Hugging Face's logo

Spaces:
HydraBolt
/
SanadLLM
Sleeping

App Files Community
Hydra-Bolt commited on
Commit
92daf66
·
1 Parent(s): bbfff2e

fixed

Browse files
Files changed (2) hide show
  1. app/auth/routes.py +0 -8
  2. app/middleware/__init__.py +2 -34
app/auth/routes.py CHANGED
@@ -287,10 +287,6 @@ async def refresh_token(request: Request, token_data: TokenRefreshRequest):
287
  new_access_token = auth_middleware.create_access_token(data={"sub": user.id})
288
  new_refresh_token = auth_middleware.create_refresh_token(data={"sub": user.id})
289
 
290
- # Blacklist old refresh token
291
- expires_at = datetime.fromtimestamp(payload.get("exp", 0))
292
- auth_middleware.blacklist_token(token_data.refresh_token, expires_at)
293
-
294
  # Create new session
295
  await create_user_session(user.id, new_access_token, new_refresh_token, request)
296
 
@@ -319,10 +315,6 @@ async def logout(credentials: HTTPAuthorizationCredentials = Depends(security)):
319
  token = credentials.credentials
320
  payload = auth_middleware.verify_token(token)
321
 
322
- # Blacklist the token
323
- expires_at = datetime.fromtimestamp(payload.get("exp", 0))
324
- auth_middleware.blacklist_token(token, expires_at)
325
-
326
  # Update session as ended
327
  user_id = payload.get("sub")
328
  if user_id:
 
287
  new_access_token = auth_middleware.create_access_token(data={"sub": user.id})
288
  new_refresh_token = auth_middleware.create_refresh_token(data={"sub": user.id})
289
 
 
 
 
 
290
  # Create new session
291
  await create_user_session(user.id, new_access_token, new_refresh_token, request)
292
 
 
315
  token = credentials.credentials
316
  payload = auth_middleware.verify_token(token)
317
 
 
 
 
 
318
  # Update session as ended
319
  user_id = payload.get("sub")
320
  if user_id:
app/middleware/__init__.py CHANGED
@@ -3,7 +3,6 @@ from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
3
  from jose import JWTError, jwt
4
  from datetime import datetime, timedelta
5
  from typing import Optional
6
- import redis
7
  from supabase import create_client, Client
8
 
9
  from app.config.settings import settings
@@ -15,22 +14,10 @@ class AuthMiddleware:
15
 
16
  def __init__(self):
17
  self.security = HTTPBearer()
18
- self.supabase: Client = create_client(
19
  settings.SUPABASE_URL,
20
  settings.SUPABASE_SERVICE_KEY
21
  ) if settings.SUPABASE_URL and settings.SUPABASE_SERVICE_KEY else None
22
-
23
- # Redis client for token blacklisting
24
- try:
25
- self.redis_client = redis.Redis(
26
- host=settings.REDIS_HOST,
27
- port=settings.REDIS_PORT,
28
- db=settings.REDIS_DB,
29
- password=settings.REDIS_PASSWORD if settings.REDIS_PASSWORD else None,
30
- decode_responses=True
31
- )
32
- except Exception:
33
- self.redis_client = None
34
 
35
  def create_access_token(self, data: dict, expires_delta: Optional[timedelta] = None) -> str:
36
  """Create JWT access token."""
@@ -59,14 +46,6 @@ class AuthMiddleware:
59
  def verify_token(self, token: str) -> dict:
60
  """Verify JWT token."""
61
  try:
62
- # Check if token is blacklisted
63
- if self.redis_client and self.redis_client.get(f"blacklist:{token}"):
64
- raise HTTPException(
65
- status_code=status.HTTP_401_UNAUTHORIZED,
66
- detail="Token has been revoked",
67
- headers={"WWW-Authenticate": "Bearer"},
68
- )
69
-
70
  payload = jwt.decode(token, settings.JWT_SECRET_KEY, algorithms=[settings.JWT_ALGORITHM])
71
  return payload
72
  except JWTError:
@@ -76,17 +55,6 @@ class AuthMiddleware:
76
  headers={"WWW-Authenticate": "Bearer"},
77
  )
78
 
79
- def blacklist_token(self, token: str, expires_at: datetime):
80
- """Add token to blacklist."""
81
- if self.redis_client:
82
- try:
83
- # Calculate TTL until token expires
84
- ttl = int((expires_at - datetime.utcnow()).total_seconds())
85
- if ttl > 0:
86
- self.redis_client.setex(f"blacklist:{token}", ttl, "1")
87
- except Exception:
88
- pass # If Redis is down, continue without blacklisting
89
-
90
  async def get_user_from_supabase(self, user_id: str) -> Optional[User]:
91
  """Get user from Supabase."""
92
  if not self.supabase:
@@ -106,7 +74,7 @@ class AuthMiddleware:
106
  token = credentials.credentials
107
  payload = self.verify_token(token)
108
 
109
- user_id: str = payload.get("sub")
110
  if user_id is None:
111
  raise HTTPException(
112
  status_code=status.HTTP_401_UNAUTHORIZED,
 
3
  from jose import JWTError, jwt
4
  from datetime import datetime, timedelta
5
  from typing import Optional
 
6
  from supabase import create_client, Client
7
 
8
  from app.config.settings import settings
 
14
 
15
  def __init__(self):
16
  self.security = HTTPBearer()
17
+ self.supabase = create_client(
18
  settings.SUPABASE_URL,
19
  settings.SUPABASE_SERVICE_KEY
20
  ) if settings.SUPABASE_URL and settings.SUPABASE_SERVICE_KEY else None
 
 
 
 
 
 
 
 
 
 
 
 
21
 
22
  def create_access_token(self, data: dict, expires_delta: Optional[timedelta] = None) -> str:
23
  """Create JWT access token."""
 
46
  def verify_token(self, token: str) -> dict:
47
  """Verify JWT token."""
48
  try:
 
 
 
 
 
 
 
 
49
  payload = jwt.decode(token, settings.JWT_SECRET_KEY, algorithms=[settings.JWT_ALGORITHM])
50
  return payload
51
  except JWTError:
 
55
  headers={"WWW-Authenticate": "Bearer"},
56
  )
57
 
 
 
 
 
 
 
 
 
 
 
 
58
  async def get_user_from_supabase(self, user_id: str) -> Optional[User]:
59
  """Get user from Supabase."""
60
  if not self.supabase:
 
74
  token = credentials.credentials
75
  payload = self.verify_token(token)
76
 
77
+ user_id = payload.get("sub")
78
  if user_id is None:
79
  raise HTTPException(
80
  status_code=status.HTTP_401_UNAUTHORIZED,