Spaces:
Sleeping
Sleeping
Update private_gpt/server/utils/authentication.py
Browse files
private_gpt/server/utils/authentication.py
CHANGED
|
@@ -6,6 +6,7 @@ from passlib.context import CryptContext
|
|
| 6 |
from fastapi.security import OAuth2PasswordRequestForm, OAuth2PasswordBearer
|
| 7 |
from jose import jwt, JWTError
|
| 8 |
from pydantic import BaseModel
|
|
|
|
| 9 |
import os
|
| 10 |
router = APIRouter(
|
| 11 |
prefix='/v1/auth',
|
|
@@ -19,14 +20,18 @@ bcrypt_context = CryptContext(schemes=['bcrypt'], deprecated='auto')
|
|
| 19 |
oauth2_bearer = OAuth2PasswordBearer(tokenUrl='/v1/auth/token')
|
| 20 |
|
| 21 |
hardcoded_users = [
|
| 22 |
-
{ "id":
|
|
|
|
|
|
|
| 23 |
"username": "test",
|
| 24 |
"password_hash": bcrypt_context.hash(os.environ.get("USER_HASH")),
|
| 25 |
"role": "user"
|
| 26 |
},
|
| 27 |
|
| 28 |
-
{ "id":
|
| 29 |
"username": "admin",
|
|
|
|
|
|
|
| 30 |
"password_hash": bcrypt_context.hash(os.environ.get("ADMIN_HASH")),
|
| 31 |
"role": "admin"
|
| 32 |
},
|
|
@@ -35,9 +40,12 @@ hardcoded_users = [
|
|
| 35 |
]
|
| 36 |
|
| 37 |
|
|
|
|
| 38 |
class CreateUserRequest(BaseModel):
|
| 39 |
username: str
|
| 40 |
password: str
|
|
|
|
|
|
|
| 41 |
|
| 42 |
class Token(BaseModel):
|
| 43 |
access_token: str
|
|
@@ -53,15 +61,33 @@ def authenticate_user(username: str, password: str, role: str):
|
|
| 53 |
and stored_role
|
| 54 |
and bcrypt_context.verify(password, stored_password_hash)
|
| 55 |
):
|
| 56 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 57 |
return None
|
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
-
|
|
|
|
| 62 |
async def create_user(create_user_request: CreateUserRequest):
|
| 63 |
-
|
| 64 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 65 |
|
| 66 |
@router.post("/token", response_model=Token)
|
| 67 |
async def login_for_access_token(
|
|
@@ -74,14 +100,14 @@ async def login_for_access_token(
|
|
| 74 |
detail="Could not validate user.",
|
| 75 |
)
|
| 76 |
|
| 77 |
-
token = create_access_token(user["username"], user["id"], user["role"], timedelta(minutes=10080))
|
| 78 |
|
| 79 |
return Token(access_token=token, token_type="bearer")
|
| 80 |
|
| 81 |
|
| 82 |
|
| 83 |
-
def create_access_token(username: str, user_id: int, role: str, expires_delta: timedelta):
|
| 84 |
-
encode = {'sub': username, 'id': user_id, 'role': role}
|
| 85 |
expires = datetime.utcnow() + expires_delta
|
| 86 |
encode.update({'exp': expires})
|
| 87 |
return jwt.encode(encode, SECRET_KEY, algorithm=ALGORITHM)
|
|
@@ -93,9 +119,11 @@ async def get_current_user(token: Annotated[str, Depends(oauth2_bearer)]):
|
|
| 93 |
username: str = payload.get('sub')
|
| 94 |
user_id: int = payload.get('id')
|
| 95 |
role: str = payload.get('role') # Add this line to get the role
|
|
|
|
|
|
|
| 96 |
if username is None or user_id is None:
|
| 97 |
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail='Could not validate user.')
|
| 98 |
-
return {'username': username, 'id': user_id, 'role': role
|
| 99 |
except JWTError:
|
| 100 |
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Could not validate user.")
