FastAPI学习笔记之OAuth2 认证

FastAPI学习笔记之OAuth2 认证

官方：https://fastapi.tiangolo.com/

1. OAuth2 认证demo

from datetime import timedelta, datetime, timezone

from fastapi import FastAPI, Depends, HTTPException
from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
import jwt

app = FastAPI()
SECRET_KEY = "helloworld"
ACCESS_TOKEN_EXPIRE_MINUTES = 30

oauth2_scheme = OAuth2PasswordBearer(tokenUrl="login")


@app.post("/login")
async def login(form_data: OAuth2PasswordRequestForm = Depends()):
    # 1. 通过OAuth2PasswordRequestForm获取用户名和密码
    username = form_data.username
    password = form_data.password
    # 2. 通过用户名和密码验证用户
    if password == "admin":
        access_token_expires = datetime.now(timezone.utc) + timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
        data = {
            'sub': username,
            'exp': access_token_expires
        }
        # 3. 通过验证以后使用jwt技术生成token
        token = jwt.encode(data, SECRET_KEY, algorithm="HS256")
        # 4. 返回{"access_token": "token", "token_type": "bearer"}
        return {"access_token": token, "token_type": "bearer"}
    else:
        raise HTTPException(status_code=400, detail="Incorrect username or password")


def get_current_user(token: str = Depends(oauth2_scheme)):
    try:
        payload = jwt.decode(token, SECRET_KEY, algorithms=["HS256"])
        username: str = payload.get("sub")
        if username is None:
            raise HTTPException(status_code=401, detail="Invalid authentication credentials")
    except jwt.ExpiredSignatureError:
        raise HTTPException(status_code=401, detail="Token has expired")
    except jwt.InvalidTokenError:
        raise HTTPException(status_code=401, detail="Invalid token")
    return username


@app.get("/item")
def index(username: str = Depends(get_current_user)):
    return {"message": "Hello, " + username}