Spaces:
Sleeping
Sleeping
Update auth.py
Browse files
auth.py
CHANGED
|
@@ -6,11 +6,9 @@ from urllib.parse import quote_plus
|
|
| 6 |
from typing import List, Optional, Any
|
| 7 |
|
| 8 |
from dotenv import load_dotenv
|
| 9 |
-
from fastapi import APIRouter, HTTPException, Depends, Request,
|
| 10 |
from fastapi.responses import JSONResponse
|
| 11 |
from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
|
| 12 |
-
from slowapi import Limiter, _rate_limit_exceeded_handler
|
| 13 |
-
from slowapi.util import get_remote_address
|
| 14 |
from jose import JWTError, jwt
|
| 15 |
from passlib.context import CryptContext
|
| 16 |
from pydantic import BaseModel, EmailStr, Field, validator
|
|
@@ -30,9 +28,6 @@ client = MongoClient(MONGO_URL)
|
|
| 30 |
db = client.users_database
|
| 31 |
users_collection = db.users
|
| 32 |
|
| 33 |
-
# Rate limiter (applied to auth endpoints)
|
| 34 |
-
limiter = Limiter(key_func=get_remote_address, default_limits=["200 per day", "50 per hour"])
|
| 35 |
-
|
| 36 |
# OAuth2 setup
|
| 37 |
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
|
| 38 |
|
|
@@ -168,7 +163,6 @@ def save_avatar_file(file: UploadFile) -> str:
|
|
| 168 |
# ----- Auth Endpoints -----
|
| 169 |
|
| 170 |
@router.post("/signup", response_model=Token)
|
| 171 |
-
@limiter.limit("5/minute")
|
| 172 |
async def signup(
|
| 173 |
request: Request,
|
| 174 |
name: str = Form(...),
|
|
@@ -176,7 +170,6 @@ async def signup(
|
|
| 176 |
password: str = Form(...),
|
| 177 |
avatar: Optional[UploadFile] = File(None)
|
| 178 |
):
|
| 179 |
-
# Validate input using the User model
|
| 180 |
try:
|
| 181 |
_ = User(name=name, email=email, password=password)
|
| 182 |
except Exception as e:
|
|
@@ -190,7 +183,7 @@ async def signup(
|
|
| 190 |
"name": name,
|
| 191 |
"email": email,
|
| 192 |
"hashed_password": hashed_password,
|
| 193 |
-
"chat_histories": []
|
| 194 |
}
|
| 195 |
if avatar:
|
| 196 |
avatar_path = save_avatar_file(avatar)
|
|
@@ -204,7 +197,6 @@ async def signup(
|
|
| 204 |
}
|
| 205 |
|
| 206 |
@router.post("/login", response_model=LoginResponse)
|
| 207 |
-
@limiter.limit("10/minute")
|
| 208 |
async def login(request: Request, form_data: OAuth2PasswordRequestForm = Depends()):
|
| 209 |
user = authenticate_user(form_data.username, form_data.password)
|
| 210 |
if not user:
|
|
@@ -220,7 +212,6 @@ async def login(request: Request, form_data: OAuth2PasswordRequestForm = Depends
|
|
| 220 |
}
|
| 221 |
|
| 222 |
@router.get("/user/data")
|
| 223 |
-
@limiter.limit("20/minute")
|
| 224 |
async def get_user_data(request: Request, current_user: dict = Depends(get_current_user)):
|
| 225 |
return {
|
| 226 |
"name": current_user["name"],
|
|
@@ -230,7 +221,6 @@ async def get_user_data(request: Request, current_user: dict = Depends(get_curre
|
|
| 230 |
}
|
| 231 |
|
| 232 |
@router.put("/user/update")
|
| 233 |
-
@limiter.limit("10/minute")
|
| 234 |
async def update_user(
|
| 235 |
request: Request,
|
| 236 |
name: Optional[str] = Form(None),
|
|
@@ -262,8 +252,6 @@ async def update_user(
|
|
| 262 |
return {"message": "User updated successfully"}
|
| 263 |
|
| 264 |
@router.post("/logout")
|
| 265 |
-
@limiter.limit("20/minute")
|
| 266 |
async def logout(request: Request, current_user: dict = Depends(get_current_user)):
|
| 267 |
logger.info(f"User logged out: {current_user['email']}")
|
| 268 |
return {"message": "User logged out successfully"}
|
| 269 |
-
|
|
|
|
| 6 |
from typing import List, Optional, Any
|
| 7 |
|
| 8 |
from dotenv import load_dotenv
|
| 9 |
+
from fastapi import APIRouter, HTTPException, Depends, Request, UploadFile, File, Form
|
| 10 |
from fastapi.responses import JSONResponse
|
| 11 |
from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
|
|
|
|
|
|
|
| 12 |
from jose import JWTError, jwt
|
| 13 |
from passlib.context import CryptContext
|
| 14 |
from pydantic import BaseModel, EmailStr, Field, validator
|
|
|
|
| 28 |
db = client.users_database
|
| 29 |
users_collection = db.users
|
| 30 |
|
|
|
|
|
|
|
|
|
|
| 31 |
# OAuth2 setup
|
| 32 |
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
|
| 33 |
|
|
|
|
| 163 |
# ----- Auth Endpoints -----
|
| 164 |
|
| 165 |
@router.post("/signup", response_model=Token)
|
|
|
|
| 166 |
async def signup(
|
| 167 |
request: Request,
|
| 168 |
name: str = Form(...),
|
|
|
|
| 170 |
password: str = Form(...),
|
| 171 |
avatar: Optional[UploadFile] = File(None)
|
| 172 |
):
|
|
|
|
| 173 |
try:
|
| 174 |
_ = User(name=name, email=email, password=password)
|
| 175 |
except Exception as e:
|
|
|
|
| 183 |
"name": name,
|
| 184 |
"email": email,
|
| 185 |
"hashed_password": hashed_password,
|
| 186 |
+
"chat_histories": []
|
| 187 |
}
|
| 188 |
if avatar:
|
| 189 |
avatar_path = save_avatar_file(avatar)
|
|
|
|
| 197 |
}
|
| 198 |
|
| 199 |
@router.post("/login", response_model=LoginResponse)
|
|
|
|
| 200 |
async def login(request: Request, form_data: OAuth2PasswordRequestForm = Depends()):
|
| 201 |
user = authenticate_user(form_data.username, form_data.password)
|
| 202 |
if not user:
|
|
|
|
| 212 |
}
|
| 213 |
|
| 214 |
@router.get("/user/data")
|
|
|
|
| 215 |
async def get_user_data(request: Request, current_user: dict = Depends(get_current_user)):
|
| 216 |
return {
|
| 217 |
"name": current_user["name"],
|
|
|
|
| 221 |
}
|
| 222 |
|
| 223 |
@router.put("/user/update")
|
|
|
|
| 224 |
async def update_user(
|
| 225 |
request: Request,
|
| 226 |
name: Optional[str] = Form(None),
|
|
|
|
| 252 |
return {"message": "User updated successfully"}
|
| 253 |
|
| 254 |
@router.post("/logout")
|
|
|
|
| 255 |
async def logout(request: Request, current_user: dict = Depends(get_current_user)):
|
| 256 |
logger.info(f"User logged out: {current_user['email']}")
|
| 257 |
return {"message": "User logged out successfully"}
|
|
|