Started creating auth system

extensions/security.py

@@ -0,0 +1,56 @@
+from datetime import timedelta
+from modules.database import col_users
+from modules.app import app
+
+from fastapi import Depends, HTTPException, Security, Response
+from starlette.status import HTTP_204_NO_CONTENT
+from fastapi.security import (
+    OAuth2PasswordRequestForm,
+)
+
+from modules.security import (
+    ACCESS_TOKEN_EXPIRE_DAYS,
+    Token,
+    User,
+    authenticate_user,
+    create_access_token,
+    get_current_active_user,
+    get_current_user,
+    get_password_hash
+)
+
+
+@app.post("/token", response_model=Token)
+async def login_for_access_token(form_data: OAuth2PasswordRequestForm = Depends()):
+    user = authenticate_user(form_data.username, form_data.password)
+    if not user:
+        raise HTTPException(status_code=400, detail="Incorrect user or password")
+    access_token_expires = timedelta(days=ACCESS_TOKEN_EXPIRE_DAYS)
+    access_token = create_access_token(
+        data={"sub": user.user, "scopes": form_data.scopes},
+        expires_delta=access_token_expires,
+    )
+    return {"access_token": access_token, "token_type": "bearer"}
+
+
+@app.get("/users/me/", response_model=User)
+async def read_users_me(current_user: User = Depends(get_current_active_user)):
+    return current_user
+
+
+@app.post("/users", response_class=Response)
+async def create_users(user: str, email: str, password: str):
+    col_users.insert_one( {"user": user, "email": email, "hash": get_password_hash(password), "disabled": True} )
+    return Response(status_code=HTTP_204_NO_CONTENT)
+
+
+@app.get("/users/me/items/")
+async def read_own_items(
+    current_user: User = Security(get_current_active_user, scopes=["items"])
+):
+    return [{"item_id": "Foo", "owner": current_user.user}]
+
+
+@app.get("/status/")
+async def read_system_status(current_user: User = Depends(get_current_user)):
+    return {"status": "ok"}