discours.io/core
5
0
Fork 0
Code Pull Requests Actions Projects Activity

Merge branch 'main' of https://github.com/Discours/discours-backend

Browse Source
This commit is contained in:
Tony Rewin 2021-11-24 16:39:25 +03:00
commit 9ab334de71
5 changed files with 53 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
auth/authenticate.py
View File

@ -10,7 +10,7 @@ from auth.credentials import AuthCredentials, AuthUser
from auth.token import Token
from auth.authorize import Authorize
from exceptions import InvalidToken, OperationNotAllowed
from orm import User
from orm import User, UserStorage
from orm.base import local_session
from redis import redis
from settings import JWT_AUTH_HEADER, EMAIL_TOKEN_LIFE_SPAN
@ -70,8 +70,9 @@ class JWTAuthenticate(AuthenticationBackend):
if not payload.device in ("pc", "mobile"):
return AuthCredentials(scopes=[]), AuthUser(user_id=None)
scopes = User.get_permission(user_id=payload.user_id)
return AuthCredentials(user_id=payload.user_id, scopes=scopes, logged_in=True), AuthUser(user_id=payload.user_id)
user = await UserStorage.get_user(payload.user_id)
scopes = user.get_permission()
return AuthCredentials(user_id=payload.user_id, scopes=scopes, logged_in=True), user
class EmailAuthenticate:
@staticmethod

3
orm/__init__.py
View File

@ -1,6 +1,6 @@
from orm.rbac import Operation, Resource, Permission, Role
from orm.community import Community
from orm.user import User, UserRating, UserRole
from orm.user import User, UserRating, UserRole, UserStorage
from orm.message import Message
from orm.topic import Topic, TopicSubscription
from orm.notification import Notification
@ -18,3 +18,4 @@ Resource.init_table()
with local_session() as session:
ShoutRatingStorage.init(session)
ShoutViewStorage.init(session)
UserStorage.init(session)

48
orm/user.py
View File

@ -2,13 +2,15 @@ from typing import List
from datetime import datetime
from sqlalchemy import Table, Column, Integer, String, ForeignKey, Boolean, DateTime, JSON as JSONType
from sqlalchemy.orm import relationship
from sqlalchemy.orm import relationship, selectinload
from orm import Permission
from orm.base import Base, local_session
from orm.rbac import Role
from orm.topic import Topic
import asyncio
class UserNotifications(Base):
__tablename__ = 'user_notifications'
@ -62,17 +64,45 @@ class User(Base):
old_id: str = Column(String, nullable = True)
@classmethod
def get_permission(cls, user_id):
def get_permission(self):
scope = {}
with local_session() as session:
user = session.query(User).filter(User.id == user_id).first()
for role in user.roles:
for p in role.permissions:
if not p.resource_id in scope:
scope[p.resource_id] = set()
scope[p.resource_id].add(p.operation_id)
#TODO implement RoleStorage
#for role in self.roles:
# for p in role.permissions:
# if not p.resource_id in scope:
# scope[p.resource_id] = set()
# scope[p.resource_id].add(p.operation_id)
return scope
class UserStorage:
users = {}
lock = asyncio.Lock()
@staticmethod
def init(session):
self = UserStorage
users = session.query(User).\
options(selectinload(User.roles)).all()
self.users = dict([(user.id, user) for user in users])
@staticmethod
async def get_user(id):
self = UserStorage
async with self.lock:
return self.users.get(id)
@staticmethod
async def add_user(user):
self = UserStorage
async with self.lock:
self.users[id] = user
@staticmethod
async def del_user(user):
self = UserStorage
async with self.lock:
del self.users[id]
if __name__ == "__main__":
print(User.get_permission(user_id=1))

12
resolvers/auth.py
View File

@ -40,12 +40,14 @@ async def register(*_, email: str, password: str = ""):
if not password:
user = User.create(**user_dict)
await send_confirm_email(user)
UserStorage.add_user(user)
return { "user": user }
else:
user_dict["password"] = Password.encode(password)
user = User.create(**user_dict)
token = await Authorize.authorize(user)
return {"user": user, "token": token }
user_dict["password"] = Password.encode(password)
user = User.create(**user_dict)
token = await Authorize.authorize(user)
UserStorage.add_user(user)
return {"user": user, "token": token }
@query.field("signIn")

7
resolvers/profile.py
View File

@ -22,12 +22,7 @@ async def get_user_by_slug(_, info, slug):
@query.field("getCurrentUser")
@login_required
async def get_current_user(_, info):
auth = info.context["request"].auth
user_id = auth.user_id
with local_session() as session:
user = session.query(User).filter(User.id == user_id).first()
user = info.context["request"].user
return { "user": user }
@query.field("userRoles")