From 9131e6cd86e74ff97d0db236c2c037fdf14c0431 Mon Sep 17 00:00:00 2001
From: Ismail Pelaseyed <homanp@gmail.com>
Date: Sun, 28 May 2023 21:24:27 +0200
Subject: [PATCH] Add possibility to access API using API tokens

---
 app/lib/auth/prisma.py | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/app/lib/auth/prisma.py b/app/lib/auth/prisma.py
index a31f15630..6d4a156f0 100644
--- a/app/lib/auth/prisma.py
+++ b/app/lib/auth/prisma.py
@@ -7,6 +7,8 @@
 from fastapi import HTTPException, Request
 from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
 
+from app.lib.prisma import prisma
+
 jwtSecret = config("JWT_SECRET")
 
 
@@ -51,17 +53,25 @@ async def __call__(self, request: Request):
         credentials: HTTPAuthorizationCredentials = await super(
             JWTBearer, self
         ).__call__(request)
+
         if credentials:
             if not credentials.scheme == "Bearer":
                 raise HTTPException(
-                    status_code=403, detail="Invalid authentication scheme."
+                    status_code=403, detail="Invalid token or expired token."
                 )
 
             if not self.verify_jwt(credentials.credentials):
-                raise HTTPException(
-                    status_code=403, detail="Invalid token or expired token."
+                tokens_data = prisma.apitoken.find_first(
+                    where={"token": credentials.credentials}
                 )
 
+                if not tokens_data:
+                    raise HTTPException(
+                        status_code=403, detail="Invalid token or expired token."
+                    )
+
+                return signJWT(tokens_data.userId)
+
             return credentials.credentials
 
         else: