-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathserver.py
81 lines (68 loc) · 2.33 KB
/
server.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
from pathlib import Path
import yaml
from fastapi import FastAPI
from jwt import (
ExpiredSignatureError,
ImmatureSignatureError,
InvalidAlgorithmError,
InvalidAudienceError,
InvalidKeyError,
InvalidSignatureError,
InvalidTokenError,
MissingRequiredClaimError,
)
from starlette import status
from starlette.middleware.base import BaseHTTPMiddleware, RequestResponseEndpoint
from starlette.middleware.cors import CORSMiddleware
from starlette.requests import Request
from starlette.responses import Response, JSONResponse
from auth import decode_and_validate_token
server = FastAPI(debug=True)
oas_doc = yaml.safe_load((Path(__file__).parent / "oas.yaml").read_text())
server.openapi = lambda: oas_doc
class AuthorizeRequestMiddleware(BaseHTTPMiddleware):
async def dispatch(
self, request: Request, call_next: RequestResponseEndpoint
) -> Response:
if request.url.path in ["/docs", "/openapi.json"]:
return await call_next(request)
if request.method == "OPTIONS":
return await call_next(request)
bearer_token = request.headers.get("Authorization")
if not bearer_token:
return JSONResponse(
status_code=status.HTTP_401_UNAUTHORIZED,
content={
"detail": "Missing access token",
"body": "Missing access token",
},
)
try:
auth_token = bearer_token.split(" ")[1].strip()
token_payload = decode_and_validate_token(auth_token)
except (
ExpiredSignatureError,
ImmatureSignatureError,
InvalidAlgorithmError,
InvalidAudienceError,
InvalidKeyError,
InvalidSignatureError,
InvalidTokenError,
MissingRequiredClaimError,
) as error:
return JSONResponse(
status_code=status.HTTP_401_UNAUTHORIZED,
content={"detail": str(error), "body": str(error)},
)
else:
request.state.user_id = token_payload["sub"]
return await call_next(request)
server.add_middleware(AuthorizeRequestMiddleware)
server.add_middleware(
CORSMiddleware,
allow_origins=["*"],
allow_credentials=True,
allow_methods=["*"],
allow_headers=["*"],
)
import api