65 lines
1.7 KiB
Python
65 lines
1.7 KiB
Python
# Copyright (c) 2025 Patrick Motsch
|
|
# All rights reserved.
|
|
"""
|
|
Authentication and authorization modules for routes and services.
|
|
High-level security functionality that depends on FastAPI and interfaces.
|
|
|
|
Multi-Tenant Design:
|
|
- RequestContext: Per-request context with user, mandate, feature instance, roles
|
|
- getRequestContext: FastAPI dependency to extract context from X-Mandate-Id header
|
|
- requireSysAdmin: FastAPI dependency for system-level admin operations
|
|
"""
|
|
|
|
from .authentication import (
|
|
getCurrentUser,
|
|
limiter,
|
|
SECRET_KEY,
|
|
ALGORITHM,
|
|
cookieAuth,
|
|
RequestContext,
|
|
getRequestContext,
|
|
requireSysAdmin,
|
|
requireSysAdminRole,
|
|
)
|
|
from .jwtService import (
|
|
createAccessToken,
|
|
createRefreshToken,
|
|
setAccessTokenCookie,
|
|
setRefreshTokenCookie,
|
|
clearAccessTokenCookie,
|
|
clearRefreshTokenCookie
|
|
)
|
|
from .tokenManager import TokenManager
|
|
from .tokenRefreshService import token_refresh_service, TokenRefreshService
|
|
from .tokenRefreshMiddleware import TokenRefreshMiddleware, ProactiveTokenRefreshMiddleware
|
|
from .csrf import CSRFMiddleware
|
|
|
|
__all__ = [
|
|
# Authentication
|
|
"getCurrentUser",
|
|
"limiter",
|
|
"SECRET_KEY",
|
|
"ALGORITHM",
|
|
"cookieAuth",
|
|
# Multi-Tenant Context
|
|
"RequestContext",
|
|
"getRequestContext",
|
|
"requireSysAdmin",
|
|
"requireSysAdminRole",
|
|
# JWT Service
|
|
"createAccessToken",
|
|
"createRefreshToken",
|
|
"setAccessTokenCookie",
|
|
"setRefreshTokenCookie",
|
|
"clearAccessTokenCookie",
|
|
"clearRefreshTokenCookie",
|
|
# Token Management
|
|
"TokenManager",
|
|
"token_refresh_service",
|
|
"TokenRefreshService",
|
|
"TokenRefreshMiddleware",
|
|
"ProactiveTokenRefreshMiddleware",
|
|
# CSRF
|
|
"CSRFMiddleware",
|
|
]
|
|
|