setup fastapi auth using authentik instance

2025-06-14 13:39:37 +00:00 · 2025-06-14 13:39:37 +00:00 · 9b03ab83d2
commit 9b03ab83d2
parent 4ad04775c9
5 changed files with 175 additions and 19 deletions
--- a/crawler/api/app.py
+++ b/crawler/api/app.py
@ -1,31 +1,27 @@
 from typing import Annotated
-from fastapi import Depends, FastAPI, HTTPException, status
-from fastapi.security import OAuth2PasswordBearer
-from models.user import User
+from api.auth import get_current_user
+from api.config import DEV_TIER_ORIGINS, PROD_TIER_ORIGINS
+from fastapi import Depends, FastAPI
+from api.auth import User
 from repositories.listing_repository import ListingRepository
 from repositories.listing_repository import ListingRepository
 from database import engine
-from repositories.user_repository import UserRepository
+from fastapi.middleware.cors import CORSMiddleware


 app = FastAPI()
-oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")

-
-async def decode_token(token: Annotated[str, Depends(oauth2_scheme)]):
-    repository = UserRepository(engine)
-    user = await repository.get_user_from_token(token)
-    if not user:
-        raise HTTPException(
-            status_code=status.HTTP_401_UNAUTHORIZED,
-            detail="Invalid authentication credentials",
-            headers={"WWW-Authenticate": "Bearer"},
-        )
-    return user
+# Allow CORS (for React frontend)
+app.add_middleware(
+    CORSMiddleware,
+    allow_origins=[*DEV_TIER_ORIGINS, *PROD_TIER_ORIGINS],
+    allow_methods=["*"],
+    allow_headers=["*"],
+)


@app.get("/listing")
-async def get_listing(user: Annotated[User | None, Depends(decode_token)]):
+async def get_listing(user: Annotated[User, Depends(get_current_user)]):
    repository = ListingRepository(engine)
-    listings = await repository.get_listings()
+    listings = await repository.get_listings(limit=5)
    return {"listings": listings}