Spaces:

Detomo
/

meisaicheck-api

Sleeping

vumichien commited on 22 days ago

Commit

edf9ade

1 Parent(s): ea1dcd3

fix authen

Files changed (4) hide show

auth.py CHANGED Viewed

@@ -10,7 +10,7 @@ from typing import Annotated, Optional
 from jwt.exceptions import InvalidTokenError
 pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
-oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/token", auto_error=True)
 # Authentication helper functions
 def verify_password(plain_password, hashed_password):

 from jwt.exceptions import InvalidTokenError
 pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
+oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token", auto_error=True)
 # Authentication helper functions
 def verify_password(plain_password, hashed_password):

main.py CHANGED Viewed

@@ -48,8 +48,7 @@ app = FastAPI(
             "description": "AI model endpoints for prediction and embedding",
         },
     ],
-    # Add root_path for HF Spaces deployment
-    root_path="/api",
 )
 # Include Routers

             "description": "AI model endpoints for prediction and embedding",
         },
     ],
+    # Removed root_path since HF Spaces already handles it
 )
 # Include Routers

routes/auth.py CHANGED Viewed

@@ -37,3 +37,20 @@ async def register_user(user_data: UserCreate):
     if not success:
         raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail=message)
     return {"message": message}

     if not success:
         raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail=message)
     return {"message": message}
+@router.get("/generate-test-token/{username}")
+async def generate_test_token(username: str):
+    """
+    Generate a test token for a user without requiring password
+    (For testing only, should be disabled in production)
+    """
+    users = get_users()
+    if username not in users:
+        raise HTTPException(status_code=404, detail="User not found")
+    access_token_expires = timedelta(hours=ACCESS_TOKEN_EXPIRE_HOURS)
+    access_token = create_access_token(
+        data={"sub": username}, expires_delta=access_token_expires
+    )
+    return {"access_token": access_token, "token_type": "bearer", "username": username}

routes/health.py CHANGED Viewed

@@ -1,7 +1,9 @@
-from fastapi import APIRouter, Depends
 from auth import get_current_user
 from models import User
 import time
 router = APIRouter()
@@ -23,3 +25,34 @@ async def auth_check(current_user: User = Depends(get_current_user)):
         "username": current_user.username,
         "message": "Authentication successful",
     }

+from fastapi import APIRouter, Depends, Header, Request
 from auth import get_current_user
 from models import User
 import time
+import jwt
+from config import SECRET_KEY, ALGORITHM
 router = APIRouter()
         "username": current_user.username,
         "message": "Authentication successful",
     }
+@router.get("/debug-auth")
+async def debug_auth(request: Request, authorization: str = Header(None)):
+    """
+    Debug endpoint to manually inspect the authorization header and token
+    """
+    headers = dict(request.headers)
+    auth_header = headers.get("authorization", "Not found")
+    token_info = {"valid": False, "error": None, "payload": None}
+    if authorization and authorization.startswith("Bearer "):
+        token = authorization.replace("Bearer ", "")
+        try:
+            payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
+            token_info["valid"] = True
+            token_info["payload"] = payload
+        except Exception as e:
+            token_info["error"] = str(e)
+    return {
+        "headers": headers,
+        "auth_header": auth_header,
+        "token_info": token_info,
+        "host_info": {
+            "url": str(request.url),
+            "base_url": str(request.base_url),
+            "method": request.method,
+        },
+    }