Nuevos cambios de la implementacion token interno de dolibarr a los microservicios

2026-03-18 09:05:13 -05:00
parent af07bbc36b
commit 9d2ce346fe
5 changed files with 52 additions and 5 deletions
--- a/Back_comercial_iko/app/comercial/Main_comercial.py
+++ b/Back_comercial_iko/app/comercial/Main_comercial.py
@@ -1,16 +1,17 @@
-from fastapi import APIRouter
+from fastapi import APIRouter, Depends
 from Back_comercial_iko.services.Comercial_service import ComercialService
 from Back_comercial_iko.core.Response import ApiResponse
 from Back_comercial_iko.core.HttpStatus import HttpStatus
+from Back_comercial_iko.core.AuthTokenDoli import TokenDoliManager


 router = APIRouter(prefix="/comercial", tags=["Comercial"])

@router.post("/create-project")
-def create_project(data: dict):
+def create_project(data: dict, token_data: dict = Depends(TokenDoliManager.verify_header)):
    try:
        service = ComercialService()
        result = service.create_project_commercial(data)
-        return ApiResponse.success(result,"Proyecto creado",HttpStatus.CREATED)
+        return ApiResponse.success(result, "Proyecto creado", HttpStatus.CREATED)
    except Exception as e:
-        return ApiResponse.error(str(e),HttpStatus.NOT_FOUND)
+        return ApiResponse.error(str(e), HttpStatus.NOT_FOUND)
--- a/Back_comercial_iko/core/Auth.py
+++ b/Back_comercial_iko/core/Auth.py
@@ -1,7 +1,7 @@
 import jwt
 from datetime import datetime, timedelta
 from typing import Dict, Any
-from core.Config import settings
+from Back_comercial_iko.core.Config import settings


 class TokenManager:
--- a/Back_comercial_iko/core/AuthTokenDoli.py
+++ b/Back_comercial_iko/core/AuthTokenDoli.py
@@ -0,0 +1,45 @@
+import base64
+import hashlib
+import hmac
+import json
+import time
+from typing import Dict, Any
+from fastapi import Header, HTTPException, Depends
+from Back_comercial_iko.core.Config import settings
+
+class TokenDoliManager:
+    """
+    Manages the generation and validation of Dolibarr session tokens.
+    """
+
+    @classmethod
+    def verify(cls, token: str) -> Dict[str, Any]:
+        try:
+            payload_b64, signature = token.split(".")
+
+            expected_signature = hmac.new(
+                settings.token_secret_key.encode(),
+                payload_b64.encode(),
+                hashlib.sha256
+            ).hexdigest()
+
+            if not hmac.compare_digest(signature, expected_signature):
+                raise ValueError("Firma inválida")
+
+            payload_json = base64.b64decode(payload_b64 + "===").decode()
+            payload = json.loads(payload_json)
+
+            if payload["exp"] < time.time():
+                raise ValueError("Token expirado")
+
+            return payload
+
+        except Exception:
+            raise ValueError("Token inválido")
+
+    @classmethod
+    def verify_header(cls, token: str = Header(...)) -> Dict[str, Any]:
+        try:
+            return cls.verify(token)
+        except ValueError as e:
+            raise HTTPException(status_code=401, detail=str(e))
--- a/Back_comercial_iko/core/Response.py
+++ b/Back_comercial_iko/core/Response.py
@@ -16,6 +16,7 @@ class ApiResponse:
            status_code=status_code,
            content={
                "success": True,
+                "status_code": status_code,
                "message": message,
                "data": data
            }
--- a/Back_comercial_iko/requirements.txt
+++ b/Back_comercial_iko/requirements.txt
@@ -1,20 +0,0 @@
-annotated-doc==0.0.4
-annotated-types==0.7.0
-anyio==4.12.1
-click==8.3.1
-colorama==0.4.6
-fastapi==0.135.1
-greenlet==3.3.2
-h11==0.16.0
-idna==3.11
-pydantic==2.12.5
-pydantic-settings==2.13.1
-pydantic_core==2.41.5
-PyJWT==2.12.1
-PyMySQL==1.1.2
-python-dotenv==1.2.2
-SQLAlchemy==2.0.48
-starlette==0.52.1
-typing-inspection==0.4.2
-typing_extensions==4.15.0
-uvicorn==0.42.0