-
Notifications
You must be signed in to change notification settings - Fork 1
/
middleware.py
35 lines (26 loc) · 1.02 KB
/
middleware.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
import os
import jwt
from fastapi import Depends
from fastapi.responses import RedirectResponse
from fastapi.security import OAuth2PasswordBearer
from starlette.middleware.base import BaseHTTPMiddleware
from db import db
user_collection = db['user']
oauth2_scheme = OAuth2PasswordBearer(tokenUrl='token')
def get_user_from_token(token: str = Depends(oauth2_scheme)):
try:
payload = jwt.decode(token, os.environ.get('JWT_SECRET_KEY'), algorithms=[os.environ.get('ALGORITHM')])
return payload.get("sub")
except jwt.ExpiredSignatureError:
return None
except jwt.InvalidTokenError:
return None
class AdminMiddleware(BaseHTTPMiddleware):
async def dispatch(self, request, call_next):
if request.url.path.startswith("/admin"):
token = request.cookies.get("token")
user_subject = get_user_from_token(token)
if not user_subject:
return RedirectResponse(url='/user/login')
response = await call_next(request)
return response