FastAPI-Authentication/exceptions.py at main · li195111/FastAPI-Authentication · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
'''
HTTP Exceptions Handlers
© 2022 - 酷喬伊科技有限公司 QChoice Tech, Ltd. All rights reserved.
'''
from fastapi import Request, FastAPI, HTTPException
from fastapi.responses import JSONResponse

import jwcrypto.jwt
import jwcrypto.jwe
import jose.jwt


class InactiveUser(HTTPException):

  def __init__(self) -> None:
    status_code = 400
    detail = 'Inactive User'
    super().__init__(status_code, detail)


class InvalidUser(HTTPException):

  def __init__(self) -> None:
    status_code = 401
    detail = 'Incorrect username or password'
    headers = {'WWW-Authenticate': 'Bearer'}
    super().__init__(status_code, detail, headers)


class UserNotFound(HTTPException):

  def __init__(self) -> None:
    status_code = 404
    detail = 'User Not Found'
    super().__init__(status_code, detail)


class EmailAlreadyUsed(HTTPException):

  def __init__(self) -> None:
    status_code = 409
    detail = 'email already be used'
    super().__init__(status_code, detail)


class EmailAlreadyActive(HTTPException):

  def __init__(self) -> None:
    status_code = 409
    detail = 'email already active'
    super().__init__(status_code, detail)


class UsernameAlreadyUsed(HTTPException):

  def __init__(self) -> None:
    status_code = 409
    detail = 'username already be used'
    super().__init__(status_code, detail)


class InvalidToken(HTTPException):

  def __init__(self) -> None:
    status_code = 400
    detail = 'X-Token Header Invalid'
    super().__init__(status_code, detail)


class TokenExpired(HTTPException):

  def __init__(self) -> None:
    status_code = 401
    detail = 'Token Expired'
    headers = {'WWW-Authenticate': 'Bearer'}
    super().__init__(status_code, detail, headers)


class NotAuthenticated(HTTPException):

  def __init__(self) -> None:
    status_code = 401
    detail = 'Not authenticated'
    headers = {'WWW-Authenticate': 'Bearer'}
    super().__init__(status_code, detail, headers)


class InvalidCredentials(HTTPException):

  def __init__(self) -> None:
    status_code = 401
    detail = 'Could not validate credentials'
    headers = {'WWW-Authenticate': 'Bearer'}
    super().__init__(status_code, detail, headers)


class PermissionDenied(HTTPException):

  def __init__(self) -> None:
    status_code = 401
    detail = 'Permission denied'
    super().__init__(status_code, detail)


def setup_exceptions(app: FastAPI):

  @app.exception_handler(jwcrypto.jwt.JWTExpired)
  @app.exception_handler(PermissionDenied)
  async def jwt_expired_exception_handler(
      request: Request, exc: jwcrypto.jwt.JWTExpired | PermissionDenied):
    return JSONResponse(status_code=401,
                        content={'details': 'Permission denied'})

  @app.exception_handler(jose.jwt.JWTError)
  @app.exception_handler(InvalidCredentials)
  async def jwt_invalid_exception_handler(
      request: Request, exc: jose.jwt.JWTError | InvalidCredentials):
    return JSONResponse(status_code=401,
                        content={'details': 'Could not validate credentials'},
                        headers={'WWW-Authenticate': 'Bearer'})

  @app.exception_handler(jwcrypto.jwe.InvalidJWEData)
  async def jwe_key_exception_handler(request: Request,
                                      exc: jwcrypto.jwe.InvalidJWEData):
    return JSONResponse(status_code=401,
                        content={'details': 'Invalid Credentials'},
                        headers={'WWW-Authenticate': 'Bearer'})

  @app.exception_handler(InvalidToken)
  async def jwt_header_invalid_exception_handler(request: Request,
                                                 exc: InvalidToken):
    return JSONResponse(status_code=401, content={'details': 'Invalid Token'})

  @app.exception_handler(NotAuthenticated)
  async def jwt_authorize_failed_exception_handler(request: Request,
                                                   exc: NotAuthenticated):
    return JSONResponse(status_code=401,
                        content={'details': 'Not authenticated'},
                        headers={'WWW-Authenticate': 'Bearer'})

  @app.exception_handler(InactiveUser)
  async def user_inactive_exception_handler(request: Request,
                                            exc: InactiveUser):
    return JSONResponse(status_code=400, content={'details': 'Inactive User'})

  @app.exception_handler(InvalidUser)
  async def user_exception_handler(request: Request, exc: InvalidUser):
    return JSONResponse(status_code=401,
                        content={'details': 'Incorrect username or password'},
                        headers={'WWW-Authenticate': 'Bearer'})

  @app.exception_handler(UserNotFound)
  async def user_notfound_exception_handler(request: Request,
                                            exc: UserNotFound):
    return JSONResponse(status_code=404, content={'details': 'User Not Found'})

  @app.exception_handler(Exception)
  async def http_exception_handler(request: Request,
                                   exc: Exception) -> JSONResponse:
    return JSONResponse(status_code=404, content={'details': 'Not Found'})