diff --git a/api/routes/security.py b/api/routes/security.py index dc7a1f0..e1fd66e 100644 --- a/api/routes/security.py +++ b/api/routes/security.py @@ -1,27 +1,30 @@ -from datetime import datetime, timedelta -from typing import Annotated, Optional import os -import urllib.parse import secrets import string +import urllib.parse +from datetime import datetime, timedelta +from typing import Annotated, Optional -import bcrypt import aiohttp -from fastapi import HTTPException, APIRouter, Depends, status, Response, Request +import bcrypt +import dotenv +from fastapi import APIRouter, Depends, HTTPException, Request, Response, status from fastapi.responses import RedirectResponse -from fastapi.security import OAuth2AuthorizationCodeBearer, HTTPBearer, HTTPAuthorizationCredentials +from fastapi.security import ( + HTTPAuthorizationCredentials, + HTTPBearer, + OAuth2AuthorizationCodeBearer, +) from fastapi.security.utils import get_authorization_scheme_param -from starlette.status import HTTP_401_UNAUTHORIZED from jose import JWTError, jwt from pydantic import BaseModel from sqlalchemy import select +from starlette.status import HTTP_401_UNAUTHORIZED -import dotenv dotenv.load_dotenv() -import api.schemas as schemas import api.database as db - +import api.schemas as schemas ALGORITHM = "HS256" ACCESS_TOKEN_EXPIRE_MINUTES = 1440 # 24 hours @@ -238,6 +241,7 @@ async def redirect_callback(code: str, state: Optional[str] = None): access_token = create_access_token( data={ "sub": user.sub, + "role": "web_user", # For PostgREST "groups": [group.id for group in user.groups], }