Hugging Face's logo

Spaces:
mominah
/
EduLearnAI
Runtime error

App Files Community
mominah commited on
Commit
e2f542f
·
verified ·
1 Parent(s): aeacdca

Update auth.py

Browse files
Files changed (1) hide show
  1. auth.py +38 -10
auth.py CHANGED
@@ -126,18 +126,46 @@ async def login(request: Request, form_data: OAuth2PasswordRequestForm = Depends
126
  logger.info(f"User logged in: {user['email']}")
127
  return {"access_token": create_access_token(user['email']), "refresh_token": create_refresh_token(user['email']), "token_type": "bearer", "name": user['name'], "avatar": avatar_url}
128
 
129
- # Public endpoint: fetch user data by email, no auth
130
  @router.get("/user/data", response_model=User)
131
- async def get_user_data_public(email: str = Query(..., description="User email")):
132
- logger.info(f"[PUBLIC] Fetching data for email: {email}")
133
- user = get_user(email)
134
- if not user:
135
- logger.warning(f"[PUBLIC] No user found for email: {email}")
136
- raise HTTPException(status_code=404, detail="User not found")
137
- avatar_url = f"/auth/avatar/{user['avatar']}" if user.get('avatar') else None
138
- return {"name": user['name'], "email": user['email'], "avatar": avatar_url, "chat_histories": user.get('chat_histories', [])}
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
139
 
140
- @router.put("/user/update")
 
 
 
 
 
 
 
 
 
141
  async def update_user(
142
  request: Request,
143
  name: Optional[str] = Form(None),
 
126
  logger.info(f"User logged in: {user['email']}")
127
  return {"access_token": create_access_token(user['email']), "refresh_token": create_refresh_token(user['email']), "token_type": "bearer", "name": user['name'], "avatar": avatar_url}
128
 
 
129
  @router.get("/user/data", response_model=User)
130
+ async def get_user_data(
131
+ request: Request,
132
+ email: Optional[str] = Query(None, description="User email")
133
+ ):
134
+ # Determine if Authorization header is provided
135
+ auth: str = request.headers.get("Authorization", "")
136
+ user = None
137
+ if auth.startswith("Bearer "):
138
+ token = auth.split(" ", 1)[1]
139
+ # Authenticated path
140
+ try:
141
+ payload = jwt.decode(token, SECRET_KEY, algorithms=["HS256"])
142
+ user_email: str = payload.get("sub")
143
+ if not user_email:
144
+ raise HTTPException(status_code=401, detail="Invalid token payload")
145
+ user = get_user(user_email)
146
+ if not user:
147
+ raise HTTPException(status_code=404, detail="User not found")
148
+ except JWTError as e:
149
+ logger.error(f"[USER DATA] JWT decode failed: {e}")
150
+ raise HTTPException(status_code=401, detail="Invalid token")
151
+ elif email:
152
+ # Public path
153
+ user = get_user(email)
154
+ if not user:
155
+ raise HTTPException(status_code=404, detail="User not found")
156
+ else:
157
+ raise HTTPException(status_code=422, detail="Provide either Authorization header or 'email' query parameter")
158
 
159
+ # Build response
160
+ avatar_url = f"/auth/avatar/{user['avatar']}" if user.get('avatar') else None
161
+ return {
162
+ "name": user['name'],
163
+ "email": user['email'],
164
+ "avatar": avatar_url,
165
+ "chat_histories": user.get('chat_histories', [])
166
+ }
167
+
168
+ @router.put("/user/update")("/user/update")
169
  async def update_user(
170
  request: Request,
171
  name: Optional[str] = Form(None),