o h@sddlmZmZddlmZmZddlmZmZddlm Z ddl m Z m Z ddl mZddlmZe dd ZGd d d Zd S) )datetime timedelta)DictOptional)Depends HTTPException)OAuth2PasswordBearer)jwtJWTError)settings)Anyz/FASTAPI/user/login)tokenUrlc@seZdZdZeddeeefdee defddZ edde eefdee defdd Z ee efd ede eeffd d Zed ede eeffddZdS) JWTManagerz=Handles JWT access and refresh token creation and validation.Ndata expires_deltareturncC\|}t|pttjd}||ddd|vs d|vr$tdtj |tj tj dS)z$Generate a short-lived access token.)minutesaccessexptypeuser_idsub4Token must include both `user_id` and `sub` (email). algorithm) copyrutcnowrr ACCESS_TOKEN_EXPIRE_MINUTESupdate ValueErrorr encode SECRET_KEY ALGORITHMrr to_encodeexpirer(9/var/www/html/beacon-api/app/dependency/authantication.pycreate_access_tokenzJWTManager.create_access_tokencCr)z$Generate a long-lived refresh token.)daysrefreshrrrrr) rrrrr REFRESH_TOKEN_EXPIRE_DAYSr r!r r"r#r$r%r(r(r)create_refresh_tokenr+zJWTManager.create_refresh_tokentokencCszF|s tddd|}|dr|dd}tj|tjtjgd}| d}|d kr4tdd d| d r>| d sDtdd d|WSt yStdddw)z0Validate access token from Authorization header.z Missing token status_codedetailzbearer N algorithmsrrz%Invalid token type for this operationrrz Invalid token: missing user datazInvalid or expired token) rstriplower startswithr decoder r#r$getr )r0payload token_typer(r(r) verify_tokenFs        zJWTManager.verify_token refresh_tokencCsz:tj|tjtjgd}|ddkrtddd|d}|d}|r'|s-tdd dt||d }|d d WSt yGtdd dw)z7Use a valid refresh token to create a new access token.r6rr-r1zInvalid refresh token typer2rrz"Refresh token is missing user data)rrbearer) access_tokenr>z Invalid or expired refresh token) r r;r r#r$r<rrr*r )r@r=r user_namerBr(r(r)refresh_access_tokenbs$      zJWTManager.refresh_access_token)N)__name__ __module__ __qualname____doc__ staticmethoddictstrr rrr*rr/r oauth2_schemer?rDr(r(r(r)r s& &)$ rN)rrtypingrrfastapirrfastapi.securityrjoser r app.configr r rLrr(r(r(r)s