Verify user is Logged In
Best way to set this up is to initially create a schema for the Token in
schema.py
class Token(BaseModel):
access_token: str
token_type: str
class TokenData(BaseModel):
id: Optional[str]
We will then modify the file
oauth2.py
from fastapi import Depends, status, HTTPException
from jose import JWTError, jwt
from datetime import date, datetime, timedelta
from . import schemas
from fastapi.security import OAuth2PasswordBearer
def verify_access_token(token: str, credentials_exception):
try:
payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
id: str = payload.get("user_id")
if str(id) is None:
raise credentials_exception
token_data = schemas.TokenData(id=id)
except JWTError:
raise credentials_exception
return token_data
def get_current_user(token: str = Depends(oath2_scheme)):
credentials_exception = HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail=f"Could not validate cedentials", headers={"WWW-Authenticate": "Bearer"})
return verify_access_token(token, credentials_exception)
The
verify_access_token
function decodes the token by using the secret key and encryption algorithm and returns the data that was sent initiallyIf there is no user id, this will return a exception
Within the
get_current_user
function, we are defining the HTTP exception (our case 401)Then calling the
verify_access_token
function and providing the tokenThe invoked function returns the
token_data
Last updated