Home/iptv-manager-service
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
658f7998ef5034569933c09db6d0c601ec7eecf4
iptv-manager-service/app/main.py
Stefano 658f7998ef
All checks were successful
AWS Deploy on Push / build (push) Successful in 4m25s
Details
Switch to cognito user/password authentication. Major code refactor - Fix 2
2025-05-16 13:00:09 -05:00

92 lines
3.0 KiB
Python
Raw Blame History

from fastapi.security import OAuth2PasswordBearer
import uvicorn
from fastapi import FastAPI, Depends
from fastapi.responses import RedirectResponse
from app.auth.cognito import initiate_auth
from app.auth.dependencies import get_current_user, require_roles
from app.models.auth import CognitoUser, SigninRequest, TokenResponse
from fastapi import FastAPI, Depends, Security
from fastapi.security import OAuth2PasswordBearer
from fastapi.openapi.utils import get_openapi
app = FastAPI(
title="IPTV Updater API",
description="API for IPTV Updater service",
version="1.0.0",
)
def custom_openapi():
if app.openapi_schema:
return app.openapi_schema
openapi_schema = get_openapi(
title=app.title,
version=app.version,
description=app.description,
routes=app.routes,
)
# Ensure components object exists
if "components" not in openapi_schema:
openapi_schema["components"] = {}
# Add schemas if they don't exist
if "schemas" not in openapi_schema["components"]:
openapi_schema["components"]["schemas"] = {}
# Add security scheme component
openapi_schema["components"]["securitySchemes"] = {
"Bearer": {
"type": "http",
"scheme": "bearer",
"bearerFormat": "JWT"
}
}
# Add global security requirement
openapi_schema["security"] = [{"Bearer": []}]
# Set OpenAPI version explicitly
openapi_schema["openapi"] = "3.1.0"
app.openapi_schema = openapi_schema
return app.openapi_schema
app.openapi = custom_openapi
@app.get("/")
async def root():
return {"message": "IPTV Updater API"}
@app.post("/signin", response_model=TokenResponse, summary="Signin Endpoint")
def signin(credentials: SigninRequest):
"""
Sign-in endpoint to authenticate the user with AWS Cognito using username and password.
On success, returns JWT tokens (access_token, id_token, refresh_token).
"""
auth_result = initiate_auth(credentials.username, credentials.password)
return TokenResponse(
access_token=auth_result["AccessToken"],
id_token=auth_result["IdToken"],
refresh_token=auth_result.get("RefreshToken"),
token_type="Bearer",
)
@app.get("/protected",
summary="Protected endpoint for authenticated users")
async def protected_route(user: CognitoUser = Depends(get_current_user)):
"""
Protected endpoint that requires for all authenticated users.
If the user is authenticates, returns success message.
"""
return {"message": f"Hello {user.username}, you have access to support resources!"}
@app.get("/protected_admin", summary="Protected endpoint for Admin role")
@require_roles("admin")
def protected_admin_endpoint(user: CognitoUser = Depends(get_current_user)):
"""
Protected endpoint that requires the 'admin' role.
If the user has 'admin' role, returns success message.
"""
return {"message": f"Hello {user.username}, you have admin privileges!"}
Reference in New Issue View Git Blame Copy Permalink