core/resolvers/auth.py

from graphql import GraphQLResolveInfo
from datetime import datetime, timedelta
from transliterate import translit
from urllib.parse import quote_plus

from auth.authenticate import login_required, ResetPassword
from auth.authorize import Authorize
from auth.identity import Identity
from auth.password import Password
from auth.email import send_confirm_email, send_auth_email, send_reset_password_email
from orm import User, UserStorage, Role, UserRole
from orm.base import local_session
from resolvers.base import mutation, query
from resolvers.profile import get_user_info
from exceptions import InvalidPassword, InvalidToken

from settings import JWT_AUTH_HEADER

@mutation.field("confirmEmail")
async def confirm(*_, confirm_token):
	auth_token, user = await Authorize.confirm(confirm_token)
	if auth_token:
		user.emailConfirmed = True
		user.save()
		return { "token": auth_token, "user" : user}
	else:
		return { "error": "Email not confirmed"}


@mutation.field("registerUser")
async def register(*_, email: str, password: str = ""):
	with local_session() as session:
		user = session.query(User).filter(User.email == email).first()
	if user:
		return {"error" : "user already exist"}

	user_dict = { "email": email }
	username = email.split('@')[0]
	user_dict["username"] = username
	user_dict["slug"] = quote_plus(translit(username, 'ru', reversed=True).replace('.', '-').lower())
	if password:
		user_dict["password"] = Password.encode(password)
	user = User(**user_dict)
	user.roles.append(Role.default_role)
	with local_session() as session:
		session.add(user)
		session.commit()

	await UserStorage.add_user(user)

	if not password:
		await send_confirm_email(user)
		return { "user": user }

	token = await Authorize.authorize(user)
	return {"user": user, "token": token }

@mutation.field("requestPasswordUpdate")
async def request_password_update(_, info, email):
	with local_session() as session:
		user = session.query(User).filter(User.email == email).first()
	if not user:
		return {"error" : "user not exist"}

	await send_reset_password_email(user)

	return {}

@mutation.field("updatePassword")
async def update_password(_, info, password, token):
	try:
		user_id = await ResetPassword.verify(token)
	except InvalidToken as e:
		return {"error" : e.message}

	with local_session() as session:
		user = session.query(User).filter_by(id = user_id).first()
		if not user:
			return {"error" : "user not exist"}
		user.password = Password.encode(password)
		session.commit()

	return {}

@query.field("signIn")
async def login(_, info: GraphQLResolveInfo, email: str, password: str = ""):
	with local_session() as session:
		orm_user = session.query(User).filter(User.email == email).first()
	if orm_user is None:
		print(f"signIn {email}: invalid email")
		return {"error" : "invalid email"}

	if not password:
		print(f"signIn {email}: send auth email")
		await send_auth_email(orm_user)
		return {}

	try:
		device = info.context["request"].headers['device']
	except KeyError:
		device = "pc"
	auto_delete = False if device == "mobile" else True # why autodelete with mobile?

	try:
		user = Identity.identity(orm_user, password)
	except InvalidPassword:
		print(f"signIn {email}: invalid password")
		return {"error" : "invalid password"}
	
	token = await Authorize.authorize(user, device=device, auto_delete=auto_delete)
	print(f"signIn {email}: OK")

	return {
		"token" : token,
		"user": orm_user,
		"info": await get_user_info(orm_user.slug)
	}


@query.field("signOut")
@login_required
async def sign_out(_, info: GraphQLResolveInfo):
	token = info.context["request"].headers[JWT_AUTH_HEADER]
	status = await Authorize.revoke(token)
	return True

