jketreno/backstory
1
0
Fork 0
Code Issues 12 Actions Releases Activity

Fix auth issue

Browse Source
This commit is contained in:
James Ketr 2025-08-04 16:21:29 -07:00
parent 064868e96e
commit 234148f046
1 changed files with 35 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
src/backend/routes/auth.py
View File

@ -4,6 +4,7 @@ Authentication routes
import json
import jwt
import secrets
import traceback
import uuid
import os
from datetime import datetime, timedelta, timezone, UTC
@ -11,7 +12,7 @@ from typing import Any, Dict
from fastapi import APIRouter, Depends, Body, Request, BackgroundTasks
from fastapi.responses import JSONResponse
from pydantic import BaseModel, EmailStr, ValidationError, field_validator
from pydantic import BaseModel, EmailStr, ValidationError, field_validator, Field
import backstory_traceback as backstory_traceback
from utils.rate_limiter import RateLimiter
@ -190,7 +191,6 @@ async def create_guest_session_enhanced(
except Exception as e:
logger.error(f"❌ Guest session creation error: {e}")
import traceback
logger.error(traceback.format_exc())
return JSONResponse(
@ -443,43 +443,62 @@ async def logout_all_devices(current_user=Depends(get_current_admin), database:
return JSONResponse(status_code=500, content=create_error_response("LOGOUT_ALL_ERROR", str(e)))
class RefreshTokenRequest(BaseModel):
refresh_token: str = Field(..., alias="refreshToken")
@router.post("/refresh")
async def refresh_token_endpoint(
refresh_token: str = Body(..., alias="refreshToken"), database: RedisDatabase = Depends(get_database)
):
async def refresh_token_endpoint(request: RefreshTokenRequest, database: RedisDatabase = Depends(get_database)):
"""Refresh token endpoint"""
try:
# Verify refresh token
payload = jwt.decode(refresh_token, JWT_SECRET_KEY, algorithms=[ALGORITHM])
payload = jwt.decode(request.refresh_token, JWT_SECRET_KEY, algorithms=[ALGORITHM])
user_id = payload.get("sub")
token_type = payload.get("type")
if not user_id or token_type != "refresh":
if not user_id or (token_type not in ["refresh", "refresh_guest"]):
return JSONResponse(
status_code=401, content=create_error_response("INVALID_TOKEN", "Invalid refresh token")
)
# Create new access token
access_token = create_access_token(data={"sub": user_id})
if token_type == "refresh_guest":
access_token = create_access_token(
data={"sub": user_id, "type": "guest"},
expires_delta=timedelta(hours=48), # Longer expiry for guests
)
else:
access_token = create_access_token(data={"sub": user_id})
# Get user
user = None
candidate_data = await database.get_candidate(user_id)
if candidate_data:
user = Candidate.model_validate(candidate_data)
if token_type == "refresh_guest":
guest_data = await database.get_guest(user_id)
if guest_data:
user = Guest.model_validate(guest_data)
else:
employer_data = await database.get_employer(user_id)
if employer_data:
user = Employer.model_validate(employer_data)
candidate_data = await database.get_candidate(user_id)
if candidate_data:
user = Candidate.model_validate(candidate_data)
else:
employer_data = await database.get_employer(user_id)
if employer_data:
user = Employer.model_validate(employer_data)
if not user:
return JSONResponse(status_code=404, content=create_error_response("USER_NOT_FOUND", "User not found"))
# Set appropriate expiry time
if token_type == "refresh_guest":
expires_at = int((datetime.now(UTC) + timedelta(hours=48)).timestamp())
else:
expires_at = int((datetime.now(UTC) + timedelta(hours=24)).timestamp())
auth_response = AuthResponse(
access_token=access_token,
refresh_token=refresh_token, # Keep same refresh token
refresh_token=request.refresh_token, # Keep same refresh token
user=user,
expires_at=int((datetime.now(UTC) + timedelta(hours=24)).timestamp()),
expires_at=expires_at,
)
return create_success_response(auth_response.model_dump(by_alias=True))