implement token generation endpoint

2025-12-22 17:16:27 +01:00 · 2025-03-30 18:15:51 +02:00 · 2025-03-30 18:15:51 +02:00 · b1d7363e81
commit b1d7363e81
parent 7f24ba04da
6 changed files with 64 additions and 8 deletions
--- a/webservice/webservice.py
+++ b/webservice/webservice.py
@ -2,18 +2,20 @@
 # INP21b - Timo Weber & Michael von Ah

 ################ IMPORTS ################
-from fastapi import FastAPI, Depends, HTTPException, Header
+from fastapi import FastAPI, Depends, HTTPException, Header, Body
 from sqlmodel import Session
-from dbfunctions import save_sensor_data, get_client_id_by_name, validate_token_with_access, engine
-from models import SensorDataIn, SensorData, MessageOnly 
+from dbfunctions import save_sensor_data, get_client_id_by_name, validate_token_with_access, engine, save_token_to_db
+from models import SensorDataIn, SensorData, MessageOnly, User, TokenResponse, Session as SessionModel
+from datetime import datetime, timedelta
+from crypto import hash_password, generate_new_token
 

 ################ API ################
 app = FastAPI(
-    title="M241-M245-BBZW-Horizon",
+    title="BBZW-Horizon",
    description="BBZW-Horizon",
    summary="BBZW-Horizon",
-    version="0.0.1"
+    version="0.0.2"
 )

 # DB Session
@ -51,4 +53,32 @@ async def saveNewSensorData(

        return MessageOnly(message="Sensor data saved successfully.")
    except Exception as error:
-        raise HTTPException(status_code=500, detail=str(error))
+        raise HTTPException(status_code=500, detail=str(error))
+    
+@app.post("/user/new-session", response_model=TokenResponse, tags=["auth"])
+async def generate_token(
+    username: str = Body(...),
+    password: str = Body(...),
+    db: Session = Depends(get_db),
+):
+    # Überprüfe, ob der Benutzer existiert
+    user = db.query(User).filter(User.name == username).first()
+    if not user:
+        raise HTTPException(status_code=404, detail="User not found")
+
+    # Überprüfe das Passwort
+    if user.password != hash_password(password):
+        raise HTTPException(status_code=401, detail="Incorrect password")
+
+    # Erstelle einen neuen Token
+    new_token = generate_new_token()  # Generiere den Token
+    valid_until = datetime.now() + timedelta(days=30)  # Setze das Datum auf 30 Tage in der Zukunft
+
+    # Speichere den neuen Token in der Datenbank
+    new_session = SessionModel(token=new_token, validuntil=valid_until, userid=user.id)
+    db.add(new_session)
+    db.commit()
+    db.refresh(new_session)
+
+    # Rückgabe des Tokens und des Ablaufdatums
+    return TokenResponse(token=new_token, validuntil=valid_until)