From 1b2b060b23d815ac651e7ffacd89570162d4b840 Mon Sep 17 00:00:00 2001 From: Untone Date: Wed, 10 Jan 2024 16:29:49 +0300 Subject: [PATCH] 0.2.19-fixes --- CHANGELOG.txt | 4 +++ main.py | 1 + pyproject.toml | 2 +- resolvers/reaction.py | 10 ++++--- services/auth.py | 70 ++++++++++++++++++++----------------------- 5 files changed, 44 insertions(+), 43 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 98b85ca0..cf19ce96 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -1,3 +1,7 @@ +[0.2.19] +- fix: adding 'author' role +- fix: stripping user_id in auth connector + [0.2.18] - schema: added Shout.seo string field - resolvers: added /new-author webhook resolver diff --git a/main.py b/main.py index 48e38115..f7169928 100644 --- a/main.py +++ b/main.py @@ -13,6 +13,7 @@ from starlette.applications import Starlette from starlette.routing import Route from resolvers.webhook import WebhookEndpoint +from services.auth import init_auth from services.rediscache import redis from services.schema import resolvers from settings import DEV_SERVER_PID_FILE_NAME, MODE, SENTRY_DSN diff --git a/pyproject.toml b/pyproject.toml index 6abef300..e40aecca 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "discoursio-core" -version = "0.2.18" +version = "0.2.19" description = "core module for discours.io" authors = ["discoursio devteam"] license = "MIT" diff --git a/resolvers/reaction.py b/resolvers/reaction.py index 605baf1c..79bfabbe 100644 --- a/resolvers/reaction.py +++ b/resolvers/reaction.py @@ -7,7 +7,7 @@ from sqlalchemy.orm import aliased, joinedload from orm.author import Author from orm.reaction import Reaction, ReactionKind from orm.shout import Shout, ShoutReactionsFollower -from services.auth import login_required, add_author_role +from services.auth import login_required, add_user_role from services.db import local_session from services.notify import notify_reaction from services.schema import mutation, query @@ -142,12 +142,14 @@ def check_to_hide(session, reaction): return False -def set_published(session, shout_id, approver_id): +async def set_published(session, shout_id, approver_id): s = session.query(Shout).where(Shout.id == shout_id).first() s.published_at = int(time.time()) s.published_by = approver_id s.visibility = text("public") - add_author_role(s.created_by) + author = session.query(Author).filter(Author.id == s.created_by).first() + if author: + await add_user_role(str(author.user)) session.add(s) session.commit() @@ -235,7 +237,7 @@ async def create_reaction(_, info, reaction): if check_to_hide(session, r): set_hidden(session, r.shout) elif check_to_publish(session, author.id, r): - set_published(session, r.shout, author.id) + await set_published(session, r.shout, author.id) try: reactions_follow(author.id, reaction["shout"], True) diff --git a/services/auth.py b/services/auth.py index fd55a531..c4225613 100644 --- a/services/auth.py +++ b/services/auth.py @@ -6,6 +6,25 @@ from starlette.exceptions import HTTPException from settings import AUTH_URL, AUTH_SECRET +async def request_data(gql, headers = { "Content-Type": "application/json" }): + try: + # Asynchronous HTTP request to the authentication server + async with ClientSession() as session: + async with session.post(AUTH_URL, json=gql, headers=headers) as response: + if response.status == 200: + data = await response.json() + errors = data.get("errors") + if errors: + print(f"[services.auth] errors: {errors}") + else: + return data + except Exception as e: + # Handling and logging exceptions during authentication check + print(f"[services.auth] request_data error: {e}") + return None + + + async def check_auth(req) -> str | None: token = req.headers.get("Authorization") user_id = "" @@ -14,9 +33,6 @@ async def check_auth(req) -> str | None: print(f"[services.auth] checking auth token: {token}") query_name = "validate_jwt_token" operation = "ValidateToken" - headers = { - "Content-Type": "application/json", - } variables = { "params": { "token_type": "access_token", @@ -29,52 +45,30 @@ async def check_auth(req) -> str | None: "variables": variables, "operationName": operation, } - try: - # Asynchronous HTTP request to the authentication server - async with ClientSession() as session: - async with session.post(AUTH_URL, json=gql, headers=headers) as response: - if response.status == 200: - data = await response.json() - errors = data.get("errors") - if errors: - print(f"[services.auth] errors: {errors}") - else: - user_id = data.get("data", {}).get(query_name, {}).get("claims", {}).get("sub") - return user_id - except Exception as e: - # Handling and logging exceptions during authentication check - print(f"[services.auth] {e}") + data = await request_data(gql) + if data: + user_id = data.get("data", {}).get(query_name, {}).get("claims", {}).get("sub") + return user_id if not user_id: raise HTTPException(status_code=401, detail="Unauthorized") -async def add_author_role(author_id): - print(f"[services.auth] add author role for author with id {author_id}") +async def add_user_role(user_id): + print(f"[services.auth] add author role for user_id: {user_id}") query_name = "_update_user" operation = "UpdateUserRoles" headers = {"Content-Type": "application/json", "x-authorizer-admin-secret": AUTH_SECRET} - variables = {"params": {"roles": "author, reader"}} + variables = {"params": {"roles": "author, reader", "id": user_id}} gql = { "query": f"mutation {operation}($params: UpdateUserInput!) {{ {query_name}(params: $params) {{ id roles }} }}", "variables": variables, "operationName": operation, } - try: - # Asynchronous HTTP request to the authentication server - async with ClientSession() as session: - async with session.post(AUTH_URL, json=gql, headers=headers) as response: - if response.status == 200: - data = await response.json() - errors = data.get("errors") - if errors: - print(f"[services.auth] errors: {errors}") - else: - user_id = data.get("data", {}).get(query_name, {}).get("id") - return user_id - except Exception as e: - print(f"[services.auth] {e}") - + data = await request_data(gql, headers) + if data: + user_id = data.get("data", {}).get(query_name, {}).get("id") + return user_id def login_required(f): @wraps(f) @@ -84,7 +78,7 @@ def login_required(f): req = context.get("request") user_id = await check_auth(req) if user_id: - context["user_id"] = user_id + context["user_id"] = user_id.strip() return await f(*args, **kwargs) return decorated_function @@ -96,7 +90,7 @@ def auth_request(f): req = args[0] user_id = await check_auth(req) if user_id: - req["user_id"] = user_id + req["user_id"] = user_id.strip() return await f(*args, **kwargs) return decorated_function