FastAuth/main.py

216 lines
6.5 KiB
Python
Raw Normal View History

2024-06-10 15:10:22 +00:00
import json
2024-06-17 12:45:11 +00:00
from fastapi import Depends, FastAPI, HTTPException, Response, status
2024-06-10 15:10:22 +00:00
from fastapi.encoders import jsonable_encoder
from fastapi.middleware.cors import CORSMiddleware
2024-06-17 12:45:11 +00:00
from fastapi.security import OAuth2PasswordRequestForm
from auth import (Hasher, create_access_token, get_current_user,
get_current_user2)
from crypto import (deserialize_into_bytes, fernet_decrypt, fernet_encrypt,
generate_random_encryption_key, generate_user_passkey,
serialize_bytes)
2024-06-10 15:10:22 +00:00
from models import Secret, User, UserLogin
app = FastAPI()
origins = [
'http://localhost',
'http://localhost:5173',
2024-06-17 12:45:11 +00:00
# "*"
2024-06-10 15:10:22 +00:00
]
app.add_middleware(
CORSMiddleware,
allow_origins=origins,
allow_credentials=True,
allow_methods=['*'],
allow_headers=['*']
)
@app.get("/")
async def root():
return {"'message'": "Hello World"}
@app.post('/register')
async def register(user: User):
"""Registers a user"""
users = []
with open('database/users.json', 'r') as f:
text = f.read()
if text:
users = json.loads(text)
if user.id is not None:
raise HTTPException(
status_code=400,
detail="User id shall be auto generated, cannot be provided in request"
)
if not users:
user.id = 0
else:
max_user_id = max([i['id'] for i in users])
user.id = max_user_id + 1
user_exists = [i for i in users if i['username'] == user.username]
if user_exists:
raise HTTPException(status_code=400, detail="Username already in use")
encryption_key = generate_random_encryption_key()
salt, master_key = generate_user_passkey(user.password)
encrypted_encryption_key = fernet_encrypt(encryption_key, master_key)
user.password = Hasher.get_password_hash(user.password)
user.encryption_key = encrypted_encryption_key.decode('utf-8')
user.salt = serialize_bytes(salt)
users.append(jsonable_encoder(user))
# print(f"{salt=}\n{user.salt=}\n{encrypted_encryption_key=}\n{user.encryption_key=}\n{master_key=}")
with open('database/users.json', 'w') as f:
json.dump(users, f)
return {'user_id': user.id}
@app.post('/login')
2024-06-17 12:45:11 +00:00
async def login(response: Response, form_data: OAuth2PasswordRequestForm = Depends()):
2024-06-10 15:10:22 +00:00
"""logs in the user"""
users = []
with open('database/users.json', 'r') as f:
text = f.read()
if text:
users.extend(json.loads(text))
2024-06-17 12:45:11 +00:00
username = form_data.username
password = form_data.password
cur_user = [i for i in users if i['username']==username]
2024-06-10 15:10:22 +00:00
if not cur_user:
2024-06-11 18:15:29 +00:00
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="username or password is incorrect"
)
2024-06-10 15:10:22 +00:00
else:
cur_user = cur_user[0]
2024-06-17 12:45:11 +00:00
password_match = Hasher.verify_password(password, cur_user['password'])
2024-06-10 15:10:22 +00:00
if not password_match:
2024-06-11 18:15:29 +00:00
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="username or password is incorrect"
)
2024-06-10 15:10:22 +00:00
encrypted_encryption_key = cur_user['encryption_key'].encode()
salt = deserialize_into_bytes(cur_user['salt'])
2024-06-17 12:45:11 +00:00
_, master_key = generate_user_passkey(password, salt)
2024-06-10 15:10:22 +00:00
encryption_key = fernet_decrypt(encrypted_encryption_key, master_key)
access_token = create_access_token(subject=cur_user['id'], encryption_key=encryption_key)
2024-06-17 12:45:11 +00:00
# response = {
# 'message': 'authenticated',
# 'accessToken': access_token
# }
response.set_cookie('token', value=access_token, max_age=1800, httponly=True, path='/')
return {'message': 'Authenticated'}
2024-06-10 15:10:22 +00:00
@app.post("/secret")
async def create_secret(secret: Secret, current_user: dict = Depends(get_current_user)):
"""
2024-06-15 18:11:33 +00:00
Stores an encrypted secret for the user.
2024-06-10 15:10:22 +00:00
"""
data = []
with open('database/secrets.json', 'r') as f:
text = f.read()
if text:
data.extend(json.loads(text))
if data:
secret_id = max(i['id'] for i in data) + 1
else:
secret_id = 0
2024-06-13 17:54:14 +00:00
secret.id = secret_id
2024-06-10 15:10:22 +00:00
secret.user_id = current_user['id']
encryption_key = current_user['encryption_key'].encode()
encrypted_data = fernet_encrypt(secret.data.encode(), encryption_key)
secret.data = encrypted_data.decode('utf-8')
data.append(jsonable_encoder(secret))
with open('database/secrets.json', 'w') as f:
json.dump(data, f)
return secret
2024-06-15 18:11:33 +00:00
@app.put("/secret")
async def update_secret(secret: Secret, current_user: dict = Depends(get_current_user)):
"""
Updates an encrypted secret for the user.
"""
data = []
with open('database/secrets.json', 'r') as f:
text = f.read()
if text:
data.extend(json.loads(text))
if secret.id is None:
raise HTTPException(status.HTTP_400_BAD_REQUEST, detail="Id must be passed for updating secret")
secret.user_id = current_user['id']
found_secrets = [(i, j) for i, j in enumerate(data) if j['user_id'] == secret.user_id and j['id']==secret.id]
if not found_secrets:
raise HTTPException(status.HTTP_400_BAD_REQUEST, deatil="Secret with this Id not found for this user")
secret_pos = found_secrets[0][0]
encryption_key = current_user['encryption_key'].encode()
encrypted_data = fernet_encrypt(secret.data.encode(), encryption_key)
secret.data = encrypted_data.decode('utf-8')
data[secret_pos] = jsonable_encoder(secret)
with open('database/secrets.json', 'w') as f:
json.dump(data, f)
return secret
2024-06-10 15:10:22 +00:00
@app.get('/secret')
2024-06-17 12:45:11 +00:00
async def list_secret(current_user: dict = Depends(get_current_user2)):
2024-06-10 15:10:22 +00:00
"""Returns the encrypted secrets of the user."""
2024-06-17 12:45:11 +00:00
print('cuuuuuurrrrr', current_user)
2024-06-10 15:10:22 +00:00
data = []
with open('database/secrets.json', 'r') as f:
text = f.read()
if text:
data.extend(json.loads(text))
user_id = current_user['id']
encryption_key = current_user['encryption_key'].encode()
2024-06-15 18:11:33 +00:00
user_secrets = [i for i in data if i['user_id']==user_id and i['active']]
2024-06-10 15:10:22 +00:00
for secret in user_secrets:
cur_data = secret['data']
decrypted_data = fernet_decrypt(cur_data, encryption_key)
secret['data'] = decrypted_data
return user_secrets
@app.get('/validate-token')
2024-06-17 12:45:11 +00:00
async def validate_token(current_user: dict = Depends(get_current_user2)):
user_id = current_user['id']
print("user_id: ", user_id)
if user_id is not None:
return {'message': 'authenticated'}
2024-06-17 12:45:11 +00:00
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED)
# return {'message': "hello"}