jwt works the routes are secured!

App/Analytics/Model.py

@@ -1,5 +1,5 @@
 import asyncio
-from App.modelInit import orm
+import orm
 import psycopg2
 import datetime
 import pydantic

App/Transcription/Model.py

@@ -1,4 +1,4 @@
-from App.modelInit import orm
+import orm
 import datetime
 from App.modelInit import database, models
 from App.Users.Model import User

App/Transcription/TranscriptionRoutes.py

@@ -1,4 +1,4 @@
-from fastapi import APIRouter, status, Form, UploadFile, File, Query, BackgroundTasks
+from fastapi import APIRouter, status, Depends, UploadFile, File, Query, BackgroundTasks
 from typing_extensions import Annotated
 from .Schemas import UserDetails
 from App import bot
@@ -7,9 +7,12 @@ import tempfile
 from celery.result import AsyncResult
 from App.Worker import transcription_task, downloadfile
 from App.Users.Model import User
+from App.Users.UserRoutes import get_token_owner
+from App.Users.Schemas import UserSchema
 from .Model import Transcriptions
 from .Utils.fastapi_tasks import perform_background_task
 import yt_dlp
+from fastapi_jwt_auth import AuthJWT
 
 # from .Model import User
 # from sqlalchemy import and_
@@ -27,8 +30,8 @@ async def download_audio(
         enum=["tiny", "small", "medium", "base", "large-v2"],
         description="Whisper model Sizes",
     ),
+    user: UserSchema = Depends(get_token_owner),
 ):
-    user = await User.objects.filter(id=userId).first()
     if user == None:
         return {"code": 400, "message": "doesn't exist", "payload": None}
 
@@ -55,26 +58,20 @@ async def download_audio(
     transcription_enrty = await Transcriptions.objects.create(
         task_id=task.id, user=user
     )
-    return {
-        "task_id": task.id,
-    }
+    return {"task_id": task.id, "file_name": filename}
 
 
 @transcription_router.post("/uploadfile/")
 async def create_file(
     background_tasks: BackgroundTasks,
     file: UploadFile,
-    userId: int = 1,
     model: str = Query(
         "tiny",
         enum=["tiny", "small", "medium", "base", "large-v2"],
         description="Whisper model Sizes",
     ),
+    user: UserSchema = Depends(get_token_owner),
 ):
-    user = await User.objects.filter(id=userId).first()
-    if user == None:
-        return {"code": 400, "message": "doesn't exist", "payload": None}
-
     # Write the file to disk asynchronously
     try:
         async with aiofiles.open(file.filename, "wb") as f:

App/Users/Model.py

@@ -1,5 +1,5 @@
 import asyncio
-from App.modelInit import orm
+import orm
 import psycopg2
 import datetime
 import pydantic

App/Users/Schemas.py

@@ -5,6 +5,15 @@ from passlib.context import CryptContext
 pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
 
 
+class UserSchema(BaseModel):
+    pk: int
+    id: int
+    name: str
+
+    class Config:
+        orm_mode = True
+
+
 class BaseRequest(BaseModel):
     email: EmailStr
     name: str

App/Users/UserRoutes.py

@@ -1,13 +1,23 @@
-from fastapi import APIRouter, status
-from .Schemas import BaseRequest
+from fastapi import APIRouter, Request, Depends, HTTPException
+from .Schemas import BaseRequest, UserSchema
+from pydantic import BaseModel
 from .Model import User
 from sqlalchemy import and_
-from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
+from fastapi_jwt_auth import AuthJWT
+
+
+class Settings(BaseModel):
+    authjwt_secret_key: str = "secret"
 
 
 user_router = APIRouter(tags=["User"])
 
 
+@AuthJWT.load_config
+def get_config():
+    return Settings()
+
+
 @user_router.post("/user/register")
 async def register_user(user: BaseRequest):
     data = await User.objects.filter(email=user.email).first()
@@ -19,10 +29,30 @@ async def register_user(user: BaseRequest):
     return {"code": 200, "message": "success", "payload": None}
 
