Trying to get authentication right

requirements.in

@@ -6,3 +6,5 @@ pydantic-settings
 s3fs
 aiofiles
 duckdb
+pyjwt[crypto]
+python-multipart

requirements.txt

@@ -30,12 +30,16 @@ certifi==2024.2.2
     #   httpcore
     #   httpx
     #   requests
+cffi==1.16.0
+    # via cryptography
 charset-normalizer==3.3.2
     # via requests
 click==8.1.7
     # via
     #   typer
     #   uvicorn
+cryptography==42.0.7
+    # via pyjwt
 dataclasses-json==0.6.6
     # via langchain-community
 distro==1.9.0
@@ -123,6 +127,8 @@ packaging==23.2
     # via
     #   langchain-core
     #   marshmallow
+pycparser==2.22
+    # via cffi
 pydantic==2.7.1
     # via
     #   fastapi
@@ -136,6 +142,7 @@ pydantic-core==2.18.2
 pydantic-settings==2.2.1
 pygments==2.18.0
     # via rich
+pyjwt==2.8.0
 python-dateutil==2.9.0.post0
     # via botocore
 python-dotenv==1.0.1

src/hellocomputer/config.py

@@ -6,6 +6,7 @@ class Settings(BaseSettings):
     gcs_access: str = "access"
     gcs_secret: str = "secret"
     gcs_bucketname: str = "bucket"
+    auth: bool = False
 
     model_config = SettingsConfigDict(env_file=".env")
 

src/hellocomputer/routers/sessions.py

@@ -1,13 +1,24 @@
 from uuid import uuid4
-
-from fastapi import APIRouter
+from typing import Annotated
+from fastapi import APIRouter, Depends
 from fastapi.responses import PlainTextResponse
 
+from ..config import settings
+from ..security import oauth2_scheme
+# Scheme for the Authorization header
+
 router = APIRouter()
 
 
+if settings.auth:
+
+    @router.get("/token")
+    async def get_token() -> str:
+        return str(uuid4())
+
+
 @router.get("/new_session")
-async def get_new_session() -> str:
+async def get_new_session(token: Annotated[str, Depends(oauth2_scheme)]) -> str:
     return str(uuid4())
 
 

src/hellocomputer/security.py

@@ -0,0 +1,3 @@
+from fastapi.security import OAuth2PasswordBearer
+
+oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")