поделал сайт, сделал orm-модели, requirements.txt

functions/admin/templates/log.py

@@ -0,0 +1,10 @@
+from fastapi import Request, Depends, responses, HTTPException
+from functions.admin import get_log, is_logged_in
+
+async def log(templates, request: Request, log_id: int, logged_in: bool = Depends(is_logged_in.is_logged_in)):
+    if logged_in:
+        if not get_log.get_log(log_id):
+            raise HTTPException(status_code=400)
+        return templates.TemplateResponse("log.html", {"request": request, "log": get_log.get_log(log_id)})
+    else:
+        return responses.RedirectResponse(url=f"/refresh?source=/logs/{log_id}", status_code=303)

functions/admin/templates/logins.py

@@ -0,0 +1,25 @@
+from fastapi import Form, Depends, responses, HTTPException
+from functions.admin.models import database, user, token
+import jwt
+from datetime import datetime, timedelta
+
+
+async def logins(username: str = Form(...), password: str = Form(...), db=Depends(database.get_db)):
+    # username = "Dmitrium12"
+    response = db.query(user.User).filter(user.User.username == username).first()
+    if not response or not response.check_password(password):
+        raise HTTPException(status_code=400, detail="Неправильное имя пользователя или пароль")
+    access_token_expires = datetime.utcnow() + timedelta(minutes=15)
+    access_token_payload = {"sub": response.username, "exp": access_token_expires}
+    access_token = jwt.encode(access_token_payload, "secret", algorithm="HS256")
+    refresh_token_expires = datetime.utcnow() + timedelta(days=7)
+    refresh_token_payload = {"sub": response.username, "exp": refresh_token_expires}
+    refresh_token = jwt.encode(refresh_token_payload, "secret", algorithm="HS256")
+    db_token = token.Token(access_token=access_token, refresh_token=refresh_token, user=response)
+    db.add(db_token)
+    db.commit()
+    response = responses.RedirectResponse(url="/logs", status_code=303)
+    response.set_cookie(key="access_token", value=access_token, expires=int(access_token_expires.timestamp()))
+    response.set_cookie(key="refresh_token", value=refresh_token,
+                        expires=int(refresh_token_expires.timestamp()))
+    return response

functions/admin/templates/logs.py

@@ -0,0 +1,8 @@
+from fastapi import Request, Depends, responses
+from functions.admin import get_logs, is_logged_in
+
+async def logs(templates, request: Request, logged_in: bool = Depends(is_logged_in.is_logged_in)):
+    if logged_in:
+        return templates.TemplateResponse("logs.html", {"request": request, "logs": get_logs.get_logs()})
+    else:
+        return responses.RedirectResponse(url="/refresh?source=/logs", status_code=303)

functions/admin/templates/refresh.py

@@ -0,0 +1,31 @@
+from fastapi import Request, Depends, Cookie, responses
+from functions.admin.models import database, user, token
+import jwt
+from datetime import datetime, timedelta
+
+async def refresh_access_token(req: Request, refresh_token: str = Cookie(None), db=Depends(database.get_db)):
+    request_args = dict(req.query_params)
+    try:
+        refresh_token_payload = jwt.decode(refresh_token, "secret", algorithms=["HS256"])
+    except jwt.exceptions.DecodeError:
+        return responses.RedirectResponse(url="/login", status_code=303)
+    response = db.query(user.User).filter(user.User.username == refresh_token_payload["sub"]).first()
+    if not response:
+        return responses.RedirectResponse(url="/login", status_code=303)
+    access_token_expires = datetime.utcnow() + timedelta(minutes=15)
+    access_token_payload = {"sub": response.username, "exp": access_token_expires}
+    access_token = jwt.encode(access_token_payload, "secret", algorithm="HS256")
+    db.query(token.Token).filter(token.Token.refresh_token == refresh_token).update({
+        token.Token.access_token: access_token,
+    })
+    db.commit()
+    if request_args:
+        response = responses.RedirectResponse(url=request_args["source"], status_code=303)
+    else:
+        response = responses.RedirectResponse(url="/", status_code=303)
+    response.set_cookie(
+        key="access_token",
+        value=access_token,
+        expires=int(access_token_expires.timestamp())
+    )
+    return response