|
| 101 |
|
|
|
|
| 6 |
from fastapi.security import OAuth2PasswordRequestForm, OAuth2PasswordBearer
|
| 7 |
from jose import jwt, JWTError
|
| 8 |
from pydantic import BaseModel
|
| 9 |
+
import uuid
|
| 10 |
import os
|
| 11 |
router = APIRouter(
|
| 12 |
prefix='/v1/auth',
|
|
|
|
| 20 |
oauth2_bearer = OAuth2PasswordBearer(tokenUrl='/v1/auth/token')
|
| 21 |
|
| 22 |
hardcoded_users = [
|
| 23 |
+
{ "id": str(uuid.uuid4()),
|
| 24 |
+
"first_name": "Ibraaheem",
|
| 25 |
+
"last_name": "Akbar",
|
| 26 |
"username": "test",
|
| 27 |
"password_hash": bcrypt_context.hash(os.environ.get("USER_HASH")),
|
| 28 |
"role": "user"
|
| 29 |
},
|
| 30 |
|
| 31 |
+
{ "id": str(uuid.uuid4()),
|
| 32 |
"username": "admin",
|
| 33 |
+
"first_name": "John",
|
| 34 |
+
"last_name": "Doe",
|
| 35 |
"password_hash": bcrypt_context.hash(os.environ.get("ADMIN_HASH")),
|
| 36 |
"role": "admin"
|
| 37 |
},
|
|
|
|
| 40 |
]
|
| 41 |
|
| 42 |
|
| 43 |
+
|
| 44 |
class CreateUserRequest(BaseModel):
|
| 45 |
username: str
|
| 46 |
password: str
|
| 47 |
+
first_name: str
|
| 48 |
+
last_name: str
|
| 49 |
|
| 50 |
class Token(BaseModel):
|
| 51 |
access_token: str
|
|
|
|
| 61 |
and stored_role
|
| 62 |
and bcrypt_context.verify(password, stored_password_hash)
|
| 63 |
):
|
| 64 |
+
# Include 'first_name' and 'last_name' in the user dictionary
|
| 65 |
+
user_data = {
|
| 66 |
+
"username": username,
|
| 67 |
+
"id": user["id"],
|
| 68 |
+
"role": stored_role,
|
| 69 |
+
"first_name": user.get("first_name", ""),
|
| 70 |
+
"last_name": user.get("last_name", ""),
|
| 71 |
+
}
|
| 72 |
+
return user_data
|
| 73 |
return None
|
| 74 |
|
| 75 |
|
| 76 |
|
| 77 |
+
|
| 78 |
+
@router.post("/create_user", status_code=status.HTTP_201_CREATED)
|
| 79 |
async def create_user(create_user_request: CreateUserRequest):
|
| 80 |
+
user_id = str(uuid.uuid4())
|
| 81 |
+
user_data = {
|
| 82 |
+
"id": user_id,
|
| 83 |
+
"first_name": create_user_request.first_name,
|
| 84 |
+
"last_name": create_user_request.last_name,
|
| 85 |
+
"username": create_user_request.username,
|
| 86 |
+
"password_hash": bcrypt_context.hash(create_user_request.password),
|
| 87 |
+
"role": "user"
|
| 88 |
+
}
|
| 89 |
+
hardcoded_users.append(user_data)
|
| 90 |
+
return {"message": "User created successfully"}
|
| 91 |
|
| 92 |
@router.post("/token", response_model=Token)
|
| 93 |
async def login_for_access_token(
|
|
|
|
| 100 |
detail="Could not validate user.",
|
| 101 |
)
|
| 102 |
|
| 103 |
+
token = create_access_token(user["username"], user["id"], user["role"], user["first_name"], user["last_name"], timedelta(minutes=10080))
|
| 104 |
|
| 105 |
return Token(access_token=token, token_type="bearer")
|
| 106 |
|
| 107 |
|
| 108 |
|
| 109 |
+
def create_access_token(username: str, user_id: int, role: str, first_name: str, last_name: str, expires_delta: timedelta):
|
| 110 |
+
encode = {'sub': username, 'id': user_id, 'role': role, 'first_name': first_name, 'last_name': last_name}
|
| 111 |
expires = datetime.utcnow() + expires_delta
|
| 112 |
encode.update({'exp': expires})
|
| 113 |
return jwt.encode(encode, SECRET_KEY, algorithm=ALGORITHM)
|
|
|
|
| 119 |
username: str = payload.get('sub')
|
| 120 |
user_id: int = payload.get('id')
|
| 121 |
role: str = payload.get('role') # Add this line to get the role
|
| 122 |
+
first_name: str = payload.get('first_name')
|
| 123 |
+
last_name: str = payload.get('last_name')
|
| 124 |
if username is None or user_id is None:
|
| 125 |
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail='Could not validate user.')
|
| 126 |
+
return {'username': username, 'id': user_id, 'role': role, 'first_name': first_name, 'last_name': last_name}
|
| 127 |
except JWTError:
|
| 128 |
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Could not validate user.")
|
| 129 |
|