Initial microservices setup from artifacts

services/forecasting/shared/auth/decorators.py

@@ -0,0 +1,41 @@
+"""
+Authentication decorators for FastAPI
+"""
+
+from functools import wraps
+from fastapi import HTTPException, Depends
+from fastapi.security import HTTPBearer
+import httpx
+import logging
+
+logger = logging.getLogger(__name__)
+
+security = HTTPBearer()
+
+def verify_service_token(auth_service_url: str):
+    """Verify service token with auth service"""
+    
+    async def verify_token(token: str = Depends(security)):
+        try:
+            async with httpx.AsyncClient() as client:
+                response = await client.post(
+                    f"{auth_service_url}/verify",
+                    headers={"Authorization": f"Bearer {token.credentials}"}
+                )
+                
+                if response.status_code == 200:
+                    return response.json()
+                else:
+                    raise HTTPException(
+                        status_code=401,
+                        detail="Invalid authentication credentials"
+                    )
+                    
+        except httpx.RequestError as e:
+            logger.error(f"Auth service unavailable: {e}")
+            raise HTTPException(
+                status_code=503,
+                detail="Authentication service unavailable"
+            )
+    
+    return verify_token

services/forecasting/shared/auth/jwt_handler.py

@@ -0,0 +1,58 @@
+"""
+Shared JWT Authentication Handler
+Used across all microservices for consistent authentication
+"""
+
+import jwt
+from datetime import datetime, timedelta
+from typing import Optional, Dict, Any
+import logging
+
+logger = logging.getLogger(__name__)
+
+class JWTHandler:
+    """JWT token handling for microservices"""
+    
+    def __init__(self, secret_key: str, algorithm: str = "HS256"):
+        self.secret_key = secret_key
+        self.algorithm = algorithm
+    
+    def create_access_token(self, data: Dict[str, Any], expires_delta: Optional[timedelta] = None) -> str:
+        """Create JWT access token"""
+        to_encode = data.copy()
+        
+        if expires_delta:
+            expire = datetime.utcnow() + expires_delta
+        else:
+            expire = datetime.utcnow() + timedelta(minutes=30)
+        
+        to_encode.update({"exp": expire, "type": "access"})
+        
+        encoded_jwt = jwt.encode(to_encode, self.secret_key, algorithm=self.algorithm)
+        return encoded_jwt
+    
+    def create_refresh_token(self, data: Dict[str, Any], expires_delta: Optional[timedelta] = None) -> str:
+        """Create JWT refresh token"""
+        to_encode = data.copy()
+        
+        if expires_delta:
+            expire = datetime.utcnow() + expires_delta
+        else:
+            expire = datetime.utcnow() + timedelta(days=7)
+        
+        to_encode.update({"exp": expire, "type": "refresh"})
+        
+        encoded_jwt = jwt.encode(to_encode, self.secret_key, algorithm=self.algorithm)
+        return encoded_jwt
+    
+    def verify_token(self, token: str) -> Optional[Dict[str, Any]]:
+        """Verify and decode JWT token"""
+        try:
+            payload = jwt.decode(token, self.secret_key, algorithms=[self.algorithm])
+            return payload
+        except jwt.ExpiredSignatureError:
+            logger.warning("Token has expired")
+            return None
+        except jwt.InvalidTokenError:
+            logger.warning("Invalid token")
+            return None