Init files

auth/auth.py

@@ -0,0 +1,13 @@
+from sqlalchemy.engine.base import RootTransaction
+from auth.routers.authentication import login
+from fastapi import APIRouter
+from auth.routers import login, authentication, roles
+from auth.login.models import login as models
+from databases.pgsql.database import engine
+router = APIRouter()
+
+models.Base.metadata.create_all(engine)
+
+router.include_router(login.router)
+router.include_router(authentication.router)
+router.include_router(roles.router)

auth/hashing.py

@@ -0,0 +1,10 @@
+from passlib.context import CryptContext
+
+pwd_cxt = CryptContext(schemes=["bcrypt"], deprecated="auto")
+
+class Hash():
+    def bcrypt(password: str):
+        return pwd_cxt.hash(password)
+
+    def verify(plain_password, hashed_password):
+        return pwd_cxt.verify(plain_password,hashed_password)

auth/login/models/login.py

@@ -0,0 +1,27 @@
+from sqlalchemy import Boolean, Column, ForeignKey, Integer, String
+from sqlalchemy.orm import relationship
+
+from databases.pgsql.database import Base
+
+class User(Base):
+    __tablename__ = "users"
+
+    id = Column(Integer, primary_key= True, index= True)
+    email = Column(String, unique= True, index=True)
+    phone = Column(String, unique= True, index=True)
+    login = Column(String, unique= True, index=True)
+    name = Column(String)
+    surname = Column(String)
+    hashed_password = Column(String) 
+    role_id = Column(Integer, ForeignKey("roles.id"))
+    is_active = Column(Boolean, default=True)
+
+class Role(Base):
+    __tablename__ = "roles"
+
+    id = Column(Integer, primary_key=True, index= True)
+    name = Column(String, index= True)
+    description = Column(String , index= True)
+    
+
+

auth/login/repository/login.py

@@ -0,0 +1,68 @@
+from sqlalchemy.orm import Session
+from fastapi import HTTPException, status
+from ..schemas import login as schemas
+from ..models import login as models
+from auth.hashing import Hash
+
+def get_user(db: Session, user_id: int):
+    return db.query(models.User).filter(models.User.id == user_id).first()
+
+def get_user_by_email(db: Session, email: str):
+    return db.query(models.User).filter(models.User.email == email).first()
+
+def get_user_by_login(db: Session, login:str):
+    return db.query(models.User).filter(models.User.login == login).first()
+
+def get_user_by_phone(db: Session, phone: str):
+    return db.query(models.User).filter(models.User.phone == phone).first()
+
+def delete_user(db: Session, id: int):
+    user = db.query(models.User).filter(models.User.id == id)
+    if not user.first():
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND,
+                            detail=f"User with id {id} not found")
+    user.delete(synchronize_session=False)
+    db.commit()
+    return 'done'
+
+
+def get_users(db: Session, skip: int = 0, limit: int =100):
+    return db.query(models.User).offset(skip).limit(limit).all()
+
+def create_user(db: Session, user: schemas.UserCreate):
+    now_hashed_password = Hash.bcrypt(user.password)
+    db_user = models.User(
+        email=user.email, 
+        login = user.login, 
+        phone = user.phone, 
+        hashed_password = now_hashed_password, 
+        role_id = user.role_id
+    ) 
+    db.add(db_user)
+    db.commit()
+    db.refresh(db_user)
+    return db_user
+
+def get_roles(db: Session, skip: int =0, limit: int =100):
+    return db.query(models.Role).offset(skip).limit(limit).all()
+
+
+def get_role(db: Session, id:int):
+    return db.query(models.Role).filter(models.Role.id == id).first()
+
+def delete_role(db: Session, id: int):
+    role = db.query(models.Role).filter(models.Role.id == id)
+    if not role.first():
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND,
+                            detail=f"Role with id {id} not found")
+    role.delete(synchronize_session=False)
+    db.commit()
+    return 'done'
+
+
+def create_roles(db: Session, role: schemas.RoleCreate):
+    db_role = models.Role(name = role.name, description= role.description)
+    db.add(db_role)
+    db.commit()
+    db.refresh(db_role)
+    return db_role

auth/login/schemas/login.py

@@ -0,0 +1,41 @@
+from typing import List, Optional
+
+from pydantic import BaseModel
+
+class RoleBase(BaseModel):
+    name: str
+    description: Optional[str] = None
+
+class RoleCreate(RoleBase):
+    pass
+
+class Role(RoleBase):
+    id: int
+    class Config:
+        orm_mode = True
+
+
+class UserBase(BaseModel):
+    email: str
+    login: str
+    role_id: int
+    phone: Optional[str] = None
+    name: Optional[str] = None
+    surname: Optional[str] = None
+
+class UserCreate(UserBase):
+    password: str
+
+class User(UserBase):
+    id: int
+    is_active: bool
+    class Config:
+        orm_mode = True
+
+class Token(BaseModel):
+    access_token: str
+    token_type: str
+
+
+class TokenData(BaseModel):
+    email: Optional[str] = None

