fix getSession, fix getAuthor

2022-11-24 18:19:58 +03:00 · 2022-11-24 18:19:58 +03:00 · b2b8cf747f
commit b2b8cf747f
parent 0ad10cffec
4 changed files with 12 additions and 22 deletions
--- a/auth/authenticate.py
+++ b/auth/authenticate.py
@ -68,7 +68,7 @@ def login_required(func):
 def permission_required(resource, operation, func):
    @wraps(func)
    async def wrap(parent, info: GraphQLResolveInfo, *args, **kwargs):
-        # print('[auth.authenticate] login required for %r with info %r' % (func, info))  # debug only
+        print('[auth.authenticate] permission_required for %r with info %r' % (func, info))  # debug only
        auth: AuthCredentials = info.context["request"].auth
        if not auth.logged_in:
            return {"error": auth.error_message or "Please login"}
--- a/resolvers/auth.py
+++ b/resolvers/auth.py
@ -21,32 +21,23 @@ from resolvers.zine.profile import user_subscriptions
 from settings import SESSION_TOKEN_HEADER


-@mutation.field("refreshSession")
+@mutation.field("getSession")
@login_required
 async def get_current_user(_, info):
    user = info.context["request"].user
-    # print(info.context["request"].headers)
-    old_token = info.context["request"].headers.get("Authorization")
-    user.lastSeen = datetime.now(tz=timezone.utc)
-    with local_session() as session:
-        session.add(user)
-        session.commit()
-    token = await TokenStorage.create_session(user)
-    print("[resolvers.auth] new session token created")
-    if old_token:
-        payload = await TokenStorage.get(str(user.id) + '-' + str(old_token))
-        if payload:
-            print("[resolvers.auth] got session from old token: %r" % payload)
+    token = info.context["request"].headers.get("Authorization")
+    if user and token:
+        user.lastSeen = datetime.now(tz=timezone.utc)
+        with local_session() as session:
+            session.add(user)
+            session.commit()
            return {
                "token": token,
                "user": user,
                "news": await user_subscriptions(user.slug),
            }
-    return {
-        "token": token,
-        "user": user,
-        "news": await user_subscriptions(user.slug),
-    }
+    else:
+        raise OperationNotAllowed("No session token present in request, try to login")


@mutation.field("confirmEmail")
--- a/resolvers/zine/profile.py
+++ b/resolvers/zine/profile.py
@ -185,8 +185,7 @@ async def get_authors_all(_, _info):
 async def get_author(_, _info, slug):
    with local_session() as session:
        author = session.query(User).join(ShoutAuthor).where(User.slug == slug).first()
-        for author in author:
-            author.stat = await get_author_stat(author.slug)
+        author.stat = await get_author_stat(author.slug)
    return author


--- a/schema.graphql
+++ b/schema.graphql
@ -159,7 +159,7 @@ type Mutation {
  markAsRead(chatId: String!, ids: [Int]!): Result!

  # auth
-  refreshSession: AuthResult!
+  getSession: AuthResult!
  registerUser(email: String!, password: String, name: String): AuthResult!
  sendLink(email: String!, lang: String): Result!
  confirmEmail(token: String!): AuthResult!