Mop/amap
1
0
Fork 0
Code Issues 5 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

add workflow
Some checks failed
Deploy Amap / deploy (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Julien Aldon
2026-02-19 23:38:26 +01:00
parent 7574626e52
commit 242e29c8a6
46 changed files with 536 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
backend/src/auth/auth.py
View File

@@ -22,9 +22,7 @@ jwk_client = PyJWKClient(JWKS_URL)
security = HTTPBearer()
@router.get('/logout')
def logout(
refresh_token: Annotated[str | None, Cookie()] = None,
):
def logout():
params = {
'client_id': settings.keycloak_client_id,
'post_logout_redirect_uri': settings.origins,
@@ -34,26 +32,20 @@ def logout(
key='access_token',
path='/',
secure=not settings.debug,
samesite='lax',
samesite='strict',
)
response.delete_cookie(
key='refresh_token',
path='/',
secure=not settings.debug,
samesite='lax',
samesite='strict',
)
response.delete_cookie(
key='id_token',
path='/',
secure=not settings.debug,
samesite='lax',
samesite='strict',
)
# if refresh_token:
# requests.post(LOGOUT_URL, data={
# 'client_id': settings.keycloak_client_id,
# 'client_secret': settings.keycloak_client_secret,
# 'refresh_token': refresh_token
# })
return response
@@ -127,7 +119,7 @@ def callback(code: str, session: Session = Depends(get_session)):
value=token_data['access_token'],
httponly=True,
secure=not settings.debug,
samesite='lax',
samesite='strict',
max_age=settings.max_age
)
response.set_cookie(
@@ -135,7 +127,7 @@ def callback(code: str, session: Session = Depends(get_session)):
value=token_data['refresh_token'] or '',
httponly=True,
secure=not settings.debug,
samesite='lax',
samesite='strict',
max_age=30 * 24 * settings.max_age
)
response.set_cookie(
@@ -143,7 +135,7 @@ def callback(code: str, session: Session = Depends(get_session)):
value=token_data['id_token'],
httponly=True,
secure=not settings.debug,
samesite='lax',
samesite='strict',
max_age=settings.max_age
)
@@ -152,15 +144,15 @@ def callback(code: str, session: Session = Depends(get_session)):
def verify_token(token: str):
try:
signing_key = jwk_client.get_signing_key_from_jwt(token)
decoded = jwt.decode(token, options={'verify_signature': False})
payload = jwt.decode(
decoded = jwt.decode(
token,
signing_key.key,
algorithms=['RS256'],
audience=settings.keycloak_client_id,
issuer=ISSUER,
leeway=60,
)
return payload
return decoded
except jwt.ExpiredSignatureError:
raise HTTPException(status_code=401, detail=messages.tokenexipired)
except jwt.InvalidTokenError:
@@ -210,7 +202,7 @@ def refresh_token(refresh_token: Annotated[str | None, Cookie()] = None):
value=token_data['access_token'],
httponly=True,
secure=True if settings.debug == False else True,
samesite='lax',
samesite='strict',
max_age=settings.max_age
)
response.set_cookie(
@@ -218,7 +210,7 @@ def refresh_token(refresh_token: Annotated[str | None, Cookie()] = None):
value=token_data['refresh_token'] or '',
httponly=True,
secure=True if settings.debug == False else True,
samesite='lax',
samesite='strict',
max_age=30 * 24 * settings.max_age
)
response.set_cookie(
@@ -226,7 +218,7 @@ def refresh_token(refresh_token: Annotated[str | None, Cookie()] = None):
value=token_data['id_token'],
httponly=True,
secure=not settings.debug,
samesite='lax',
samesite='strict',
max_age=settings.max_age
)
return response