add fastapi app middleware
This commit is contained in:
parent
7f4fcf5228
commit
1153c8ba0d
74
buckler_fastapi.py
Normal file
74
buckler_fastapi.py
Normal file
|
|
@ -0,0 +1,74 @@
|
|||
#!/usr/bin/env python3
|
||||
"""
|
||||
Session interface middlewares to integrate the fastapi app with Buckler.
|
||||
"""
|
||||
import json
|
||||
from datetime import datetime
|
||||
|
||||
import httpx
|
||||
from fastapi import FastAPI, Request
|
||||
from fastapi.responses import RedirectResponse
|
||||
from starlette.middleware.base import BaseHTTPMiddleware
|
||||
|
||||
import config
|
||||
|
||||
|
||||
class BucklerSessionMiddleware(BaseHTTPMiddleware):
|
||||
"""
|
||||
Verifies the user with the configured Buckler app and retrieves any
|
||||
session data they may have. Redirects them to the login page otherwise.
|
||||
"""
|
||||
def __init__(self, app):
|
||||
super().__init__(app)
|
||||
|
||||
async def dispatch(self, request: Request, call_next):
|
||||
user_id = request.cookies.get('userid', '')
|
||||
user_sid = request.cookies.get('session', '')
|
||||
|
||||
url = config.buckler['url'] + '/get_session'
|
||||
params = {
|
||||
'app_id': config.buckler['app_id'],
|
||||
'app_key': config.buckler['app_key'],
|
||||
'userid': user_id,
|
||||
'session': user_sid }
|
||||
|
||||
async with httpx.AsyncClient() as client:
|
||||
resp = await client.get(url, params=params)
|
||||
data = resp.json()
|
||||
|
||||
if data.get('error'): # user not logged in
|
||||
response = RedirectResponse(config.buckler['login_url'])
|
||||
response.set_cookie('redirect', config.server_homepage)
|
||||
return response
|
||||
|
||||
request.state.session = data.get('session_data')
|
||||
request.state.meta = data.get('meta')
|
||||
response = await call_next(request)
|
||||
|
||||
if request.state.session != data['session_data']: # session data modified
|
||||
url = config.buckler['url'] + '/set_session'
|
||||
data = json.dumps(request.state.session)
|
||||
async with httpx.AsyncClient() as client:
|
||||
await client.post(url, params=params, data=data)
|
||||
|
||||
last_used = datetime.fromisoformat(request.state.meta['last_used'])
|
||||
now = datetime.now(last_used.tzinfo)
|
||||
delta = now - last_used
|
||||
if delta.seconds > 600:
|
||||
response.set_cookie(
|
||||
'userid',
|
||||
user_id,
|
||||
domain=config.server_domain,
|
||||
max_age=30*24*60*60,
|
||||
secure=True,
|
||||
httponly=True,
|
||||
samesite='strict')
|
||||
response.set_cookie(
|
||||
'session',
|
||||
user_sid,
|
||||
domain=config.server_domain,
|
||||
max_age=30*24*60*60,
|
||||
secure=True,
|
||||
httponly=True,
|
||||
samesite='strict')
|
||||
return response
|
||||
Loading…
Reference in New Issue
Block a user