Implement oidc login

2025-05-30 10:57:59 +02:00
parent b491dff4b1
commit 391e310b91
39 changed files with 938 additions and 308 deletions
--- a/packages/sshecret-admin/src/sshecret_admin/frontend/dependencies.py
+++ b/packages/sshecret-admin/src/sshecret_admin/frontend/dependencies.py
@ -11,11 +11,14 @@ from fastapi import Request

 from sshecret_admin.core.dependencies import AdminDep, BaseDependencies

-from sshecret_admin.auth.models import User
+from sshecret_admin.auth.models import IdentityClaims, LocalUserInfo, User

 UserTokenDep = Callable[[Request, Session], Awaitable[User]]
-UserLoginDep = Callable[[Request, Session], Awaitable[bool]]
+LoginStatusDep = Callable[[Request], Awaitable[bool]]
 AsyncSessionDep = Callable[[], AsyncGenerator[AsyncSession, None]]
+UserInfoDep = Callable[[Request, AsyncSession], Awaitable[LocalUserInfo]]
+RefreshTokenDep = Callable[[Request], IdentityClaims]
+LoginGuardDep = Callable[[Request], Awaitable[None]]


@dataclass
@ -24,10 +27,11 @@ class FrontendDependencies(BaseDependencies):

    get_admin_backend: AdminDep
    templates: Jinja2Blocks
-    get_user_from_access_token: UserTokenDep
-    get_user_from_refresh_token: UserTokenDep
-    get_login_status: UserLoginDep
+    get_refresh_claims: RefreshTokenDep
+    get_login_status: LoginStatusDep
+    get_user_info: UserInfoDep
    get_async_session: AsyncSessionDep
+    require_login: LoginGuardDep

    @classmethod
    def create(
@ -35,10 +39,11 @@ class FrontendDependencies(BaseDependencies):
        deps: BaseDependencies,
        get_admin_backend: AdminDep,
        templates: Jinja2Blocks,
-        get_user_from_access_token: UserTokenDep,
-        get_user_from_refresh_token: UserTokenDep,
-        get_login_status: UserLoginDep,
-        get_async_session: AsyncSessionDep
+        get_refresh_claims: RefreshTokenDep,
+        get_login_status: LoginStatusDep,
+        get_user_info: UserInfoDep,
+        get_async_session: AsyncSessionDep,
+        require_login: LoginGuardDep,
    ) -> Self:
        """Create from base dependencies."""
        return cls(
@ -46,8 +51,9 @@ class FrontendDependencies(BaseDependencies):
            get_db_session=deps.get_db_session,
            get_admin_backend=get_admin_backend,
            templates=templates,
-            get_user_from_access_token=get_user_from_access_token,
-            get_user_from_refresh_token=get_user_from_refresh_token,
+            get_refresh_claims=get_refresh_claims,
            get_login_status=get_login_status,
+            get_user_info=get_user_info,
            get_async_session=get_async_session,
+            require_login=require_login,
        )