mouredev
diff --git a/‎Backend/FastAPI/__pycache__/main.cpython-310.pyc‎
124 Bytes b/‎Backend/FastAPI/__pycache__/main.cpython-310.pyc‎
124 Bytes
diff --git a/‎Backend/FastAPI/main.py‎
Lines changed: 4 additions & 0 deletions b/‎Backend/FastAPI/main.py‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎Backend/FastAPI/routers/__pycache__/basic_auth_users.cpython-310.pyc‎
2.32 KB b/‎Backend/FastAPI/routers/__pycache__/basic_auth_users.cpython-310.pyc‎
2.32 KB
diff --git a/‎Backend/FastAPI/routers/__pycache__/jwt_auth_users.cpython-310.pyc‎
3.13 KB b/‎Backend/FastAPI/routers/__pycache__/jwt_auth_users.cpython-310.pyc‎
3.13 KB
diff --git a/‎Backend/FastAPI/routers/__pycache__/products.cpython-310.pyc‎
0 Bytes b/‎Backend/FastAPI/routers/__pycache__/products.cpython-310.pyc‎
0 Bytes
diff --git a/‎Backend/FastAPI/routers/__pycache__/users.cpython-310.pyc‎
0 Bytes b/‎Backend/FastAPI/routers/__pycache__/users.cpython-310.pyc‎
0 Bytes
diff --git a/‎Backend/FastAPI/routers/basic_auth_users.py‎
Lines changed: 86 additions & 0 deletions b/‎Backend/FastAPI/routers/basic_auth_users.py‎
Lines changed: 86 additions & 0 deletions
diff --git a/‎Backend/FastAPI/routers/jwt_auth_users.py‎
Lines changed: 110 additions & 0 deletions b/‎Backend/FastAPI/routers/jwt_auth_users.py‎
Lines changed: 110 additions & 0 deletions
diff --git a/‎Backend/FastAPI/static/images/python.jpg‎
4.37 MB b/‎Backend/FastAPI/static/images/python.jpg‎
4.37 MB
diff --git a/‎README.md‎
Lines changed: 3 additions & 2 deletions b/‎README.md‎
Lines changed: 3 additions & 2 deletions
@@ -8,13 +8,17 @@
 
 from fastapi import FastAPI
 from routers import products, users
+from fastapi.staticfiles import StaticFiles
 
 app = FastAPI()
 
 # Routers - Clase en vídeo (08/12/2022): https://www.twitch.tv/videos/1673759045
 app.include_router(products.router)
 app.include_router(users.router)
 
+# Recursos estáticos - Clase en vídeo (14/12/2022): https://www.twitch.tv/videos/1679022882
+app.mount("/static", StaticFiles(directory="static"), name="static")
+
 
