feat: implement refresh token functionality; update authentication and token models; add tests for refresh endpoint
Test / test (push) Successful in 13s
Test / test (push) Successful in 13s
This commit is contained in:
k1nq
@@ -118,6 +118,9 @@ async def get_current_user(
|
||||
sub = payload.get("sub")
|
||||
if sub is None:
|
||||
raise credentials_exception
|
||||
scope = payload.get("scope", "access")
|
||||
if scope != "access":
|
||||
raise credentials_exception
|
||||
user_id = int(sub)
|
||||
except (jwt.PyJWTError, TypeError, ValueError):
|
||||
raise credentials_exception from None
|
||||
|
||||
+16
-5
@@ -9,10 +9,10 @@ from app.api.deps import get_auth_service, get_user_repository
|
||||
from app.core.security import password_hasher
|
||||
from app.models.organization import Organization
|
||||
from app.models.organization_member import OrganizationMember, OrganizationRole
|
||||
from app.models.token import LoginRequest, TokenResponse
|
||||
from app.models.token import LoginRequest, RefreshRequest, TokenResponse
|
||||
from app.models.user import UserCreate
|
||||
from app.repositories.user_repo import UserRepository
|
||||
from app.services.auth_service import AuthService, InvalidCredentialsError
|
||||
from app.services.auth_service import AuthService, InvalidCredentialsError, InvalidRefreshTokenError
|
||||
|
||||
|
||||
class RegisterRequest(BaseModel):
|
||||
@@ -61,7 +61,7 @@ async def register_user(
|
||||
) from exc
|
||||
|
||||
await repo.session.refresh(user)
|
||||
return auth_service.create_access_token(user)
|
||||
return auth_service.issue_tokens(user)
|
||||
|
||||
|
||||
@router.post("/login", response_model=TokenResponse)
|
||||
@@ -74,7 +74,7 @@ async def login(
|
||||
user = await service.authenticate(credentials.email, credentials.password)
|
||||
except InvalidCredentialsError as exc: # pragma: no cover - thin API
|
||||
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail=str(exc)) from exc
|
||||
return service.create_access_token(user)
|
||||
return service.issue_tokens(user)
|
||||
|
||||
|
||||
@router.post("/token", response_model=TokenResponse)
|
||||
@@ -86,4 +86,15 @@ async def login_for_access_token(
|
||||
user = await service.authenticate(credentials.email, credentials.password)
|
||||
except InvalidCredentialsError as exc: # pragma: no cover - thin API
|
||||
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail=str(exc)) from exc
|
||||
return service.create_access_token(user)
|
||||
return service.issue_tokens(user)
|
||||
|
||||
|
||||
@router.post("/refresh", response_model=TokenResponse)
|
||||
async def refresh_tokens(
|
||||
payload: RefreshRequest,
|
||||
service: AuthService = Depends(get_auth_service),
|
||||
) -> TokenResponse:
|
||||
try:
|
||||
return await service.refresh_tokens(payload.refresh_token)
|
||||
except InvalidRefreshTokenError as exc:
|
||||
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail=str(exc)) from exc
|
||||
|
||||
Reference in New Issue
Block a user