search

IndominusByte / fastapi-jwt-auth

FastAPI extension that provides JWT Auth support (secure, easy to use, and lightweight)
http://indominusbyte.github.io/fastapi-jwt-auth/
MIT License
627 stars 143 forks source link

RuntimeError : authjwt_secret_key must be set #95

Closed connieya closed 1 year ago

connieya commented 1 year ago

I try to generate access , refresh token but not working

line 92, in _get_secret_key raise RuntimeError( RuntimeError: authjwt_secret_key must be set when using symmetric algorithm HS256 in _create_token secret_key = self._get_secret_key(algorithm,"encode")

Here is my code

@router.post(
    "/auth/signin",
    summary="signin with email and password",
    status_code=status.HTTP_200_OK,
    response_model=outputs.SigninResponse
)
def signin(authorize: AuthJWT = Depends(), inputs: inputs.SignInRequest = Body(...)):
    key_condition_expression = "#email = :email"
    expression_attribute_names = { "#email": "email"}
    expression_attribute_values = { ":email": inputs.email}

    try:
        response = dynamodb.query(
            settings.USER_TABLE_NAME,
            key_condition_expression,
            "email-index",
            expression_attribute_names,
            expression_attribute_values,
        )
    except Exception as e:
        print(f"The follwing error has occurred while querying DB with {inputs.email}", e)
        raise utils.AUTH_EXCEPTION

    if len(response) != 1:
        print("There is no matching user in zai admin user table.")
        raise utils.AUTH_EXCEPTION

    item = response[0]

    true_hash_value = item["password"]
    salt = item["salt"].value

    if not utils.check_password_validity(true_hash_value, inputs.password, salt):
        raise utils.BAD_CREDENTIALS_EXCEPTION

    custom_claims = { "salt": salt}

  # Error Occurrence Point
    access_token = authorize.create_access_token(
        subject=item["id"], user_claims=custom_claims
    )
     refresh_token = Authorize.create_refresh_token(
        subject=item["id"], user_claims=custom_claims
     )

    max_age = None
    if inputs.maintain_login_state:
        max_age = 60 * 60 * 24 * 1

     Authorize.set_access_cookies(access_token, max_age=max_age)
     Authorize.set_refresh_cookies(refresh_token, max_age=max_age)

    return outputs.SigninResponse(
        id=item["id"], name=item["name"], email=inputs.email, group=item["group"]
    )