jwt complete

.idea/.gitignore

+# Default ignored files
+/shelf/
+/workspace.xml

.idea/inspectionProfiles/Project_Default.xml

+<component name="InspectionProjectProfileManager">
+  <profile version="1.0">
+    <option name="myName" value="Project Default" />
+    <inspection_tool class="PyPep8NamingInspection" enabled="true" level="WEAK WARNING" enabled_by_default="true">
+      <option name="ignoredErrors">
+        <list>
+          <option value="N802" />
+          <option value="N806" />
+        </list>
+      </option>
+    </inspection_tool>
+  </profile>
+</component>
\ No newline at end of file

.idea/inspectionProfiles/profiles_settings.xml

+<component name="InspectionProjectProfileManager">
+  <settings>
+    <option name="USE_PROJECT_PROFILE" value="false" />
+    <version value="1.0" />
+  </settings>
+</component>
\ No newline at end of file

.idea/jwt_fastapi.iml

+<?xml version="1.0" encoding="UTF-8"?>
+<module type="PYTHON_MODULE" version="4">
+  <component name="NewModuleRootManager">
+    <content url="file://$MODULE_DIR$">
+      <excludeFolder url="file://$MODULE_DIR$/venv" />
+    </content>
+    <orderEntry type="inheritedJdk" />
+    <orderEntry type="sourceFolder" forTests="false" />
+  </component>
+</module>
\ No newline at end of file

.idea/misc.xml

+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ProjectRootManager" version="2" project-jdk-name="Python 3.11 (jwt_fastapi)" project-jdk-type="Python SDK" />
+</project>
\ No newline at end of file

.idea/modules.xml

+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ProjectModuleManager">
+    <modules>
+      <module fileurl="file://$PROJECT_DIR$/.idea/jwt_fastapi.iml" filepath="$PROJECT_DIR$/.idea/jwt_fastapi.iml" />
+    </modules>
+  </component>
+</project>
\ No newline at end of file

.idea/vcs.xml

+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="VcsDirectoryMappings">
+    <mapping directory="$PROJECT_DIR$" vcs="Git" />
+  </component>
+</project>
\ No newline at end of file

main.py

+
+import uvicorn
+
+if __name__ == "__main__":
+    uvicorn.run("scripts.core.services.app:app",reload=True)
\ No newline at end of file

scripts/core/constants/.env

+secret=b'deff1952d59f883ece260e8683fed21ab0ad9a53323eca4f'
+
+algorithm=HS256
\ No newline at end of file

scripts/core/handlers/auth_bearer.py

+
+from fastapi import Request, HTTPException
+from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
+
+from scripts.core.handlers.jwt_handler import decodeJWT
+
+
+class JWTBearer(HTTPBearer):
+    def __init__(self, auto_error: bool = True):
+        super(JWTBearer, self).__init__(auto_error=auto_error)
+
+    async def __call__(self, request: Request):
+        credentials: HTTPAuthorizationCredentials = await super(JWTBearer, self).__call__(request)
+        if credentials:
+            if not credentials.scheme == "Bearer":
+                raise HTTPException(status_code=403, detail="Invalid authentication scheme.")
+            if not self.verify_jwt(credentials.credentials):
+                raise HTTPException(status_code=403, detail="Invalid token or expired token.")
+            return credentials.credentials
+        else:
+            raise HTTPException(status_code=403, detail="Invalid authorization code.")
+
+    def verify_jwt(self, jwtoken: str) -> bool:
+        isTokenValid: bool = False
+
+        try:
+            payload = decodeJWT(jwtoken)
+        except:
+            payload = None
+        if payload:
+            isTokenValid = True
+        return isTokenValid
\ No newline at end of file