 # Url local: http://127.0.0.1:8000
 
 
@@ -0,0 +1,86 @@
+# Clase en vídeo (14/12/2022): https://www.twitch.tv/videos/1679022882
+
+### Users API con autorización OAuth2 básica ###
+
+from fastapi import FastAPI, Depends, HTTPException, status
+from pydantic import BaseModel
+from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
+
+app = FastAPI()
+
+oauth2 = OAuth2PasswordBearer(tokenUrl="login")
+
+
+class User(BaseModel):
+    username: str
+    full_name: str
+    email: str
+    disabled: bool
+
+
+class UserDB(User):
+    password: str
+
+
+users_db = {
+    "mouredev": {
+        "username": "mouredev",
+        "full_name": "Brais Moure",
+        "email": "braismoure@mourede.com",
+        "disabled": False,
+        "password": "123456"
+    },
+    "mouredev2": {
+        "username": "mouredev2",
+        "full_name": "Brais Moure 2",
+        "email": "braismoure2@mourede.com",
+        "disabled": True,
+        "password": "654321"
+    }
+}
+
+
+def search_user_db(username: str):
+    if username in users_db:
+        return UserDB(**users_db[username])
+
+
+def search_user(username: str):
+    if username in users_db:
+        return User(**users_db[username])
+
+
+async def current_user(token: str = Depends(oauth2)):
+    user = search_user(token)
+    if not user:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Credenciales de autenticación inválidas",
+            headers={"WWW-Authenticate": "Bearer"})
+
+    if user.disabled:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Usuario inactivo")
+
+    return user
+
+
+@app.post("/login")
+async def login(form: OAuth2PasswordRequestForm = Depends()):
+    user_db = users_db.get(form.username)
+    if not user_db:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST, detail="El usuario no es correcto")
+
+    user = search_user_db(form.username)
+    if not form.password == user.password:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST, detail="La contraseña no es correcta")
+
+    return {"access_token": user.username, "token_type": "bearer"}
+
+
+@app.get("/users/me")
+async def me(user: User = Depends(current_user)):
+    return user
@@ -0,0 +1,110 @@
+# Clase en vídeo (14/12/2022): https://www.twitch.tv/videos/1679022882
+
+### Users API con autorización OAuth2 JWT ###
+
+from fastapi import FastAPI, Depends, HTTPException, status
+from pydantic import BaseModel
+from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
+from jose import jwt, JWTError
+from passlib.context import CryptContext
+from datetime import datetime, timedelta
+
+ALGORITHM = "HS256"
+ACCESS_TOKEN_DURATION = 1
+SECRET = "201d573bd7d1344d3a3bfce1550b69102fd11be3db6d379508b6cccc58ea230b"
+
+app = FastAPI()
+
+oauth2 = OAuth2PasswordBearer(tokenUrl="login")
+
+crypt = CryptContext(schemes=["bcrypt"])
+
+
+class User(BaseModel):
+    username: str
+    full_name: str
+    email: str
+    disabled: bool
+
+
+class UserDB(User):
+    password: str
+
+
+users_db = {
+    "mouredev": {
+        "username": "mouredev",
+        "full_name": "Brais Moure",
+        "email": "braismoure@mourede.com",
+        "disabled": False,
+        "password": "$2a$12$B2Gq.Dps1WYf2t57eiIKjO4DXC3IUMUXISJF62bSRiFfqMdOI2Xa6"
+    },
+    "mouredev2": {
+        "username": "mouredev2",
+        "full_name": "Brais Moure 2",
+        "email": "braismoure2@mourede.com",
+        "disabled": True,
+        "password": "$2a$12$SduE7dE.i3/ygwd0Kol8bOFvEABaoOOlC8JsCSr6wpwB4zl5STU4S"
+    }
+}
+
+
+def search_user_db(username: str):
+    if username in users_db:
+        return UserDB(**users_db[username])
+
+
+def search_user(username: str):
+    if username in users_db:
+        return User(**users_db[username])
+
+
+async def auth_user(token: str = Depends(oauth2)):
+
+    exception = HTTPException(
+        status_code=status.HTTP_401_UNAUTHORIZED,
+        detail="Credenciales de autenticación inválidas",
+        headers={"WWW-Authenticate": "Bearer"})
+
+    try:
+        username = jwt.decode(token, SECRET, algorithms=[ALGORITHM]).get("sub")
+        if username is None:
+            raise exception
+
+    except JWTError:
+        raise exception
+
+    return search_user(username)
+
+
+async def current_user(user: User = Depends(auth_user)):
+    if user.disabled:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Usuario inactivo")
+
+    return user
+
+
+@app.post("/login")
+async def login(form: OAuth2PasswordRequestForm = Depends()):
+    user_db = users_db.get(form.username)
+    if not user_db:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST, detail="El usuario no es correcto")
+
+    user = search_user_db(form.username)
+
+    if not crypt.verify(form.password, user.password):
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST, detail="La contraseña no es correcta")
+
+    access_token = {"sub": user.username,
+                    "exp": datetime.utcnow() + timedelta(minutes=ACCESS_TOKEN_DURATION)}
+
+    return {"access_token": jwt.encode(access_token, SECRET, algorithm=ALGORITHM), "token_type": "bearer"}
+
+
+@app.get("/users/me")
+async def me(user: User = Depends(current_user)):
+    return user
@@ -20,9 +20,9 @@
 > * Base de datos
 > * Despliegue en servidor
 > 
-> **🔴 SIGUIENTE CLASE: Miércoles 14 de Diciembre a las 20:00 (hora España)**
+> **🔴 SIGUIENTE CLASE: Jueves 22 de Diciembre a las 20:00 (hora España)**
 
