Moved .gitignore and docker files into the backend folder because these files are backend-specific. Separate .gitignore and docker files will be made for the frontend.
@hprinzo or @samrath2003 can you review these changes:
Move the auth.py file out of the auth folder because that is pretty much the only file we are storing there. I realized it's prolly best to just not have an auth folder if it's just gonna contain one file.
Removed code that we didn't really need in verify_jwt_token(). I also shortened the code in auth_middleware().
I applied auth_middleware() as a dependency on routes that need to be protected. "Dependecies" are apparently how FastAPI applies middleware for specific routes.
I didn't verify the JWT claims anymore because I realized jwt.decode() already does that for us.
I didn't modify the request route with the user's info anymore because I realized it may be better for performance to just retrieve the user's details if the endpoint really needs it. We don't need to do it for EVERY endpoint. If we need the user's info we can use the Boto3 api to get user information using the access token.
hprinzo
commented
1 month ago
@HTSagara can you review these changes:
.gitignoreand docker files into the backend folder because these files are backend-specific. Separate.gitignoreand docker files will be made for the frontend.@hprinzo or @samrath2003 can you review these changes:
auth.pyfile out of theauthfolder because that is pretty much the only file we are storing there. I realized it's prolly best to just not have anauthfolder if it's just gonna contain one file.verify_jwt_token(). I also shortened the code inauth_middleware().auth_middleware()as a dependency on routes that need to be protected. "Dependecies" are apparently how FastAPI applies middleware for specific routes.jwt.decode()already does that for us.