43 lines
1.6 KiB
Python
43 lines
1.6 KiB
Python
import uvicorn
|
|
from fastapi import FastAPI, Depends
|
|
from fastapi.responses import RedirectResponse
|
|
from app.auth.cognito import initiate_auth
|
|
from app.auth.dependencies import get_current_user, require_roles
|
|
from app.models.auth import CognitoUser, SigninRequest, TokenResponse
|
|
|
|
app = FastAPI()
|
|
|
|
@app.get("/")
|
|
async def root():
|
|
return {"message": "IPTV Updater API"}
|
|
|
|
@app.post("/signin", response_model=TokenResponse, summary="Signin Endpoint")
|
|
def signin(credentials: SigninRequest):
|
|
"""
|
|
Sign-in endpoint to authenticate the user with AWS Cognito using username and password.
|
|
On success, returns JWT tokens (access_token, id_token, refresh_token).
|
|
"""
|
|
auth_result = initiate_auth(credentials.username, credentials.password)
|
|
return TokenResponse(
|
|
access_token=auth_result["AccessToken"],
|
|
id_token=auth_result["IdToken"],
|
|
refresh_token=auth_result.get("RefreshToken"),
|
|
token_type="Bearer",
|
|
)
|
|
|
|
@app.get("/protected")
|
|
async def protected_route(user: CognitoUser = Depends(get_current_user)):
|
|
"""
|
|
Protected endpoint that requires for all authenticated users.
|
|
If the user is authenticates, returns success message.
|
|
"""
|
|
return {"message": f"Hello {user.username}, you have access to support resources!"}
|
|
|
|
@app.get("/protected_admin", summary="Protected endpoint for Admin role")
|
|
@require_roles("admin")
|
|
def protected_admin_endpoint(user: CognitoUser = Depends(get_current_user)):
|
|
"""
|
|
Protected endpoint that requires the 'admin' role.
|
|
If the user has 'admin' role, returns success message.
|
|
"""
|
|
return {"message": f"Hello {user.username}, you have admin privileges!"} |