Implement Phase 1: User Authentication & Database (Twitch OAuth, Login Page)

2025-11-13 17:05:16 +01:00
parent bf912deb1b
commit 382f0ec782
4 changed files with 187 additions and 0 deletions
--- a/auth.py
+++ b/auth.py
@@ -0,0 +1,79 @@
+# auth.py
+from fastapi import APIRouter, Depends
+from fastapi.responses import RedirectResponse
+from sqlalchemy.orm import Session
+import httpx
+from database import get_db, User
+
+# IMPORTANT: These must be replaced with your actual Twitch application credentials
+TWITCH_CLIENT_ID = "YOUR_TWITCH_CLIENT_ID"
+TWITCH_CLIENT_SECRET = "YOUR_TWITCH_CLIENT_SECRET"
+REDIRECT_URI = "http://localhost:8000/auth/twitch/callback"
+
+router = APIRouter()
+
+@router.get("/login/twitch")
+async def login_with_twitch():
+    # Scopes required to get user's email and channel info
+    scopes = "user:read:email"
+    auth_url = (
+        f"https://id.twitch.tv/oauth2/authorize"
+        f"?client_id={TWITCH_CLIENT_ID}"
+        f"&redirect_uri={REDIRECT_URI}"
+        f"&response_type=code"
+        f"&scope={scopes}"
+    )
+    return RedirectResponse(url=auth_url)
+
+@router.get("/auth/twitch/callback")
+async def auth_twitch_callback(code: str, db: Session = Depends(get_db)):
+    # Exchange the authorization code for an access token
+    token_url = "https://id.twitch.tv/oauth2/token"
+    token_data = {
+        "client_id": TWITCH_CLIENT_ID,
+        "client_secret": TWITCH_CLIENT_SECRET,
+        "code": code,
+        "grant_type": "authorization_code",
+        "redirect_uri": REDIRECT_URI,
+    }
+    async with httpx.AsyncClient() as client:
+        token_response = await client.post(token_url, data=token_data)
+        token_json = token_response.json()
+        access_token = token_json.get("access_token")
+        refresh_token = token_json.get("refresh_token")
+
+        if not access_token:
+            return {"error": "Could not fetch access token"}
+
+        # Get user info from Twitch API
+        user_info_url = "https://api.twitch.tv/helix/users"
+        headers = {
+            "Authorization": f"Bearer {access_token}",
+            "Client-Id": TWITCH_CLIENT_ID,
+        }
+        user_response = await client.get(user_info_url, headers=headers)
+        user_data = user_response.json()["data"][0]
+        
+        twitch_id = user_data["id"]
+        twitch_username = user_data["login"]
+
+        # Check if user exists in the database, otherwise create them
+        user = db.query(User).filter(User.twitch_id == twitch_id).first()
+        if not user:
+            user = User(
+                twitch_id=twitch_id,
+                twitch_username=twitch_username,
+                twitch_access_token=access_token, # TODO: Encrypt this
+                twitch_refresh_token=refresh_token, # TODO: Encrypt this
+            )
+            db.add(user)
+            db.commit()
+            db.refresh(user)
+        else:
+            # Update tokens for existing user
+            user.twitch_access_token = access_token # TODO: Encrypt this
+            user.twitch_refresh_token = refresh_token # TODO: Encrypt this
+            db.commit()
+
+    # TODO: Set a session cookie to keep the user logged in
+    return {"message": f"Successfully logged in as {twitch_username}"}