24 23:21:22 +03:00
Feat/error handling (#366) * feat: improve error handling * docs: explain error handling system 2023-06-23 11:36:55 +03:00			`async def authenticate(`
			`self,`
			`token: str,`
feat: new classes (#499) * feat: new classes * chore: private llm refactor and enable streaming * fix: validation errors in pytest * fix: default brain behavior * Update backend/llm/base.py * chore: remove 🪦 * fix: remove 🪦 2023-07-04 18:56:54 +03:00			`) -> User:`
feat: user can create api keys (#329) * feat: user can create api keys * fix: linting on build * Update backend/routes/api_key_routes.py * chore: rename and refactor AuthBearer * chore: add types 2023-06-14 22:21:13 +03:00			`if os.environ.get("AUTHENTICATE") == "false":`
			`return self.get_test_user()`
			`elif verify_token(token):`
			`return decode_access_token(token)`
Feat/error handling (#366) * feat: improve error handling * docs: explain error handling system 2023-06-23 11:36:55 +03:00			`elif await verify_api_key(`
			`token,`
			`):`
			`return await get_user_from_api_key(`
			`token,`
Feat: chat name edit (#343) * feat(chat): add name update * chore(linting): add flake8 * feat: add chat name edit 2023-06-20 10:54:23 +03:00			`)`
Feat/error handling (#366) * feat: improve error handling * docs: explain error handling system 2023-06-23 11:36:55 +03:00			`else:`
			`raise HTTPException(status_code=401, detail="Invalid token or api key.")`
Feat: backend refactor (#306) * fix: edge cases on migration scripts * chore: remove unused deps. * refactor: user_routes * refactor: chat_routes * refactor: upload_routes * refactor: explore_routes * refactor: crawl_routes * chore(refactor): get current user * refactor: more dead dependencies * bug: wrap email in credentials dict. --------- Co-authored-by: Stan Girard <girard.stanislas@gmail.com> 2023-06-12 18:58:05 +03:00
feat: new classes (#499) * feat: new classes * chore: private llm refactor and enable streaming * fix: validation errors in pytest * fix: default brain behavior * Update backend/llm/base.py * chore: remove 🪦 * fix: remove 🪦 2023-07-04 18:56:54 +03:00			`def get_test_user(self) -> User:`
			`return User(`
Feat/static analysis (#582) * feat: add static analysis * chore: update Makefile add static analysis script * chore: add vscode extensions recommandations 2023-07-10 15:27:49 +03:00			`email="test@example.com", id="XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX" # type: ignore`
feat: new classes (#499) * feat: new classes * chore: private llm refactor and enable streaming * fix: validation errors in pytest * fix: default brain behavior * Update backend/llm/base.py * chore: remove 🪦 * fix: remove 🪦 2023-07-04 18:56:54 +03:00			`) # replace with test user information`
Feat: chat name edit (#343) * feat(chat): add name update * chore(linting): add flake8 * feat: add chat name edit 2023-06-20 10:54:23 +03:00
Feat: backend refactor (#306) * fix: edge cases on migration scripts * chore: remove unused deps. * refactor: user_routes * refactor: chat_routes * refactor: upload_routes * refactor: explore_routes * refactor: crawl_routes * chore(refactor): get current user * refactor: more dead dependencies * bug: wrap email in credentials dict. --------- Co-authored-by: Stan Girard <girard.stanislas@gmail.com> 2023-06-12 18:58:05 +03:00
fix: jwt decode to return user object (#513) 2023-07-05 10:27:58 +03:00			`def get_current_user(user: User = Depends(AuthBearer())) -> User:`
feat: new classes (#499) * feat: new classes * chore: private llm refactor and enable streaming * fix: validation errors in pytest * fix: default brain behavior * Update backend/llm/base.py * chore: remove 🪦 * fix: remove 🪦 2023-07-04 18:56:54 +03:00			`return user`