diff --git a/server/auth/get_user_info.py b/server/auth/get_user_info.py index 9a31af9c..ecd571bd 100644 --- a/server/auth/get_user_info.py +++ b/server/auth/get_user_info.py @@ -29,7 +29,19 @@ async def getUserInfoByToken(token): return data else : return {} - + +async def getUserAccessToken(token): + user_info = await getUserInfoByToken(token) + if user_info["id"]: + user_accesstoken_url = f"https://{AUTH0_DOMAIN}/api/v2/users/{user_info['id']}" + print(f"user_accesstoken_url={user_accesstoken_url}") + async with httpx.AsyncClient() as client: + headers = {"authorization": f"Bearer {token}"} + user_info_response = await client.get(user_accesstoken_url, headers=headers) + return user_info_response.json() + else: + return {} + async def generateAnonymousUser(clientId: str): token = f"client|{clientId}" seed = clientId[:4] diff --git a/server/routers/auth.py b/server/routers/auth.py index 66b732a3..2cc9a809 100644 --- a/server/routers/auth.py +++ b/server/routers/auth.py @@ -5,7 +5,7 @@ import httpx from petercat_utils import get_client, get_env_variable -from auth.get_user_info import generateAnonymousUser, getAnonymousUserInfoByToken, getUserInfoByToken +from auth.get_user_info import generateAnonymousUser, getAnonymousUserInfoByToken, getUserAccessToken, getUserInfoByToken AUTH0_DOMAIN = get_env_variable("AUTH0_DOMAIN") @@ -58,7 +58,7 @@ async def getAnonymousUser(request: Request, response: Response): @router.get("/login") def login(): - redirect_uri = f"https://{AUTH0_DOMAIN}/authorize?audience={API_AUDIENCE}&response_type=code&client_id={CLIENT_ID}&redirect_uri={CALLBACK_URL}&scope=openid profile email&state=STATE" + redirect_uri = f"https://{AUTH0_DOMAIN}/authorize?audience={API_AUDIENCE}&response_type=code&client_id={CLIENT_ID}&redirect_uri={CALLBACK_URL}&scope=openid+profile+email+read%3Ausers+read%3Auser_idp_tokens&state=STATE" return RedirectResponse(redirect_uri) @router.get("/callback") @@ -75,7 +75,7 @@ async def callback(request: Request, response: Response): supabase.table("profiles").upsert(data).execute() print(f"auth_callback: {data}") response = RedirectResponse(url=f'{WEB_URL}', status_code=302) - response.set_cookie(key="petercat_user_token", value=token, httponly=True, secure=True, samesite='Lax') + response.set_cookie(key="petercat_user_token", value=token, httponly=True, secure=False, samesite='Lax') return response @@ -93,6 +93,10 @@ async def userinfo(request: Request, response: Response, petercat_user_token: An else: return RedirectResponse(url=LOGIN_URL, status_code=303) +@router.get("/user_access_token") +async def userinfo(petercat_user_token: Annotated[str | None, Cookie()] = None): + print(f"petercat_user_token: {petercat_user_token}") + return await getUserAccessToken(petercat_user_token) @router.get("/get_user_id") async def get_user_id(user_id: str = Cookie(None)):