discours.io/core
5
0
Fork 0
Code Pull Requests Actions Projects Activity

add UserStorage

Browse Source
This commit is contained in:
knst-kotov 2021-11-24 15:56:09 +03:00
parent d765eaf390
commit 5e2f824f5b
5 changed files with 53 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
auth/authenticate.py
View File

@ -10,7 +10,7 @@ from auth.credentials import AuthCredentials, AuthUser
from auth.token import Token from auth.token import Token
from auth.authorize import Authorize from auth.authorize import Authorize
from exceptions import InvalidToken, OperationNotAllowed from exceptions import InvalidToken, OperationNotAllowed
from orm import User from orm import User, UserStorage
from orm.base import local_session from orm.base import local_session
from redis import redis from redis import redis
from settings import JWT_AUTH_HEADER, EMAIL_TOKEN_LIFE_SPAN from settings import JWT_AUTH_HEADER, EMAIL_TOKEN_LIFE_SPAN
@ -70,8 +70,9 @@ class JWTAuthenticate(AuthenticationBackend):
if not payload.device in ("pc", "mobile"): if not payload.device in ("pc", "mobile"):
return AuthCredentials(scopes=[]), AuthUser(user_id=None) return AuthCredentials(scopes=[]), AuthUser(user_id=None)
scopes = User.get_permission(user_id=payload.user_id) user = await UserStorage.get_user(payload.user_id)
return AuthCredentials(user_id=payload.user_id, scopes=scopes, logged_in=True), AuthUser(user_id=payload.user_id) scopes = user.get_permission()
return AuthCredentials(user_id=payload.user_id, scopes=scopes, logged_in=True), user
class EmailAuthenticate: class EmailAuthenticate:
@staticmethod @staticmethod

3
orm/__init__.py
View File

@ -1,6 +1,6 @@
from orm.rbac import Operation, Resource, Permission, Role from orm.rbac import Operation, Resource, Permission, Role
from orm.community import Community from orm.community import Community
from orm.user import User, UserRating, UserRole from orm.user import User, UserRating, UserRole, UserStorage
from orm.message import Message from orm.message import Message
from orm.topic import Topic, TopicSubscription from orm.topic import Topic, TopicSubscription
from orm.notification import Notification from orm.notification import Notification
@ -18,3 +18,4 @@ Resource.init_table()
with local_session() as session: with local_session() as session:
ShoutRatingStorage.init(session) ShoutRatingStorage.init(session)
ShoutViewStorage.init(session) ShoutViewStorage.init(session)
UserStorage.init(session)

48
orm/user.py
View File

@ -2,13 +2,15 @@ from typing import List
from datetime import datetime from datetime import datetime
from sqlalchemy import Table, Column, Integer, String, ForeignKey, Boolean, DateTime, JSON as JSONType from sqlalchemy import Table, Column, Integer, String, ForeignKey, Boolean, DateTime, JSON as JSONType
from sqlalchemy.orm import relationship from sqlalchemy.orm import relationship, selectinload
from orm import Permission from orm import Permission
from orm.base import Base, local_session from orm.base import Base, local_session
from orm.rbac import Role from orm.rbac import Role
from orm.topic import Topic from orm.topic import Topic
import asyncio
class UserNotifications(Base): class UserNotifications(Base):
__tablename__ = 'user_notifications' __tablename__ = 'user_notifications'
@ -62,17 +64,45 @@ class User(Base):
old_id: str = Column(String, nullable = True) old_id: str = Column(String, nullable = True)
@classmethod @classmethod
def get_permission(cls, user_id): def get_permission(self):
scope = {} scope = {}
with local_session() as session: #TODO implement RoleStorage
user = session.query(User).filter(User.id == user_id).first() #for role in self.roles:
for role in user.roles: # for p in role.permissions:
for p in role.permissions: # if not p.resource_id in scope:
if not p.resource_id in scope: # scope[p.resource_id] = set()
scope[p.resource_id] = set() # scope[p.resource_id].add(p.operation_id)
scope[p.resource_id].add(p.operation_id)
return scope return scope
class UserStorage:
users = {}
lock = asyncio.Lock()
@staticmethod
def init(session):
self = UserStorage
users = session.query(User).\
options(selectinload(User.roles)).all()
self.users = dict([(user.id, user) for user in users])
@staticmethod
async def get_user(id):
self = UserStorage
async with self.lock:
return self.users.get(id)
@staticmethod
async def add_user(user):
self = UserStorage
async with self.lock:
self.users[id] = user
@staticmethod
async def del_user(user):
self = UserStorage
async with self.lock:
del self.users[id]
if __name__ == "__main__": if __name__ == "__main__":
print(User.get_permission(user_id=1)) print(User.get_permission(user_id=1))

12
resolvers/auth.py
View File

@ -40,12 +40,14 @@ async def register(*_, email: str, password: str = ""):
if not password: if not password:
user = User.create(**user_dict) user = User.create(**user_dict)
await send_confirm_email(user) await send_confirm_email(user)
UserStorage.add_user(user)
return { "user": user } return { "user": user }
else:
user_dict["password"] = Password.encode(password) user_dict["password"] = Password.encode(password)
user = User.create(**user_dict) user = User.create(**user_dict)
token = await Authorize.authorize(user) token = await Authorize.authorize(user)
return {"user": user, "token": token } UserStorage.add_user(user)
return {"user": user, "token": token }
@query.field("signIn") @query.field("signIn")

7
resolvers/profile.py
View File

@ -22,12 +22,7 @@ async def get_user_by_slug(_, info, slug):
@query.field("getCurrentUser") @query.field("getCurrentUser")
@login_required @login_required
async def get_current_user(_, info): async def get_current_user(_, info):
auth = info.context["request"].auth user = info.context["request"].user
user_id = auth.user_id
with local_session() as session:
user = session.query(User).filter(User.id == user_id).first()
return { "user": user } return { "user": user }
@query.field("userRoles") @query.field("userRoles")