-> 🗓 En [Discord](https://discord.gg/mouredev) tienes creado un [evento](https://discord.gg/mouredev?event=1051412181721305158) para que consultes la hora de tu país y añadas un recordatorio.
+> 🗓 En [Discord](https://discord.gg/mouredev) tienes creado un [evento](https://discord.gg/mouredev?event=1052999245826883626) para que consultes la hora de tu país y añadas un recordatorio.
 > 
 > Mientras, aprovecha para practicar unos [retos de programación](https://retosdeprogramacion.com/semanales2022) y así ir mejorando poco a poco.
 > 
@@ -41,6 +41,7 @@ Curso en el que aprenderemos a utilizar Python para backend e implementaremos un
 * [Clase 1 - 24/11/2022 - Hola Mundo en FastAPI](https://www.twitch.tv/videos/1661716599)
 * [Clase 2 - 01/12/2022 - Operaciones con GET y peticiones HTTP](https://www.twitch.tv/videos/1667582141)
 * [Clase 3 - 08/12/2022 - Operaciones con POST, PUT, DELETE, códigos HTTP y Routers](https://www.twitch.tv/videos/1673759045)
+* [Clase 4 - 14/12/2022 - Recursos estáticos y Autorización OAuth2](https://www.twitch.tv/videos/1679022882) 
 
 ### Curso de fundamentos desde cero
Original file line number	Diff line number	Diff line change
`@@ -20,9 +20,9 @@`
`20`	`20`	`> * Base de datos`
`21`	`21`	`> * Despliegue en servidor`
`22`	`22`	`>`
`23`		`-> 🔴 SIGUIENTE CLASE: Miércoles 14 de Diciembre a las 20:00 (hora España)`
	`23`	`+> 🔴 SIGUIENTE CLASE: Jueves 22 de Diciembre a las 20:00 (hora España)`
`24`	`24`
`25`		`-> 🗓 En [Discord](https://discord.gg/mouredev) tienes creado un [evento](https://discord.gg/mouredev?event=1051412181721305158) para que consultes la hora de tu país y añadas un recordatorio.`
	`25`	`+> 🗓 En [Discord](https://discord.gg/mouredev) tienes creado un [evento](https://discord.gg/mouredev?event=1052999245826883626) para que consultes la hora de tu país y añadas un recordatorio.`
`26`	`26`	`>`
`27`	`27`	`> Mientras, aprovecha para practicar unos [retos de programación](https://retosdeprogramacion.com/semanales2022) y así ir mejorando poco a poco.`
`28`	`28`	`>`
`@@ -41,6 +41,7 @@ Curso en el que aprenderemos a utilizar Python para backend e implementaremos un`
`41`	`41`	`* [Clase 1 - 24/11/2022 - Hola Mundo en FastAPI](https://www.twitch.tv/videos/1661716599)`
`42`	`42`	`* [Clase 2 - 01/12/2022 - Operaciones con GET y peticiones HTTP](https://www.twitch.tv/videos/1667582141)`
`43`	`43`	`* [Clase 3 - 08/12/2022 - Operaciones con POST, PUT, DELETE, códigos HTTP y Routers](https://www.twitch.tv/videos/1673759045)`
	`44`	`+* [Clase 4 - 14/12/2022 - Recursos estáticos y Autorización OAuth2](https://www.twitch.tv/videos/1679022882)`
`44`	`45`
`45`	`46`	`### Curso de fundamentos desde cero`
`46`	`47`