auth

noharm-ai · Nov 26, 2024 · 748e53b · 748e53b
1 parent 62eb844
commit 748e53b
Show file tree

Hide file tree

Showing 7 changed files with 82 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -59,6 +59,8 @@ CACHE_THRESHOLD=1000
 DB_QUERY=SELECT nome_paciente FROM schema.paciente WHERE id_paciente = {}
 DB_MULTI_QUERY=SELECT DISTINCT(nome_paciente), id_paciente FROM schema.paciente WHERE id_paciente IN ({})
 
+JWT_SECRET=''
+
 ```
 
 Salvar o arquivo .env e seguir com o run
@@ -75,6 +77,12 @@ docker run -d --log-opt max-size=100m --name mygetname -p 443:443 getname #deamo
 curl https://nomedocliente.getname.noharm.ai/patient-name/12345
 ```
 
+Com auth:
+
+```
+curl -H "Authorization: Bearer token" https://nomedocliente.getname.noharm.ai/patient-name/12345
+```
+
 ### 1.2. Test Multiple
 
 ```

diff --git a/app/resources/api_decorator.py b/app/resources/api_decorator.py
@@ -0,0 +1,58 @@
+import jwt
+import logging
+from functools import wraps
+from flask import request
+from flask_api import status
+from jwt.exceptions import PyJWTError, ExpiredSignatureError
+
+from resources.connections import JWT_SECRET
+
+
+def api_endpoint():
+
+    def wrapper(f):
+        @wraps(f)
+        def decorator_f(*args, **kwargs):
+            try:
+                if JWT_SECRET:
+                    auth_type, auth_token = request.headers.get(
+                        "Authorization", ""
+                    ).split()
+                    jwt.decode(
+                        jwt=auth_token,
+                        key=JWT_SECRET,
+                        algorithms="HS256",
+                        issuer="noharm",
+                    )
+
+                return f(*args, **kwargs)
+
+            except ExpiredSignatureError:
+                return {
+                    "status": "error",
+                    "message": "Token expirado",
+                }, status.HTTP_401_UNAUTHORIZED
+
+            except PyJWTError as e:
+                logging.basicConfig()
+                logger = logging.getLogger("noharm.getname")
+                logger.exception(str(e))
+
+                return {
+                    "status": "error",
+                    "message": "Erro de autenticação. Consulte os logs para mais detalhes.",
+                }, status.HTTP_401_UNAUTHORIZED
+
+            except Exception as e:
+                logging.basicConfig()
+                logger = logging.getLogger("noharm.getname")
+                logger.exception(str(e))
+
+                return {
+                    "status": "error",
+                    "message": "Erro inesperado. Consulte os logs para mais detalhes.",
+                }, status.HTTP_500_INTERNAL_SERVER_ERROR
+
+        return decorator_f
+
+    return wrapper
diff --git a/app/resources/connections.py b/app/resources/connections.py
@@ -23,6 +23,9 @@
 QUERY = os.getenv("DB_QUERY")
 MULTI_QUERY = os.getenv("DB_MULTI_QUERY")
 
+# JWT
+JWT_SECRET = os.getenv("JWT_SECRET")
+
 if TYPE == "oracle":
     url_object = (
         f"oracle+cx_oracle://{USER}:{PASS}@{HOST}:{PORT}/?service_name={DATABASE}"

diff --git a/app/routes/get_multiple_names.py b/app/routes/get_multiple_names.py
@@ -2,8 +2,10 @@
 from flask import request
 from flask_api import status
 from resources.connections import engine, MULTI_QUERY
+from resources.api_decorator import api_endpoint
 
 
+@api_endpoint()
 def get_multiple_names():
     data = request.get_json()
     ids_list = data.get("patients", [])

diff --git a/app/routes/get_name.py b/app/routes/get_name.py
@@ -2,8 +2,10 @@
 from flask_api import status
 from resources.connections import engine, QUERY
 from resources.cache import cache
+from resources.api_decorator import api_endpoint
 
 
+@api_endpoint()
 @cache.cached()
 def get_name(idPatient):
     name = None

diff --git a/app/routes/hello.py b/app/routes/hello.py
@@ -1,2 +1,9 @@
+from resources.connections import JWT_SECRET
+
+
 def hello():
-    return "NoHarm - GetName 1.1\n\nServiço de nomes habilitado! Volte para a NoHarm e use o sistema normalmente ;)\n\n"
+    version = "2.0"
+    if JWT_SECRET:
+        return f"NoHarm - GetName {version} (AUTH)\n\nServiço de nomes habilitado! Volte para a NoHarm e use o sistema normalmente ;)\n\n"
+
+    return f"NoHarm - GetName {version}\n\nServiço de nomes habilitado! Volte para a NoHarm e use o sistema normalmente ;)\n\n"
diff --git a/requirements.txt b/requirements.txt
@@ -16,3 +16,4 @@ sqlalchemy-firebird
 packaging
 uwsgi
 Werkzeug==2.3.7
+PyJWT==2.9.0