2023-10-23 14:47:11 +00:00
|
|
|
from functools import wraps
|
2023-11-29 07:23:41 +00:00
|
|
|
import aiohttp
|
|
|
|
|
from aiohttp.web import HTTPUnauthorized
|
2023-10-23 14:47:11 +00:00
|
|
|
from settings import AUTH_URL
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
async def check_auth(req):
|
|
|
|
|
token = req.headers.get("Authorization")
|
2023-12-12 05:00:46 +00:00
|
|
|
if token:
|
|
|
|
|
print(f"[services.auth] checking auth token: {token}")
|
2023-12-11 19:12:18 +00:00
|
|
|
|
2023-12-12 05:00:46 +00:00
|
|
|
headers = {"Authorization": "Bearer " + token, "Content-Type": "application/json"}
|
|
|
|
|
# query getSession($params: SessionQueryInput){ session(params: $params) { message user { id } } }
|
|
|
|
|
gql = {
|
2023-12-12 08:19:22 +00:00
|
|
|
"query": "query getSession($params: SessionQueryInput){session(params: $params) { message access_token expires_in refresh_token id_token should_show_email_otp_screen should_show_mobile_otp_screen should_show_totp_screen authenticator_scanner_image authenticator_secret authenticator_recovery_codes user { id email email_verified given_name family_name middle_name nickname preferred_username picture signup_methods gender birthdate phone_number phone_number_verified roles created_at updated_at is_multi_factor_auth_enabled app_data } } }",
|
|
|
|
|
"variables": {},
|
2023-12-12 05:00:46 +00:00
|
|
|
}
|
2023-10-23 14:47:11 +00:00
|
|
|
|
2023-12-12 05:00:46 +00:00
|
|
|
async with aiohttp.ClientSession(timeout=aiohttp.ClientTimeout(total=30.0)) as session:
|
|
|
|
|
async with session.post(AUTH_URL, headers=headers, json=gql) as response:
|
|
|
|
|
if response.status != 200:
|
|
|
|
|
return False, None
|
|
|
|
|
r = await response.json()
|
|
|
|
|
print(f"[services.auth] response: {r}")
|
|
|
|
|
try:
|
|
|
|
|
data = r.get("data")
|
|
|
|
|
is_authenticated = False
|
|
|
|
|
user_id = None
|
|
|
|
|
if data:
|
|
|
|
|
user_id = data.get("session", {}).get("user", {}).get("id", None)
|
|
|
|
|
is_authenticated = user_id is not None
|
|
|
|
|
return is_authenticated, user_id
|
|
|
|
|
except Exception as e:
|
|
|
|
|
print(f"{e}: {r}")
|
|
|
|
|
return False, None
|
2023-10-23 14:47:11 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def login_required(f):
|
|
|
|
|
@wraps(f)
|
|
|
|
|
async def decorated_function(*args, **kwargs):
|
|
|
|
|
info = args[1]
|
|
|
|
|
context = info.context
|
|
|
|
|
req = context.get("request")
|
|
|
|
|
is_authenticated, user_id = await check_auth(req)
|
|
|
|
|
if not is_authenticated:
|
|
|
|
|
raise Exception("You are not logged in")
|
|
|
|
|
else:
|
2023-11-29 07:23:41 +00:00
|
|
|
# Add user_id to the context
|
2023-11-23 23:00:28 +00:00
|
|
|
context["user_id"] = user_id
|
2023-10-23 14:47:11 +00:00
|
|
|
|
2023-11-29 07:23:41 +00:00
|
|
|
# If the user is authenticated, execute the resolver
|
2023-10-23 14:47:11 +00:00
|
|
|
return await f(*args, **kwargs)
|
|
|
|
|
|
|
|
|
|
return decorated_function
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def auth_request(f):
|
|
|
|
|
@wraps(f)
|
|
|
|
|
async def decorated_function(*args, **kwargs):
|
|
|
|
|
req = args[0]
|
|
|
|
|
is_authenticated, user_id = await check_auth(req)
|
|
|
|
|
if not is_authenticated:
|
2023-11-29 07:23:41 +00:00
|
|
|
raise HTTPUnauthorized(text="Please, login first")
|
2023-10-23 14:47:11 +00:00
|
|
|
else:
|
2023-11-23 23:00:28 +00:00
|
|
|
req["user_id"] = user_id
|
2023-10-23 14:47:11 +00:00
|
|
|
return await f(*args, **kwargs)
|
|
|
|
|
|
|
|
|
|
return decorated_function
|