 
+async def get_token_owner(Authorize: AuthJWT = Depends()):
+    Authorize.jwt_required()
+    current_user = Authorize.get_jwt_subject()
+    user = await User.objects.filter(id=int(current_user)).first()
+    if not user:
+        raise HTTPException(status_code=401, detail="Invalid Credentials")
+
+    return UserSchema.from_orm(user)
+
+
 @user_router.post("/user/login")
-async def register_user(user: BaseRequest):
+async def register_user(user: BaseRequest, Authorize: AuthJWT = Depends()):
     db_user = await User.objects.filter(email=user.email).first()
-    if db_user:
-        if db_user.verify_password(user.password):
-            return {"code": 200, "message": "success", "payload": db_user.__dict__}
-    return {"code": 401, "message": "Invalid Credentials", "payload": None}
+
+    if not db_user:
+        raise HTTPException(status_code=401, detail="Invalid Credentials")
+    if not db_user.verify_password(user.password):
+        raise HTTPException(status_code=401, detail="Invalid Credentials")
+    user = UserSchema.from_orm(db_user)
+    access_token = Authorize.create_access_token(subject=user.id)
+
+    return {
+        "code": 200,
+        "message": "success",
+        "payload": db_user.__dict__,
+        "access_token": access_token,
+    }

App/__main__.py

@@ -1,28 +1,8 @@
-# from App.app import app
-from App.modelInit import models, dbLink
-import asyncio
-from sqlalchemy.ext.asyncio import create_async_engine
-
-
-async def async_main() -> None:
-    engine = create_async_engine(
-        dbLink,
-        echo=True,
-    )
-
-    async with engine.begin() as conn:
-        await conn.run_sync(models.metadata.create_all)
-
+from App.app import app
 
 import uvicorn
-
-
-async def create_tables():
-    await models.create_all()
+import asyncio
 
 
 if __name__ == "__main__":
-    loop = asyncio.get_event_loop()
-    loop.run_until_complete(create_tables())
-    loop.close()
     uvicorn.run(app, host="0.0.0.0", port=7860)

App/app.py

@@ -1,13 +1,19 @@
-from fastapi import FastAPI
+from fastapi import FastAPI, Request
+from fastapi.responses import JSONResponse
 from App import bot
 
+
 from .Users.UserRoutes import user_router
 from .modelInit import models, database
 from .Transcription.TranscriptionRoutes import transcription_router
 from .Streaming.StreamingRoutes import streaming_router
 from .UserTranscriptions.UserTranscriptionsRoutes import user_transcriptions_router
 from .Monitor.monitorRoutes import monitor_router
+
+
 from fastapi.middleware.cors import CORSMiddleware
+from fastapi_jwt_auth.exceptions import AuthJWTException
+
 import logging, orm
 
 
@@ -28,7 +34,6 @@ async def create_async_model(model):
 
 
 app = FastAPI()
-models = orm.ModelRegistry(database=database)
 origins = ["*"]
 
 app.add_middleware(
@@ -40,11 +45,17 @@ app.add_middleware(
 )
 
 
+@app.exception_handler(AuthJWTException)
+def authjwt_exception_handler(request: Request, exc: AuthJWTException):
+    return JSONResponse(status_code=exc.status_code, content={"detail": exc.message})
+
+
 @app.on_event("startup")
 async def startup_event():
     # await bot.start(bot_token="6183919505:AAEhHFt4mI18bQeAf2Lj7AePXFRPVLrOFM8")
     # await upload_bot.start()
-    # models.create_all()
+    await models.create_all()
+
     # await create_async_model(models)
     if not database.is_connected:
         await database.connect()

App/modelInit.py

@@ -1,6 +1,6 @@
 import databases
 import orm, asyncio
-from App.app import app
+
 
 # deployment
 # database = databases.Database(
@@ -15,13 +15,3 @@ database = databases.Database(dbLink)
 
 
 models = orm.ModelRegistry(database=database)
-
-
-class Note(orm.Model):
-    tablename = "notes"
-    registry = models
-    fields = {
-        "id": orm.Integer(primary_key=True),
-        "text": orm.String(max_length=100),
-        "completed": orm.Boolean(default=False),
-    }

Dockerfile

@@ -17,7 +17,7 @@ USER user
 COPY --chown=user . /srv
 
 # Command to run the application
-CMD python -m App & celery -A App.Worker.celery worker -c 8 --loglevel=info
+CMD uvicorn App.app:app --host 0.0.0.0 --port 7860 & celery -A App.Worker.celery worker -c 8 --loglevel=info
 
 # Expose the server port
 EXPOSE 7860

requirements.txt

@@ -27,4 +27,6 @@ python-multipart
 redis==4.5.1
 python-multipart
 telethon
+fastapi-jwt-auth
+bcrypt
 asyncmy