first commit

Author: pupba

.gitignore

@@ -0,0 +1,9 @@
+*.png
+*.jpg
+*.jpeg
+*.gif
+*.sqlite
+*.json
+.DS_Store
+__pycache__
+sqlite3_db_for_window

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Pupbani
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,116 @@
+# 🔒 Auth Center
+
+## Skills
+<img src="https://img.shields.io/badge/Python-3.11.0-FFD43B?style=for-the-badge&logo=python&logoColor=blue" /> 
+<img src="https://img.shields.io/badge/fastapi-109989?style=for-the-badge&logo=FASTAPI&logoColor=white" /> 
+<img src="https://img.shields.io/badge/JWT-000000?style=for-the-badge&logo=JSON%20web%20tokens&logoColor=white" />
+<img src="    https://img.shields.io/badge/Sqlite-003B57?style=for-the-badge&logo=sqlite&logoColor=white" /> 
+
+## 기능
+1. 사용자 인증
+    - 사용자의 계정 인증을 위한 DB
+
+2. API Key 발급 및 인증
+    - 사용자 계정별 API Key를 저장
+
+## 실행 방법
+1. 의존성 설치
+    ```bash
+    conda create --yes -n <your-env-name> python=3.11.0
+    conda activate <your-env-name>
+    pip install -r requirements.txt
+    ```
+2. 실행 
+``
+python -m auth_server
+python3 -m auth_server
+``
+3. 테스트
+``
+python -m test
+python3 -m test
+``
+
+# Endpoint
+
+## /login
+- **URL**: `/login`
+- **Method**: `POST`
+- **요청 본문**:
+  - `application/x-www-form-urlencoded`
+    - `username`: 사용자 이름 (필수)
+    - `password`: 비밀번호 (필수)
+    - `grant_type`: (선택) "password" 또는 null
+    - `scope`: (선택) 기본값은 빈 문자열
+    - `client_id`: (선택) 문자열 또는 null
+    - `client_secret`: (선택) 문자열 또는 null
+
+- **응답**:
+  - **200 OK**: 로그인 성공
+    - 응답 본문:
+      ```json
+      {
+        "username": "사용자 이름",
+        "token": "토큰" // null일 수 있음
+      }
+      ```
+  - **422 Unprocessable Entity**: 유효성 검사 오류
+    - 응답 본문:
+      ```json
+      {
+        "detail": [
+          {
+            "loc": ["위치"],
+            "msg": "메시지",
+            "type": "오류 유형"
+          }
+        ]
+      }
+      ```
+
+## /get-api-key
+- **URL**: `/get-api-key`
+- **Method**: `GET`
+- **보안**: OAuth2 인증 필요
+
+- **응답**:
+  - **200 OK**: API 키 가져오기 성공
+    - 응답 본문:
+      ```json
+      {
+        "username": "사용자 이름",
+        "apikey": "API 키" // null일 수 있음
+      }
+      ```
+## /auth-api-key
+- **URL**: `/auth-api-key`
+- **Method**: `POST`
+- **요청 본문**:
+  - `application/x-www-form-urlencoded`
+    - `username`: 사용자 이름 (필수)
+    - `api_key`: API 키 (필수)
+
+- **응답**:
+  - **200 OK**: API 키 인증 성공
+    - 응답 본문:
+      ```json
+      {
+        "username": "사용자 이름",
+        "apikey": "API 키",
+        "success": true
+      }
+      ```
+  - **422 Unprocessable Entity**: 유효성 검사 오류
+    - 응답 본문:
+      ```json
+      {
+        "detail": [
+          {
+            "loc": ["위치"],
+            "msg": "메시지",
+            "type": "오류 유형"
+          }
+        ]
+      }
+      ```
+

auth_server.py

@@ -0,0 +1,22 @@
+# JWT 인증을 위한 서버
+from fastapi import FastAPI
+from modules.routers import auth,apikey
+from fastapi.middleware.cors import CORSMiddleware
+import uvicorn
+
+app = FastAPI(title="🔒 Auth Center Server")
+# CORS 설정
+app.add_middleware(
+    CORSMiddleware,
+    allow_origins=["*"],  # 모든 도메인 허용 (필요에 따라 수정)
+    allow_credentials=True,
+    allow_methods=["*"],
+    allow_headers=["*"],
+)
+
+app.include_router(auth.router,tags=['Auth'])
+app.include_router(apikey.router,tags=['APIKey'])
+
+
+if __name__ == "__main__":
+    uvicorn.run(app=app,host="0.0.0.0",port=7777)

db/console.py

@@ -0,0 +1,20 @@
+from sqlalchemy import create_engine
+from db.models import User, APIKey
+from sqlalchemy.orm import sessionmaker
+import os
+
+def getSession(URL:str="sqlite:///"):
+    if "sqlite" in URL:
+        temp = os.path.abspath("sqlite3_db_for_window/auth_center.sqlite")
+        URL += temp
+    engine = create_engine(URL)
+    # Table Set
+    User.metadata.create_all(engine)
+    APIKey.metadata.create_all(engine)
+    # # seesion
+    Session = sessionmaker(bind=engine)
+    session = Session()
+    return session
+
+if __name__ =="__main__":
+    cur = getSession()

