Home Esplora Aiuto
Registrati Accedi
siweilian
/
douyin
2
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Ramo (Branch): master
Rami (Branch) Tag
douyin
/
api
/
swl_jwt.py

swl_jwt.py 2.5 KB
Permalink Cronologia Originale

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 
  1. import datetime
    2. 

  2. from fastapi import Depends, HTTPException, status, Header, Security  
    3. 

  3. from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials  
    4. 

  4. import jwt  
    5. 

  5. from config import SECRET_KEY
    6. 

  6. 

  7. security = HTTPBearer()
    8. 

  8. async def get_current_user(credentials: HTTPAuthorizationCredentials = Depends(security)):  
    9. 

  9.     if credentials:  
    10. 

  10.         try:  
    11. 

  11.             payload = await verify_jwt_token()  
    12. 

  12.             return payload  # 或者返回一个包含用户信息的自定义对象  
    13. 

  13.         except Exception as e:  
    14. 

  14.             raise HTTPException(  
    15. 

  15.                 status_code=status.HTTP_403_FORBIDDEN,  
    16. 

  16.                 detail="Invalid token",  
    17. 

  17.                 headers={"WWW-Authenticate": "Bearer"},  
    18. 

  18.             )  
    19. 

  19.     else:  
    20. 

  20.         raise HTTPException(  
    21. 

  21.             status_code=status.HTTP_401_UNAUTHORIZED,  
    22. 

  22.             detail="Unauthorized",  
    23. 

  23.             headers={"WWW-Authenticate": "Bearer"},  
    24. 

  24.         )  
    25. 

  25.         
    26. 

  26. async def get_token_from_header(authorization: str = Header(None)):  
    27. 

  27.     if not authorization:  
    28. 

  28.         raise HTTPException(  
    29. 

  29.             status_code=status.HTTP_403_FORBIDDEN,  
    30. 

  30.             detail="Not authenticated",  
    31. 

  31.         )  
    32. 

  32.     # 去掉 "Bearer " 前缀  
    33. 

  33.     if not authorization.startswith("Bearer "):  
    34. 

  34.         raise HTTPException(  
    35. 

  35.             status_code=status.HTTP_403_FORBIDDEN,  
    36. 

  36.             detail="Invalid authentication scheme",  
    37. 

  37.         )  
    38. 

  38.     return authorization.replace("Bearer ", "")  
    39. 

  39. 

  40. 

  41. async def verify_jwt_token(token: str = Security(get_token_from_header)):  
    42. 

  42.     try:  
    43. 

  43.         payload = jwt.decode(token, SECRET_KEY, algorithms=["HS256"])  
    44. 

  44.         return payload.get("sub")
    45. 

  45.     except jwt.ExpiredSignatureError:  
    46. 

  46.         raise HTTPException(  
    47. 

  47.             status_code=status.HTTP_403_FORBIDDEN,  
    48. 

  48.             detail="Token is expired",  
    49. 

  49.         )  
    50. 

  50.     except jwt.InvalidTokenError:  
    51. 

  51.         raise HTTPException(  
    52. 

  52.             status_code=status.HTTP_403_FORBIDDEN,  
    53. 

  53.             detail="Invalid token",  
    54. 

  54.         )  
    55. 

  55.         
    56. 

  56. from db.user_oauth import UserOAuthRepository,UserOAuthToken
    57. 

  57. from db.user import User,UserRepo
    58. 

  58. def verify_user(open_id: str = Depends(verify_jwt_token)):  
    59. 

  59.     res = UserRepo().select(User.open_id == open_id)
    60. 

  60.     user:User = res.first()
    61. 

  61.     if not user:
    62. 

  62.         return
    63. 

  63.     oauth:UserOAuthToken = user.oauth
    64. 

  64.     if (oauth.expires_at - datetime.datetime.now()).total_seconds() <= 0:
    65. 

  65.         raise HTTPException(  
    66. 

  66.             status_code=status.HTTP_403_FORBIDDEN,  
    67. 

  67.             detail="open-douyin Token is expired",  
    68. 

  68.         )  
    69. 

  69.     return user
    70.