matthias/liederwahl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix oauth auth

Browse Source
This commit is contained in:
matthias@matsewe.de
2024-06-24 11:43:58 +02:00
parent 26caf9cf35
commit 8bd147a1d2
1 changed files with 5 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
app/security.py
View File

@@ -13,10 +13,8 @@ import os
ALGORITHM = "HS512" ALGORITHM = "HS512"
SECRET_KEY = os.environ['SECRET_KEY'] SECRET_KEY = os.environ['SECRET_KEY']
fake_user_db = { scopes_db = {
os.environ['ADMIN_EMAIL'] : { os.environ['ADMIN_EMAIL'] : ["admin"]
"scopes" : ["admin"]
}
} }
credentials_exception = HTTPException( credentials_exception = HTTPException(
@@ -35,10 +33,8 @@ async def get_current_user(
email: str = payload.get("email") # type: ignore email: str = payload.get("email") # type: ignore
except (JWTError, ValidationError): except (JWTError, ValidationError):
raise credentials_exception raise credentials_exception
user = fake_user_db.get(email) scopes = scopes_db.get(email)
if user is None:
raise credentials_exception
for scope in security_scopes.scopes: for scope in security_scopes.scopes:
if scope not in user["scopes"]: if scope not in scopes:
raise credentials_exception raise credentials_exception
return user | {"token_payload" : payload} return payload | {"internal_scopes" : scopes}