scripts/core/handlers/jwt_handler.py

+import time
+from typing import Dict
+
+import jwt
+from decouple import config
+
+JWT_SECRET ='deff1952d59f883ece260e8683fed21ab0ad9a53323eca4f'
+
+JWT_ALGORITHM = 'HS256'
+
+
+def token_response(token: str):
+    return {
+        "access_token": token
+    }
+
+
+def signJWT(user_id: str) -> Dict[str, str]:
+    payload = {
+        "user_id": user_id,
+        "expires": time.time() + 600
+    }
+    token = jwt.encode(payload, JWT_SECRET, algorithm=JWT_ALGORITHM)
+
+    return token_response(token)
+
+
+def decodeJWT(token: str) -> dict:
+    try:
+        decoded_token = jwt.decode(token, JWT_SECRET, algorithms=[JWT_ALGORITHM])
+        return decoded_token if decoded_token["expires"] >= time.time() else None
+    except:
+        return {}

scripts/core/schemas/mode.py

+# app/model.py
+
+from pydantic import BaseModel, Field, EmailStr
+
+
+class PostSchema(BaseModel):
+    id: int = Field(default=None)
+    title: str = Field(...)
+    content: str = Field(...)
+
+    class Config:
+        schema_extra = {
+            "example": {
+                "title": "Securing FastAPI applications with JWT.",
+                "content": "In this tutorial, you'll learn how to secure your application by enabling authentication "
+                           "using JWT. We'll be using PyJWT to sign, encode and decode JWT tokens...."
+            }
+        }
+
+
+
+
+
+class UserSchema(BaseModel):
+    fullname: str = Field(...)
+    email: EmailStr = Field(...)
+    password: str = Field(...)
+
+    class Config:
+        schema_extra = {
+            "example": {
+                "fullname": "Abdulazeez Abdulazeez Adeshina",
+                "email": "abdulazeez@x.com",
+                "password": "weakpassword"
+            }
+        }
+
+class UserLoginSchema(BaseModel):
+    email: EmailStr = Field(...)
+    password: str = Field(...)
+
+    class Config:
+        schema_extra = {
+            "example": {
+                "email": "abdulazeez@x.com",
+                "password": "weakpassword"
+            }
+        }

scripts/core/services/app.py

+# app/api.py
+
+from fastapi import FastAPI, Body, Depends
+
+from scripts.core.handlers.auth_bearer import JWTBearer
+from scripts.core.handlers.jwt_handler import signJWT
+from scripts.core.schemas.mode import PostSchema, UserSchema, UserLoginSchema
+
+posts = [
+    {
+        "id": 1,
+        "title": "Pancake",
+        "content": "Lorem Ipsum ..."
+    }
+]
+
+users = []
+
+app = FastAPI()
+
+
+@app.get("/", tags=["root"])
+async def read_root() -> dict:
+    return {"message": "Welcome to your blog!"}
+
+
+@app.get("/posts", tags=["posts"])
+async def get_posts() -> dict:
+    return {"data": posts}
+
+
+@app.get("/posts/{id}", tags=["posts"])
+async def get_single_post(id: int) -> dict:
+    if id > len(posts):
+        return {
+            "error": "No such post with the supplied ID."
+        }
+
+    for post in posts:
+        if post["id"] == id:
+            return {
+                "data": post
+            }
+
+
+@app.post("/posts",dependencies=[Depends(JWTBearer())], tags=["posts"])
+async def add_post(post: PostSchema) -> dict:
+    post.id = len(posts) + 1
+    posts.append(post.dict())
+    return {
+        "data": "post added."
+    }
+
+
+@app.post("/user/signup", tags=["user"])
+async def create_user(user: UserSchema = Body(...)):
+    users.append(user)  # replace with db call, making sure to hash the password first
+    return signJWT(user.email)
+
+
+def check_user(data: UserLoginSchema):
+    for user in users:
+        if user.email == data.email and user.password == data.password:
+            return True
+    return False
+
+
+def check_user(data: UserLoginSchema):
+    for user in users:
+        if user.email == data.email and user.password == data.password:
+            return True
+    return False
\ No newline at end of file