LeoVasanko/passkey-auth
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add permission check on forward-auth and validate.

Browse Source
This commit is contained in:
Leo Vasanko
2025-08-30 16:13:54 -06:00
parent 3e5c0065d5
commit cb17a332a3
3 changed files with 69 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
passkey/fastapi/api.py
View File

@@ -21,7 +21,7 @@ from ..globals import db
from ..globals import passkey as global_passkey
from ..util import tokens
from ..util.tokens import session_key
from . import session
from . import authz, session
bearer_auth = HTTPBearer(auto_error=True)
@@ -43,13 +43,17 @@ def register_api_routes(app: FastAPI):
return ctx, is_global_admin, is_org_admin
@app.post("/auth/validate")
async def validate_token(response: Response, auth=Cookie(None)):
"""Lightweight token validation endpoint."""
s = await get_session(auth)
return {
"valid": True,
"user_uuid": str(s.user_uuid),
}
async def validate_token(
response: Response, perm: str | None = None, auth=Cookie(None)
):
"""Lightweight token validation endpoint.
Query Params:
- perm: optional permission ID the caller must possess
"""
s = await authz.verify(auth, perm)
return {"valid": True, "user_uuid": str(s.user_uuid)}
@app.post("/auth/user-info")
async def api_user_info(reset: str | None = None, auth=Cookie(None)):