fix-auth

auth/authenticate.py

@@ -3,6 +3,7 @@ from typing import Optional, Tuple
 
 from graphql.type import GraphQLResolveInfo
 from sqlalchemy.orm import joinedload, exc
+from sqlalchemy import select, and_
 from starlette.authentication import AuthenticationBackend
 from starlette.requests import HTTPConnection
 
@@ -35,24 +36,22 @@ class JWTAuthenticate(AuthenticationBackend):
                 payload = await SessionToken.verify(token)
                 if payload is None:
                     return AuthCredentials(scopes=[]), AuthUser(user_id=None)
-
+                user = None
                 with local_session() as session:
                     try:
-                        user = (
-                            session.query(User).options(
-                                joinedload(User.roles),
-                                joinedload(User.ratings)
-                            ).filter(
-                                User.id == id
-                            ).one()
-                        )
+                        q = select(
+                            User
+                        ).filter(
+                            User.id == payload.user_id
+                        ).select_from(User)
+                        user = session.execute(q).unique().one()
                     except exc.NoResultFound:
                         user = None
 
                 if not user:
                     return AuthCredentials(scopes=[]), AuthUser(user_id=None)
 
-                scopes = user.get_permission()
+                scopes = {}  # await user.get_permission()
 
                 return (
                     AuthCredentials(

orm/user.py

@@ -111,5 +111,5 @@ class User(Base):
         return scope
 
 
-if __name__ == "__main__":
-    print(User.get_permission(user_id=1))  # type: ignore
+# if __name__ == "__main__":
+#   print(User.get_permission(user_id=1))  # type: ignore

resolvers/inbox/unread.py

@@ -2,21 +2,21 @@ from base.redis import redis
 import json
 
 
-async def get_unread_counter(chat_id: str, user_slug: str):
+async def get_unread_counter(chat_id: str, user_id: int):
     try:
-        unread = await redis.execute("LLEN", f"chats/{chat_id}/unread/{user_slug}")
+        unread = await redis.execute("LLEN", f"chats/{chat_id.decode('utf-8')}/unread/{user_id}")
         if unread:
             return unread
     except Exception:
         return 0
 
 
-async def get_total_unread_counter(user_slug: str):
-    chats = await redis.execute("GET", f"chats_by_user/{user_slug}")
+async def get_total_unread_counter(user_id: int):
+    chats = await redis.execute("GET", f"chats_by_user/{str(user_id)}")
     unread = 0
     if chats:
         chats = json.loads(chats)
         for chat_id in chats:
-            n = await get_unread_counter(chat_id.decode('utf-8'), user_slug)
+            n = await get_unread_counter(chat_id.decode('utf-8'), user_id)
             unread += n
     return unread

resolvers/zine/profile.py

@@ -163,14 +163,20 @@ async def get_user_roles(slug):
 @mutation.field("updateProfile")
 @login_required
 async def update_profile(_, info, profile):
+    print('[zine] update_profile')
+    print(profile)
     auth = info.context["request"].auth
     user_id = auth.user_id
     with local_session() as session:
-        user = session.query(User).filter(User.id == user_id).first()
-        if user:
-            User.update(user, **profile)
-            session.add(user)
-            session.commit()
+        session.query(User).filter(User.id == user_id).update({
+            "name": profile['name'],
+            "slug": profile['slug'],
+            "bio": profile['bio'],
+            "userpic": profile['userpic'],
+            "about": profile['about'],
+            "links": profile['links']
+        })
+        session.commit()
     return {}
 
 

schema.graphql

@@ -108,10 +108,12 @@ input ShoutInput {
 }
 
 input ProfileInput {
+  slug: String
   name: String
   userpic: String
   links: [String]
   bio: String
+  about: String
 }
 
 input TopicInput {