fix oauth scheme for climsoft

faysal-ishtiaq · isedwards · commit bd14522537bd · 2022-07-24T10:06:32.000+01:00
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -88,7 +88,7 @@ services:
       - HOST_FQDN=$HOST_FQDN
       - CLIMSOFT_AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
       - CLIMSOFT_AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY
-      - AUTH_ENABLED=false
+      - AUTH_ENABLED=true
     depends_on:
       - opencdms_surfacedb
     volumes:
diff --git a/src/opencdms_api/middleware.py b/src/opencdms_api/middleware.py
@@ -19,6 +19,7 @@
 
 
 oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/auth")
+climsoft_oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/climsoft-auth")
 
 
 def get_user(username: str) -> Optional[CurrentUserSchema]:
@@ -142,7 +143,7 @@ async def __call__(self, scope: Scope, receive: Receive, send: Send):
 
 def get_authorized_climsoft_user(
     request: Request,
-    token: str = Depends(oauth2_scheme)
+    token: str = Depends(climsoft_oauth2_scheme)
 ):
     try:
         claims = jwt.decode(token, settings.SURFACE_SECRET_KEY)
diff --git a/src/opencdms_api/router.py b/src/opencdms_api/router.py
@@ -69,10 +69,10 @@ def authenticate(
     return TokenSchema(access_token=access_token, first_name=user.first_name, last_name=user.last_name)
 
 
-@router.post("/climsoft-auth", response_model=TokenSchema)
+@router.post("/climsoft-auth", response_model=ClimsoftTokenSchema)
 def authenticate(
     payload: OAuth2PasswordRequestForm = Depends(),
-    session: Session = Depends(deps.get_climsoft_session())
+    session: Session = Depends(deps.get_climsoft_session)
 ):
     user = session.execute(sa_text(f'''
         SELECT User
@@ -87,13 +87,12 @@ def authenticate(
 
     access_token = jwt.encode(
         {
-            "sub": user[1],
+            "sub": user['User'],
             "exp": datetime.utcnow() + timedelta(hours=24),
             "token_type": "access",
-            "jti": str(uuid4()),
-            "user_id": int(user.id)
+            "jti": str(uuid4())
         },
         key=settings.SURFACE_SECRET_KEY,
     )
-    return ClimsoftTokenSchema(access_token=access_token, username=user[1])
+    return ClimsoftTokenSchema(access_token=access_token, username=user['User'])
 
