Изменил способ авторизации

2024-06-03 13:52:07 +05:00 · 2024-06-03 13:52:07 +05:00 · 283dfc8c68
commit 283dfc8c68
parent 115a9450de
2 changed files with 9 additions and 10 deletions
--- a/app/users/dependencies.py
+++ b/app/users/dependencies.py
@ -1,4 +1,5 @@
-from fastapi import Depends, Request, Response, WebSocket
+from fastapi import Depends, WebSocket
+from fastapi.security import HTTPBearer
 from jose import JWTError, jwt, ExpiredSignatureError

 from app.config import settings
@ -11,18 +12,19 @@ from app.exceptions import (
 )
 from app.services.user_service import UserService
 from app.unit_of_work import UnitOfWork
-from app.users.auth import create_access_token, VERIFICATED_USER
+from app.users.auth import VERIFICATED_USER
 from app.users.schemas import SUser

+auth_schema = HTTPBearer()

-def get_token(request: Request) -> str:
-	token = request.cookies.get("black_phoenix_access_token")
+
+def get_token(token=Depends(auth_schema)) -> str:
 	if not token:
 		raise TokenAbsentException
-	return token
+	return token.credentials


-async def get_current_user(response: Response, token: str = Depends(get_token), uow=Depends(UnitOfWork)) -> SUser:
+async def get_current_user(token: str = Depends(get_token), uow=Depends(UnitOfWork)) -> SUser:
 	try:
 		payload = jwt.decode(token, settings.SECRET_KEY, settings.ALGORITHM)
 	except ExpiredSignatureError:
@ -38,8 +40,6 @@ async def get_current_user(response: Response, token: str = Depends(get_token),
 	if not user:
 		raise UserIsNotPresentException

-	access_token = create_access_token({"sub": str(user.id)})
-	response.set_cookie(key="black_phoenix_access_token", value=access_token, httponly=True, secure=True, samesite="none")
 	return user


--- a/app/users/router.py
+++ b/app/users/router.py
@ -131,8 +131,7 @@ async def email_verification(user_code: str, uow=Depends(UnitOfWork)):
 async def login_user(response: Response, user_data: SUserLogin, uow=Depends(UnitOfWork)):
 	user = await AuthService.authenticate_user(uow, user_data.email_or_username, user_data.password)
 	access_token = create_access_token({"sub": str(user.id)})
-	response.set_cookie("black_phoenix_access_token", access_token, httponly=True, secure=True, samesite="none")
-	return {"access_token": access_token}
+	response.headers["Authorization"] = f"Bearer {access_token}"


@router.post(