From 06ac295e17fba4ea6c55b75284d3fdf567d4aaff Mon Sep 17 00:00:00 2001
From: Guillem Borrell <borrell.guillem@bcg.com>
Date: Mon, 27 May 2024 10:02:55 +0200
Subject: [PATCH] Trying to get authentication right

---
 requirements.in                       |  2 ++
 requirements.txt                      |  7 +++++++
 src/hellocomputer/config.py           |  1 +
 src/hellocomputer/routers/sessions.py | 17 ++++++++++++++---
 src/hellocomputer/security.py         |  3 +++
 5 files changed, 27 insertions(+), 3 deletions(-)
 create mode 100644 src/hellocomputer/security.py

diff --git a/requirements.in b/requirements.in
index dead4cb..0100067 100644
--- a/requirements.in
+++ b/requirements.in
@@ -6,3 +6,5 @@ pydantic-settings
 s3fs
 aiofiles
 duckdb
+pyjwt[crypto]
+python-multipart
\ No newline at end of file
diff --git a/requirements.txt b/requirements.txt
index fb7a708..08b6359 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -30,12 +30,16 @@ certifi==2024.2.2
     #   httpcore
     #   httpx
     #   requests
+cffi==1.16.0
+    # via cryptography
 charset-normalizer==3.3.2
     # via requests
 click==8.1.7
     # via
     #   typer
     #   uvicorn
+cryptography==42.0.7
+    # via pyjwt
 dataclasses-json==0.6.6
     # via langchain-community
 distro==1.9.0
@@ -123,6 +127,8 @@ packaging==23.2
     # via
     #   langchain-core
     #   marshmallow
+pycparser==2.22
+    # via cffi
 pydantic==2.7.1
     # via
     #   fastapi
@@ -136,6 +142,7 @@ pydantic-core==2.18.2
 pydantic-settings==2.2.1
 pygments==2.18.0
     # via rich
+pyjwt==2.8.0
 python-dateutil==2.9.0.post0
     # via botocore
 python-dotenv==1.0.1
diff --git a/src/hellocomputer/config.py b/src/hellocomputer/config.py
index 51feb0c..f6c0ef6 100644
--- a/src/hellocomputer/config.py
+++ b/src/hellocomputer/config.py
@@ -6,6 +6,7 @@ class Settings(BaseSettings):
     gcs_access: str = "access"
     gcs_secret: str = "secret"
     gcs_bucketname: str = "bucket"
+    auth: bool = False
 
     model_config = SettingsConfigDict(env_file=".env")
 
diff --git a/src/hellocomputer/routers/sessions.py b/src/hellocomputer/routers/sessions.py
index 0f41958..381f919 100644
--- a/src/hellocomputer/routers/sessions.py
+++ b/src/hellocomputer/routers/sessions.py
@@ -1,13 +1,24 @@
 from uuid import uuid4
-
-from fastapi import APIRouter
+from typing import Annotated
+from fastapi import APIRouter, Depends
 from fastapi.responses import PlainTextResponse
 
+from ..config import settings
+from ..security import oauth2_scheme
+# Scheme for the Authorization header
+
 router = APIRouter()
 
 
+if settings.auth:
+
+    @router.get("/token")
+    async def get_token() -> str:
+        return str(uuid4())
+
+
 @router.get("/new_session")
-async def get_new_session() -> str:
+async def get_new_session(token: Annotated[str, Depends(oauth2_scheme)]) -> str:
     return str(uuid4())
 
 
diff --git a/src/hellocomputer/security.py b/src/hellocomputer/security.py
new file mode 100644
index 0000000..5fa38a6
--- /dev/null
+++ b/src/hellocomputer/security.py
@@ -0,0 +1,3 @@
+from fastapi.security import OAuth2PasswordBearer
+
+oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")