feat: add user_access_token (#203)

- 改一下参数
petercat-ai · Aug 16, 2024 · 2b098c0 · 2b098c0
2 parents 25f20b5 + 368307a
commit 2b098c0
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 4 deletions.
diff --git a/server/auth/get_user_info.py b/server/auth/get_user_info.py
@@ -29,7 +29,19 @@ async def getUserInfoByToken(token):
             return data
         else :
             return {}
-
+
+async def getUserAccessToken(token):
+    user_info = await getUserInfoByToken(token)
+    if user_info["id"]:
+        user_accesstoken_url = f"https://{AUTH0_DOMAIN}/api/v2/users/{user_info['id']}"
+        print(f"user_accesstoken_url={user_accesstoken_url}")
+        async with httpx.AsyncClient() as client:
+            headers = {"authorization": f"Bearer {token}"}
+            user_info_response = await client.get(user_accesstoken_url, headers=headers)
+            return user_info_response.json()
+    else:
+        return {}
+
 async def generateAnonymousUser(clientId: str):
     token = f"client|{clientId}"
     seed = clientId[:4]

diff --git a/server/routers/auth.py b/server/routers/auth.py
@@ -5,7 +5,7 @@
 import httpx
 
 from petercat_utils import get_client, get_env_variable
-from auth.get_user_info import generateAnonymousUser, getAnonymousUserInfoByToken, getUserInfoByToken
+from auth.get_user_info import generateAnonymousUser, getAnonymousUserInfoByToken, getUserAccessToken, getUserInfoByToken
 
 AUTH0_DOMAIN = get_env_variable("AUTH0_DOMAIN")
 
@@ -58,7 +58,7 @@ async def getAnonymousUser(request: Request, response: Response):
 
 @router.get("/login")
 def login():
-    redirect_uri = f"https://{AUTH0_DOMAIN}/authorize?audience={API_AUDIENCE}&response_type=code&client_id={CLIENT_ID}&redirect_uri={CALLBACK_URL}&scope=openid profile email&state=STATE"
+    redirect_uri = f"https://{AUTH0_DOMAIN}/authorize?audience={API_AUDIENCE}&response_type=code&client_id={CLIENT_ID}&redirect_uri={CALLBACK_URL}&scope=openid+profile+email+read%3Ausers+read%3Auser_idp_tokens&state=STATE"
     return RedirectResponse(redirect_uri)
 
 @router.get("/callback")
@@ -75,7 +75,7 @@ async def callback(request: Request, response: Response):
     supabase.table("profiles").upsert(data).execute()
     print(f"auth_callback: {data}")
     response = RedirectResponse(url=f'{WEB_URL}', status_code=302)
-    response.set_cookie(key="petercat_user_token", value=token, httponly=True, secure=True, samesite='Lax')
+    response.set_cookie(key="petercat_user_token", value=token, httponly=True, secure=False, samesite='Lax')
 
     return response
 
@@ -93,6 +93,10 @@ async def userinfo(request: Request, response: Response, petercat_user_token: An
     else:
         return RedirectResponse(url=LOGIN_URL, status_code=303)
 
+@router.get("/user_access_token")
+async def userinfo(petercat_user_token: Annotated[str | None, Cookie()] = None):
+    print(f"petercat_user_token: {petercat_user_token}")
+    return await getUserAccessToken(petercat_user_token)
 
 @router.get("/get_user_id")
 async def get_user_id(user_id: str = Cookie(None)):