@query.field("isEmailFree")
async def is_email_free(_, info, email):
	with local_session() as session:
		user = session.query(User).filter(User.email == email).first()
	return user is None
wip: redis, sqlalchemy, structured, etc 2021-06-28 09:08:09 +00:00			`from graphql import GraphQLResolveInfo`
confirmEmail 2021-07-30 13:22:37 +00:00			`from datetime import datetime, timedelta`
add user slug on register 2021-10-24 10:33:45 +00:00			`from transliterate import translit`
			`from urllib.parse import quote_plus`

add reset password api 2022-01-13 12:16:35 +00:00			`from auth.authenticate import login_required, ResetPassword`
wip: redis, sqlalchemy, structured, etc 2021-06-28 09:08:09 +00:00			`from auth.authorize import Authorize`
			`from auth.identity import Identity`
			`from auth.password import Password`
add reset password api 2022-01-13 12:16:35 +00:00			`from auth.email import send_confirm_email, send_auth_email, send_reset_password_email`
default user role; updateProfile method 2021-12-08 12:51:30 +00:00			`from orm import User, UserStorage, Role, UserRole`
global session to local session 2021-08-05 16:49:08 +00:00			`from orm.base import local_session`
return value unification 2021-08-04 13:38:56 +00:00			`from resolvers.base import mutation, query`
return user info in signIn 2022-05-03 12:55:29 +00:00			`from resolvers.profile import get_user_info`
add reset password api 2022-01-13 12:16:35 +00:00			`from exceptions import InvalidPassword, InvalidToken`
wip: redis, sqlalchemy, structured, etc 2021-06-28 09:08:09 +00:00
			`from settings import JWT_AUTH_HEADER`

clear schema and no password auth wip 2021-07-30 12:53:22 +00:00			`@mutation.field("confirmEmail")`
confirmEmail 2021-07-30 13:22:37 +00:00			`async def confirm(*_, confirm_token):`
			`auth_token, user = await Authorize.confirm(confirm_token)`
			`if auth_token:`
			`user.emailConfirmed = True`
user.save() call 2021-07-30 13:24:54 +00:00			`user.save()`
return value unification 2021-08-04 13:38:56 +00:00			`return { "token": auth_token, "user" : user}`
confirmEmail 2021-07-30 13:22:37 +00:00			`else:`
return value unification 2021-08-04 13:38:56 +00:00			`return { "error": "Email not confirmed"}`
confirmEmail 2021-07-30 13:22:37 +00:00
clear schema and no password auth wip 2021-07-30 12:53:22 +00:00
register user, sign in and sign out working 2021-06-29 10:26:46 +00:00			`@mutation.field("registerUser")`
confirmEmail 2021-07-30 13:22:37 +00:00			`async def register(*_, email: str, password: str = ""):`
add user slug on register 2021-10-24 10:33:45 +00:00			`with local_session() as session:`
			`user = session.query(User).filter(User.email == email).first()`
			`if user:`
			`return {"error" : "user already exist"}`

			`user_dict = { "email": email }`
			`username = email.split('@')[0]`
			`user_dict["username"] = username`
			`user_dict["slug"] = quote_plus(translit(username, 'ru', reversed=True).replace('.', '-').lower())`
default user role; updateProfile method 2021-12-08 12:51:30 +00:00			`if password:`
			`user_dict["password"] = Password.encode(password)`
			`user = User(**user_dict)`
			`user.roles.append(Role.default_role)`
			`with local_session() as session:`
			`session.add(user)`
			`session.commit()`

			`await UserStorage.add_user(user)`

confirmEmail 2021-07-30 13:22:37 +00:00			`if not password:`
confirm and auth email 2021-08-26 09:24:46 +00:00			`await send_confirm_email(user)`
new api error handling 2021-08-01 11:40:24 +00:00			`return { "user": user }`
add UserStorage 2021-11-24 12:56:09 +00:00
			`token = await Authorize.authorize(user)`
			`return {"user": user, "token": token }`
new api error handling 2021-08-01 11:40:24 +00:00
add reset password api 2022-01-13 12:16:35 +00:00			`@mutation.field("requestPasswordUpdate")`
			`async def request_password_update(_, info, email):`
			`with local_session() as session:`
			`user = session.query(User).filter(User.email == email).first()`
			`if not user:`
			`return {"error" : "user not exist"}`

			`await send_reset_password_email(user)`

			`return {}`

			`@mutation.field("updatePassword")`
			`async def update_password(_, info, password, token):`
			`try:`
			`user_id = await ResetPassword.verify(token)`
			`except InvalidToken as e:`
			`return {"error" : e.message}`