db/crud.py

@@ -0,0 +1,117 @@
+from db.models import User,APIKey
+from sqlalchemy.orm import session
+import hashlib
+from typing import Callable
+from uuid import uuid4
+
+def encryption(text:str,method:Callable=hashlib.sha256)->str:
+    hashed_data = method(text.encode()).hexdigest()
+    return str(hashed_data)[:16]
+
+# Create  User
+def add_user(session:session.Session,user:User)->bool:
+    try:
+        session.add(user)
+        # Create API Key
+        session.add(APIKey(
+            username=user.username,
+        ))
+        session.commit()
+        return True
+    except Exception as e:
+        session.rollback()
+        return False
+# User Read
+def auth_user(session:session.Session,user_id:str,password:str)->bool | str:
+    try:
+        # user_id 검사
+        user_id_hash = encryption(user_id)
+        q = session.query(User).filter_by(userid=user_id_hash).with_entities(User.password,User.username).one_or_none()
+        if q is None:
+            raise Exception("사용자 없음")
+        # password 검사
+        password_hash = encryption(password)
+        if password_hash != q[0]:
+            raise Exception("비밀번호 틀림")
+        return q[1]
+    
+    except Exception as e:
+        session.rollback()
+        return False
+    
+# API Key get
+def get_APIKey(session:session.Session,username:str)->str | bool:
+    try:
+        q = session.query(APIKey).filter_by(username=username).with_entities(APIKey.api_key).one_or_none()
+        if q is None:
+            raise Exception("APIKey 없음")
+        return q[0]
+    except Exception as e:
+        session.rollback()
+        return False
+
+# API Key auth
+def auth_APIKey(session:session.Session,api_key:str,username:str)->bool:
+    try:
+        q = session.query(APIKey).filter_by(api_key=api_key).with_entities(APIKey.username).one_or_none()
+        if q is None:
+            raise Exception("올바르지 않은 APIKey")
+        if q[0] != username:
+            raise Exception("허락되지 않은 사용자")
+        return True
+    except Exception as e:
+        session.rollback()
+        return False
+
+# Delete User and Key
+def delete_user(session:session.Session,username:str)->bool:
+    try:
+        q = session.query(User).filter_by(username=username).one_or_none()
+        if q is None:
+            raise Exception("사용자 없음")
+        
+        api_key = session.query(APIKey).filter_by(username=q.username).one_or_none()
+        
+        if api_key is None:
+            raise Exception("APIKey 없음")
+
+        session.delete(q)
+        session.delete(api_key)
+        session.commit()
+        return True
+        
+
+    except Exception as e:
+        session.rollback()
+        return False
+
+def apiKey_update_all(session:session.Session)->bool:
+    try:
+        # 모든 APIKey를 업데이트
+        q = session.query(APIKey).all()
+        if q == []:
+            raise Exception("APIKey 없음")
+        for api_key in q:
+            api_key.api_key = str(uuid4())
+
+        session.commit()
+        return True
+    
+    except Exception as e:
+        session.rollback()
+        return False
+
+if __name__ == "__main__":
+    pass
+    from db.console import getSession
+
+    cur = getSession()
+    # add_user(cur,User(
+    #     username="admin1",
+    #     userid=encryption("admin1",hashlib.sha256),
+    #     password=encryption("qwer1234!@",hashlib.sha256)
+    # ))
+    print(auth_user(cur,"admin1","qwer1234!@"))
+    # auth_APIKey(cur,"34e53889-f1f7-4415-ab87-6fac408a00ae","admin1")
+    # delete_user(cur,"admin1")
+    # apiKey_update_all(cur)

db/models.py

@@ -0,0 +1,29 @@
+from sqlalchemy import Column,Integer, String, DateTime, ForeignKey
+from sqlalchemy.ext.declarative import declarative_base
+from sqlalchemy.orm import relationship
+from datetime import datetime
+from uuid import uuid4
+
+Base = declarative_base()
+
+class User(Base):
+    __tablename__ = 'users'
+
+    username = Column(String, primary_key=True)
+    userid = Column(String, unique=True, nullable=False)
+    password = Column(String, nullable=False)
+    created_at = Column(DateTime, default=datetime.now)  # default를 datetime.utcnow로 수정
+
+    # User와 APIKey 간의 관계 설정
+    api_keys = relationship("APIKey", back_populates="user")
+
+class APIKey(Base):
+    __tablename__ = "api_key"
+
+    id = Column(Integer, primary_key=True, autoincrement=True)
+    username = Column(String, ForeignKey('users.username'), nullable=False)
+    api_key = Column(String, unique=True, default=lambda: str(uuid4()))  # default를 lambda로 수정
+    created_at = Column(DateTime, default=datetime.now)  # default를 datetime.utcnow로 수정
+
+    user = relationship("User", back_populates="api_keys")
+

modules/exception_handler.py

@@ -0,0 +1,17 @@
+from fastapi import HTTPException,status
+
+class AuthenticationFailed(HTTPException):
+    def __init__(self, detail: str = "Authentication failed"):
+        super().__init__(status_code=status.HTTP_401_UNAUTHORIZED, detail=detail)
+
+class TokenCreationFailed(HTTPException):
+    def __init__(self, detail: str = "Token creation failed"):
+        super().__init__(status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, detail=detail)
+
+class APIKeyNotFound(HTTPException):
+    def __init__(self, detail: str = "API Key not found"):
+        super().__init__(status_code=status.HTTP_404_NOT_FOUND, detail=detail)
+
+class APIKeyAuthenticationFailed(HTTPException):
+    def __init__(self, detail: str = "API Key Authentication Failed"):
+        super().__init__(status_code=status.HTTP_401_UNAUTHORIZED, detail=detail)