discours.io/inbox
5
0
Fork 0
Code Pull Requests Actions Wiki Activity

auth-upgrade
All checks were successful
deploy / deploy (push) Successful in 1m3s
Details

Browse Source
This commit is contained in:
Untone 2023-12-18 10:17:50 +03:00
parent b1b7bf4dc2
commit 284a69085f
1 changed files with 18 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
services/auth.py
View File

@ -1,20 +1,21 @@
from functools import wraps from functools import wraps
from aiohttp import ClientSession
import aiohttp from starlette.exceptions import HTTPException
from aiohttp.web import HTTPUnauthorized
from models.member import ChatMember from models.member import ChatMember
from services.core import get_author from services.core import get_author
from settings import AUTH_URL from settings import AUTH_URL
async def check_auth(req) -> (bool, int | None): async def check_auth(req) -> str | None:
token = req.headers.get("Authorization") token = req.headers.get("Authorization")
user_id = ""
if token: if token:
# Logging the authentication token # Logging the authentication token
print(f"[services.auth] checking auth token: {token}") print(f"[services.auth] checking auth token: {token}")
query_name = "validate_jwt_token" query_name = "validate_jwt_token"
opeation = "ValidateToken" operation = "ValidateToken"
headers = { headers = {
"Content-Type": "application/json", "Content-Type": "application/json",
} }
@ -27,13 +28,13 @@ async def check_auth(req) -> (bool, int | None):
} }
gql = { gql = {
"query": f"query {opeation}($params: ValidateJWTTokenInput!) {{ {query_name}(params: $params) {{ is_valid claims }} }}", "query": f"query {operation}($params: ValidateJWTTokenInput!) {{ {query_name}(params: $params) {{ is_valid claims }} }}",
"variables": variables, "variables": variables,
"operationName": opeation, "operationName": operation,
} }
try: try:
async with aiohttp.ClientSession() as session: # Asynchronous HTTP request to the authentication server
async with ClientSession() as session:
async with session.post(AUTH_URL, json=gql, headers=headers) as response: async with session.post(AUTH_URL, json=gql, headers=headers) as response:
if response.status == 200: if response.status == 200:
data = await response.json() data = await response.json()
@ -42,15 +43,13 @@ async def check_auth(req) -> (bool, int | None):
print(f"[services.auth] errors: {errors}") print(f"[services.auth] errors: {errors}")
else: else:
user_id = data.get("data", {}).get(query_name, {}).get("claims", {}).get("sub") user_id = data.get("data", {}).get(query_name, {}).get("claims", {}).get("sub")
return bool(user_id), user_id return user_id
except Exception as e: except Exception as e:
import traceback # Handling and logging exceptions during authentication check
print(f"[services.auth] {e}")
traceback.print_exc() if not user_id:
print(f"[services.auth] check_auth error: {e}") raise HTTPException(status_code=401,detail="Unauthorized")
return False, None
def login_required(f): def login_required(f):
@ -59,19 +58,12 @@ def login_required(f):
info = args[1] info = args[1]
context = info.context context = info.context
req = context.get("request") req = context.get("request")
print(req) user_id = await check_auth(req)
is_authenticated, user_id = await check_auth(req) if user_id:
if not is_authenticated: context["user_id"] = user_id
# Raising HTTPUnauthorized exception if the user is not authenticated
raise HTTPUnauthorized(text="Please, login first")
else:
# Добавляем author_id и user_id в контекст
author: ChatMember | None = await get_author(user_id) author: ChatMember | None = await get_author(user_id)
if author: if author:
context["author_id"] = author["id"] context["author_id"] = author["id"]
context["user_id"] = user_id
# Если пользователь аутентифицирован, выполняем резолвер
return await f(*args, **kwargs) return await f(*args, **kwargs)
return decorated_function return decorated_function