auth/oauth2.py

@@ -0,0 +1,15 @@
+from fastapi import Depends, HTTPException, status
+from fastapi.security import OAuth2PasswordBearer
+from auth import token
+
+oauth2_scheme = OAuth2PasswordBearer(tokenUrl="auth/login")
+
+
+def get_current_user(data: str = Depends(oauth2_scheme)):
+    credentials_exception = HTTPException(
+        status_code=status.HTTP_401_UNAUTHORIZED,
+        detail="Could not validate credentials",
+        headers={"WWW-Authenticate": "Bearer"},
+    )
+
+    return token.verify_token(data, credentials_exception)

auth/routers/authentication.py

@@ -0,0 +1,24 @@
+from fastapi import APIRouter, Depends, status, HTTPException
+from fastapi.security import OAuth2PasswordRequestForm
+from auth import token
+from auth.login.models import login as models
+from databases.pgsql import database
+from auth.hashing import Hash
+from sqlalchemy.orm import Session
+
+router = APIRouter(tags=['Authentication'])
+
+
+@router.post('/login')
+def login(request: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(database.get_db)):
+    user = db.query(models.User).filter(
+        models.User.email == request.username).first()
+    if not user:
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND,
+                            detail=f"Invalid Credentials")
+    if not Hash.verify(request.password,user.hashed_password):
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND,
+                            detail=f"Incorrect password")
+
+    access_token = token.create_access_token(data={"sub": user.email})
+    return {"access_token": access_token, "token_type": "bearer"}

auth/routers/login.py

@@ -0,0 +1,34 @@
+from auth.login import models
+from auth.auth import login
+from fastapi import APIRouter
+from auth.login.schemas import login as schemas
+from auth.login.models import login  as models
+from sqlalchemy.orm import Session
+from fastapi import APIRouter, Depends, status
+from auth.login.repository import login as user
+from databases.pgsql import database
+
+router = APIRouter(
+    prefix="/user",
+    tags=['Users']
+)
+
+get_db = database.get_db
+
+
+@router.post('/', response_model=schemas.UserCreate)
+def create_user(request: schemas.UserCreate, db: Session = Depends(get_db)):
+    print(request)
+    return user.create_user(db, request)
+
+@router.delete('/{id}')
+def delete_user(id:int, db: Session = Depends(get_db)):
+    return user.delete_user(db, id)
+
+@router.get('/{id}', response_model=schemas.User)
+def get_user(id: int, db: Session = Depends(get_db)):
+    return user.get_user(db, id)
+
+@router.get('/')
+def get_users(db: Session = Depends(get_db)):
+    return user.get_users(db)

auth/routers/roles.py

@@ -0,0 +1,34 @@
+import re
+from auth.login import models
+from auth.auth import login
+from fastapi import APIRouter
+from auth.login.schemas import login as schemas
+from auth.login.models import login  as models
+from sqlalchemy.orm import Session
+from fastapi import APIRouter, Depends, status
+from auth.login.repository import login as user
+from databases.pgsql import database
+
+router = APIRouter(
+    prefix="/roles",
+    tags=['Roles']
+)
+
+get_db = database.get_db
+
+
+@router.post('/', response_model=schemas.RoleCreate)
+def create_role(request: schemas.RoleCreate, db: Session = Depends(get_db)):
+    return user.create_roles(db, request)
+
+@router.get('/{id}',response_model=schemas.Role)
+def show_role(id :int, db: Session = Depends(get_db)):
+    return user.get_role(db, id)
+
+@router.get('/')
+def show_roles(db: Session = Depends(get_db)):
+    return user.get_roles(db)
+
+@router.delete('/{id}')
+def delete_role(id: int, db: Session = Depends(get_db)):
+    return user.delete_role(db, id)

auth/token.py

@@ -0,0 +1,26 @@
+from jose import JWTError, jwt
+from datetime import datetime, timedelta
+from auth.login.schemas import login as schemas
+
+SECRET_KEY = "09d25e094faa6ca2556c818166b7a9563b93f7099f6f0f4caa6cf63b88e8d3e7"
+ALGORITHM = "HS256"
+ACCESS_TOKEN_EXPIRE_MINUTES = 30
+
+
+def create_access_token(data: dict):
+    to_encode = data.copy()
+    expire = datetime.utcnow() + timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
+    to_encode.update({"exp": expire})
+    encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
+    return encoded_jwt
+
+
+def verify_token(token: str, credentials_exception):
+    try:
+        payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
+        email: str = payload.get("sub")
+        if email is None:
+            raise credentials_exception
+        token_data = schemas.TokenData(email=email)
+    except JWTError:
+        raise credentials_exception