Remove obsolete endpoints (#89)
Gitea Actions Demo / Explore-Gitea-Actions (push) Successful in 4s
Gitea Actions Demo / Explore-Gitea-Actions (push) Successful in 4s
Remove endpoints api/login/token and api/login/profile --------- Co-authored-by: Thomas Peetz <thomas.peetz@cimt-ag.de> Reviewed-on: #89
This commit was merged in pull request #89.
This commit is contained in:
@@ -1,8 +1,7 @@
|
||||
from datetime import timedelta
|
||||
|
||||
from fastapi import APIRouter, Depends, HTTPException, status
|
||||
from fastapi import APIRouter, Depends, HTTPException, Response, status
|
||||
from fastapi.security import OAuth2PasswordRequestForm
|
||||
from pydantic import BaseModel
|
||||
from typing import Annotated
|
||||
from src.core.config import settings
|
||||
from src.core.log_conf import logger
|
||||
@@ -11,16 +10,12 @@ from src.core.security import (
|
||||
authenticate_user_by_username,
|
||||
create_access_token,
|
||||
)
|
||||
from src.schema.admin import Token
|
||||
from src.schema.admin.login import LoginRequest
|
||||
from src.schema.admin.token import Token
|
||||
from src.webapps.auth.forms import LoginForm
|
||||
|
||||
login_router = APIRouter()
|
||||
|
||||
|
||||
class LoginRequest(BaseModel):
|
||||
email: str | None = None
|
||||
password: str | None = None
|
||||
|
||||
|
||||
@login_router.post(
|
||||
"/login",
|
||||
tags=["login"],
|
||||
@@ -47,9 +42,8 @@ def login(request: LoginRequest) -> Token:
|
||||
|
||||
|
||||
@login_router.post("/token", tags=["login"], summary="Login for access token")
|
||||
async def login_for_access_token(
|
||||
form_data: Annotated[OAuth2PasswordRequestForm, Depends()],
|
||||
) -> Token:
|
||||
#async def login_for_access_token(form_data: Annotated[OAuth2PasswordRequestForm, Depends()]) -> Token:
|
||||
async def login_for_access_token(form_data: OAuth2PasswordRequestForm = Depends()) -> Token:
|
||||
user = authenticate_user_by_username(form_data.username, form_data.password)
|
||||
if not user:
|
||||
raise HTTPException(status_code=400, detail="Incorrect username or password")
|
||||
@@ -59,3 +53,19 @@ async def login_for_access_token(
|
||||
expires_delta=access_token_expires,
|
||||
)
|
||||
return Token(access_token=access_token, token_type="bearer")
|
||||
|
||||
def login_for_token_cookie(response: Response, form_data: LoginForm = Depends()):
|
||||
user = authenticate_user_by_email(str(form_data.username), str(form_data.password))
|
||||
if not user:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_401_UNAUTHORIZED,
|
||||
detail="Incorrect username or password",
|
||||
)
|
||||
access_token_expires = timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
|
||||
access_token = create_access_token(
|
||||
data={"sub": user.email}, expires_delta=access_token_expires
|
||||
)
|
||||
response.set_cookie(
|
||||
key="access_token", value=f"Bearer {access_token}", httponly=True
|
||||
)
|
||||
return {"access_token": access_token, "token_type": "bearer"}
|
||||
|
||||
Reference in New Issue
Block a user