From 7b7ff78030db603303f0ffa424648c47c6c68cdc Mon Sep 17 00:00:00 2001 From: Stefano Date: Thu, 15 May 2025 16:11:30 -0500 Subject: [PATCH] Added cognito authentication - Fix 3 --- .vscode/settings.json | 1 + app/main.py | 11 +++++------ requirements.txt | 3 ++- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/.vscode/settings.json b/.vscode/settings.json index ee29726..c331b1f 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -14,6 +14,7 @@ "iptv", "nohup", "passlib", + "pyjwt", "starlette", "stefano", "uvicorn", diff --git a/app/main.py b/app/main.py index af42494..7e7bbe5 100644 --- a/app/main.py +++ b/app/main.py @@ -17,19 +17,18 @@ async def protected_route(user = Depends(get_current_user)): @app.get("/auth/callback") async def auth_callback(code: str): try: - # Exchange the authorization code for tokens tokens = exchange_code_for_token(code) - # Create a response with the access token + # Use id_token instead of access_token response = JSONResponse(content={ "message": "Authentication successful", - "access_token": tokens["access_token"] + "id_token": tokens["id_token"] # Changed from access_token }) - # Set the access token as a cookie + # Store id_token in cookie response.set_cookie( - key="access_token", - value=tokens["access_token"], + key="token", + value=tokens["id_token"], # Changed from access_token httponly=True, secure=True, samesite="lax" diff --git a/requirements.txt b/requirements.txt index 58cf331..b42ae78 100644 --- a/requirements.txt +++ b/requirements.txt @@ -7,4 +7,5 @@ uvicorn==0.22.0 requests==2.31.0 passlib[bcrypt]==1.7.4 boto3==1.28.0 -starlette>=0.27.0 \ No newline at end of file +starlette>=0.27.0 +pyjwt==2.7.0 \ No newline at end of file