Verify user is Logged In

  • Best way to set this up is to initially create a schema for the Token in schema.py

class Token(BaseModel):
    access_token: str
    token_type: str

class TokenData(BaseModel):
    id: Optional[str]
  • We will then modify the file oauth2.py

from fastapi import Depends, status, HTTPException
from jose import JWTError, jwt
from datetime import date, datetime, timedelta
from . import schemas
from fastapi.security import OAuth2PasswordBearer

def verify_access_token(token: str, credentials_exception):

    try:
        payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
        id: str = payload.get("user_id")

        if str(id) is None:
            raise credentials_exception
        
        token_data = schemas.TokenData(id=id)

    except JWTError:
        raise credentials_exception

    return token_data

def get_current_user(token: str = Depends(oath2_scheme)):
    credentials_exception = HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail=f"Could not validate cedentials", headers={"WWW-Authenticate": "Bearer"})

    return verify_access_token(token, credentials_exception)
  • The verify_access_token function decodes the token by using the secret key and encryption algorithm and returns the data that was sent initially

  • If there is no user id, this will return a exception

  • Within the get_current_user function, we are defining the HTTP exception (our case 401)

  • Then calling the verify_access_token function and providing the token

  • The invoked function returns the token_data

Last updated