PhotosAPI/extensions/security.py

28 lines
921 B
Python
Raw Normal View History

2023-01-09 16:01:30 +02:00
from datetime import timedelta
2022-12-20 12:36:54 +02:00
from modules.app import app
2023-01-09 16:01:30 +02:00
from modules.utils import configGet
2022-12-20 12:36:54 +02:00
2023-01-07 22:48:43 +02:00
from fastapi import Depends, HTTPException
2022-12-20 12:36:54 +02:00
from fastapi.security import (
OAuth2PasswordRequestForm,
)
from modules.security import (
ACCESS_TOKEN_EXPIRE_DAYS,
Token,
authenticate_user,
2023-01-09 16:01:30 +02:00
create_access_token
2022-12-20 12:36:54 +02:00
)
@app.post("/token", response_model=Token)
async def login_for_access_token(form_data: OAuth2PasswordRequestForm = Depends()):
user = authenticate_user(form_data.username, form_data.password)
if not user:
2023-01-07 22:48:43 +02:00
raise HTTPException(status_code=400, detail=configGet("credentials_invalid", "messages"))
2022-12-20 12:36:54 +02:00
access_token_expires = timedelta(days=ACCESS_TOKEN_EXPIRE_DAYS)
access_token = create_access_token(
data={"sub": user.user, "scopes": form_data.scopes},
expires_delta=access_token_expires,
)
2023-01-09 16:01:30 +02:00
return {"access_token": access_token, "token_type": "bearer"}