@@ -97,30 +97,25 @@ def read_root() -> Any:
9797@app .post ("/token-from-api-key" )
9898async def access_token_from_api_key (
9999 sql_session : Annotated [Session , Depends (get_session )],
100- form_data : Annotated [OAuth2PasswordRequestForm , Depends ()],
101100 api_key_enduser_tuple : str = Security (get_api_key ),
102101) -> Token :
103102 """Generate a token from an API key."""
104103 local_session .set (sql_session )
105104
106105 user = authenticate_api_key (api_key_enduser_tuple , local_session .get ())
107- valid = check_creds (form_data .username , form_data .password )
108- logger .info (f"api_key input: { api_key_enduser_tuple } )
109- logger .info (f"user: { user } )
110- logger .info (f"valid creds: { valid } )
111106
112- if not user and not valid :
107+ if not user :
113108 raise HTTPException (
114109 status_code = status .HTTP_401_UNAUTHORIZED ,
115110 detail = "Invalid API key and credentials" ,
116111 headers = {"WWW-Authenticate" : "X-API-KEY" },
117112 )
118- email = user . email if user else form_data . username
113+
119114 access_token_expires = timedelta (
120115 minutes = int (env_vars ["ACCESS_TOKEN_EXPIRE_MINUTES" ])
121116 )
122117 access_token = create_access_token (
123- data = {"sub" : email }, expires_delta = access_token_expires
118+ data = {"sub" : user . email }, expires_delta = access_token_expires
124119 )
125120 return Token (access_token = access_token , token_type = "bearer" )
126121
0 commit comments