h ddlZddlmZmZddlmZmZddlmZddlm Z m Z ddl m Z ddl mZddlmZdd lmZdd lmZdd lmZe d gd Zej0dZdZdZdZedZd#dedededefdZdedefdZ dedefdZ!d$de"dedzfdZ#d$de"dedzfdZ$eefd efd!Z%eefd efd"Z&y)%N) timedeltadatetime)Depends HTTPException)OAuth2PasswordBearer)jwtJWTError) CryptContext)Session)status)RoleType) SessionLocal)Userbcryptauto)schemes deprecated SECRET_KEYHS256iz/api/auth/login)tokenUrldbpasswordemailphonecd}| t||}n| t||}|sytj||jsy|S)NF)get_user_by_emailget_user_by_phone pwd_contextverifyr)rrrrusers I/home/www/lekema-backend.kofcorporation.com/app/utils/authentification.pyauthenticate_userr#sM D  U+   U+    h 6 Kc|jtjtj|k(tjdk(j SN)queryrfilterrr first)rrs r"rr(8 88D> u!4dkkQ6F G M M OOr$c|jtjtj|k(tjdk(j Sr&)r(rr)rr r*)rrs r"rr,r+r$data expires_deltac |j}|rtj|z}n%tjttz}|j d|it j|tt}|SN)minutesexp) algorithm) copyrutcnowrACCESS_TOKEN_EXPIRE_MINUTESupdaterencoder ALGORITHMr-r. to_encodeexpire encoded_jwts r"create_access_tokenr>0sb I"]2"Y7R%SS eV_%**Y iHK r$c |j}|rtj|z}n%tjttz}|j d|it j|tt}|Sr0) r4rr5rREFRESH_TOKEN_EXPIRE_MINUTESr7rr8rr9r:s r"create_refresh_tokenrA:sb I"]2"Y7S%TT eV_%**Y iHK r$tokencKttjdddi} tj|t t g}|jd}|| t} |jtjtj|k(j}||||f|jS#t$r|wxYw#|jwxYwwNzCould not validate credentialszWWW-AuthenticateBearer) status_codedetailheaders) algorithmssub)rr HTTP_401_UNAUTHORIZEDrdecoderr9getr rr(rr)idr*closerBcredentials_exceptionpayloaduser_idrr!s r"check_token_validityrTEs)00/#X. $**UJI;G{{5) ?' '  B xx~$$TWW%78>>@ <' '4x   $##$  s5C#6B? C#$A C.C#? C  C#C  C#c Kttjdddi} tj|t t g}|jd}|| t} |jtjtj|k(j}|||jj t"j$k7r|||j'y#t$r|wxYw#|j'wxYwwrD)rr rKrrLrr9rMr rr(rr)rNr*roletyper ADMINrOrPs r"check_user_is_adminrY`s)00/#X. $**UJI;G{{5) ?' '  B xx~$$TWW%78>>@ <' ' 99>>X^^ +' '   $##$  s5D6C* D$A5C9D* C66D9D  D)NN)N)'osrrfastapirrfastapi.securityrjoserr passlib.contextr sqlalchemy.ormr starletter app.enums.role_typer app.utils.databaserapp.models.userrrgetenvrr9r6r@ oauth2_schemestrr#rrdictr>rArTrYr$r"ris  (*1("(+ H:&A RYY| $   +$.?@  ' S  C P'P#PP'P#Pd9t3CtI4D-4M,Bc6,3=+ASr$