			`with local_session() as session:`
			`user = session.query(User).filter_by(id = user_id).first()`
			`if not user:`
			`return {"error" : "user not exist"}`
			`user.password = Password.encode(password)`
			`session.commit()`

			`return {}`
wip: redis, sqlalchemy, structured, etc 2021-06-28 09:08:09 +00:00
register user, sign in and sign out working 2021-06-29 10:26:46 +00:00			`@query.field("signIn")`
signIn via email 2021-08-25 17:12:01 +00:00			`async def login(_, info: GraphQLResolveInfo, email: str, password: str = ""):`
global session to local session 2021-08-05 16:49:08 +00:00			`with local_session() as session:`
			`orm_user = session.query(User).filter(User.email == email).first()`
auth fixes 2021-07-14 14:45:31 +00:00			`if orm_user is None:`
signIn logs 2022-01-28 10:33:16 +00:00			`print(f"signIn {email}: invalid email")`
return value unification 2021-08-04 13:38:56 +00:00			`return {"error" : "invalid email"}`
auth fixes 2021-07-14 14:45:31 +00:00
signIn via email 2021-08-25 17:12:01 +00:00			`if not password:`
signIn logs 2022-01-28 10:33:16 +00:00			`print(f"signIn {email}: send auth email")`
signIn via email 2021-08-25 17:12:01 +00:00			`await send_auth_email(orm_user)`
confirm and auth email 2021-08-26 09:24:46 +00:00			`return {}`
signIn via email 2021-08-25 17:12:01 +00:00
oauth code minor changes 2021-07-13 09:15:15 +00:00			`try:`
			`device = info.context["request"].headers['device']`
			`except KeyError:`
			`device = "pc"`
auth fix 3 2021-07-30 06:59:42 +00:00			`auto_delete = False if device == "mobile" else True # why autodelete with mobile?`
new api error handling 2021-08-01 11:40:24 +00:00
			`try:`
fix signIn 2021-10-24 14:13:32 +00:00			`user = Identity.identity(orm_user, password)`
new api error handling 2021-08-01 11:40:24 +00:00			`except InvalidPassword:`
signIn logs 2022-01-28 10:33:16 +00:00			`print(f"signIn {email}: invalid password")`
return value unification 2021-08-04 13:38:56 +00:00			`return {"error" : "invalid password"}`
new api error handling 2021-08-01 11:40:24 +00:00
oauth code minor changes 2021-07-13 09:15:15 +00:00			`token = await Authorize.authorize(user, device=device, auto_delete=auto_delete)`
signIn logs 2022-01-28 10:33:16 +00:00			`print(f"signIn {email}: OK")`
return user info in signIn 2022-05-03 12:55:29 +00:00
			`return {`
			`"token" : token,`
			`"user": orm_user,`
			`"info": await get_user_info(orm_user.slug)`
			`}`
new api error handling 2021-08-01 11:40:24 +00:00
wip: redis, sqlalchemy, structured, etc 2021-06-28 09:08:09 +00:00
register user, sign in and sign out working 2021-06-29 10:26:46 +00:00			`@query.field("signOut")`
wip: redis, sqlalchemy, structured, etc 2021-06-28 09:08:09 +00:00			`@login_required`
register user, sign in and sign out working 2021-06-29 10:26:46 +00:00			`async def sign_out(_, info: GraphQLResolveInfo):`
oauth code minor changes 2021-07-13 09:15:15 +00:00			`token = info.context["request"].headers[JWT_AUTH_HEADER]`
			`status = await Authorize.revoke(token)`
origin 2021-08-09 15:45:51 +00:00			`return True`
wip: redis, sqlalchemy, structured, etc 2021-06-28 09:08:09 +00:00
auth fixes 2021-07-14 14:45:31 +00:00			`@query.field("isEmailFree")`
			`async def is_email_free(_, info, email):`
global session to local session 2021-08-05 16:49:08 +00:00			`with local_session() as session:`
			`user = session.query(User).filter(User.email == email).first()`
return value unification 2021-08-04 13:38:56 +00:00			`return user is None`