server: implement user authentication (none by default)

2025-12-22 21:29:05 +00:00 · 2023-08-16 17:24:05 +02:00
parent d470696a49
commit e12f9afe7b
13 changed files with 263 additions and 21 deletions
--- a/server/reflector/auth/auth_fief.py
+++ b/server/reflector/auth/auth_fief.py
@@ -0,0 +1,25 @@
+from fastapi.security import OAuth2AuthorizationCodeBearer
+from fief_client import FiefAccessTokenInfo, FiefAsync, FiefUserInfo
+from fief_client.integrations.fastapi import FiefAuth
+from reflector.settings import settings
+
+fief = FiefAsync(
+    settings.AUTH_FIEF_URL,
+    settings.AUTH_FIEF_CLIENT_ID,
+    settings.AUTH_FIEF_CLIENT_SECRET,
+)
+
+scheme = OAuth2AuthorizationCodeBearer(
+    f"{settings.AUTH_FIEF_URL}/authorize",
+    f"{settings.AUTH_FIEF_URL}/api/token",
+    scopes={"openid": "openid", "offline_access": "offline_access"},
+    auto_error=False,
+)
+
+auth = FiefAuth(fief, scheme)
+
+UserInfo = FiefUserInfo
+AccessTokenInfo = FiefAccessTokenInfo
+authenticated = auth.authenticated()
+current_user = auth.current_user()
+current_user_optional = auth.current_user(optional=True)