This commit is contained in:
parent
14dc1c761a
commit
1b2b060b23
|
|
@ -1,3 +1,7 @@
|
||||||
|
[0.2.19]
|
||||||
|
- fix: adding 'author' role
|
||||||
|
- fix: stripping user_id in auth connector
|
||||||
|
|
||||||
[0.2.18]
|
[0.2.18]
|
||||||
- schema: added Shout.seo string field
|
- schema: added Shout.seo string field
|
||||||
- resolvers: added /new-author webhook resolver
|
- resolvers: added /new-author webhook resolver
|
||||||
|
|
|
||||||
1
main.py
1
main.py
|
|
@ -13,6 +13,7 @@ from starlette.applications import Starlette
|
||||||
from starlette.routing import Route
|
from starlette.routing import Route
|
||||||
|
|
||||||
from resolvers.webhook import WebhookEndpoint
|
from resolvers.webhook import WebhookEndpoint
|
||||||
|
from services.auth import init_auth
|
||||||
from services.rediscache import redis
|
from services.rediscache import redis
|
||||||
from services.schema import resolvers
|
from services.schema import resolvers
|
||||||
from settings import DEV_SERVER_PID_FILE_NAME, MODE, SENTRY_DSN
|
from settings import DEV_SERVER_PID_FILE_NAME, MODE, SENTRY_DSN
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
[tool.poetry]
|
[tool.poetry]
|
||||||
name = "discoursio-core"
|
name = "discoursio-core"
|
||||||
version = "0.2.18"
|
version = "0.2.19"
|
||||||
description = "core module for discours.io"
|
description = "core module for discours.io"
|
||||||
authors = ["discoursio devteam"]
|
authors = ["discoursio devteam"]
|
||||||
license = "MIT"
|
license = "MIT"
|
||||||
|
|
|
||||||
|
|
@ -7,7 +7,7 @@ from sqlalchemy.orm import aliased, joinedload
|
||||||
from orm.author import Author
|
from orm.author import Author
|
||||||
from orm.reaction import Reaction, ReactionKind
|
from orm.reaction import Reaction, ReactionKind
|
||||||
from orm.shout import Shout, ShoutReactionsFollower
|
from orm.shout import Shout, ShoutReactionsFollower
|
||||||
from services.auth import login_required, add_author_role
|
from services.auth import login_required, add_user_role
|
||||||
from services.db import local_session
|
from services.db import local_session
|
||||||
from services.notify import notify_reaction
|
from services.notify import notify_reaction
|
||||||
from services.schema import mutation, query
|
from services.schema import mutation, query
|
||||||
|
|
@ -142,12 +142,14 @@ def check_to_hide(session, reaction):
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
|
||||||
def set_published(session, shout_id, approver_id):
|
async def set_published(session, shout_id, approver_id):
|
||||||
s = session.query(Shout).where(Shout.id == shout_id).first()
|
s = session.query(Shout).where(Shout.id == shout_id).first()
|
||||||
s.published_at = int(time.time())
|
s.published_at = int(time.time())
|
||||||
s.published_by = approver_id
|
s.published_by = approver_id
|
||||||
s.visibility = text("public")
|
s.visibility = text("public")
|
||||||
add_author_role(s.created_by)
|
author = session.query(Author).filter(Author.id == s.created_by).first()
|
||||||
|
if author:
|
||||||
|
await add_user_role(str(author.user))
|
||||||
session.add(s)
|
session.add(s)
|
||||||
session.commit()
|
session.commit()
|
||||||
|
|
||||||
|
|
@ -235,7 +237,7 @@ async def create_reaction(_, info, reaction):
|
||||||
if check_to_hide(session, r):
|
if check_to_hide(session, r):
|
||||||
set_hidden(session, r.shout)
|
set_hidden(session, r.shout)
|
||||||
elif check_to_publish(session, author.id, r):
|
elif check_to_publish(session, author.id, r):
|
||||||
set_published(session, r.shout, author.id)
|
await set_published(session, r.shout, author.id)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
reactions_follow(author.id, reaction["shout"], True)
|
reactions_follow(author.id, reaction["shout"], True)
|
||||||
|
|
|
||||||
|
|
@ -6,6 +6,25 @@ from starlette.exceptions import HTTPException
|
||||||
from settings import AUTH_URL, AUTH_SECRET
|
from settings import AUTH_URL, AUTH_SECRET
|
||||||
|
|
||||||
|
|
||||||
|
async def request_data(gql, headers = { "Content-Type": "application/json" }):
|
||||||
|
try:
|
||||||
|
# Asynchronous HTTP request to the authentication server
|
||||||
|
async with ClientSession() as session:
|
||||||
|
async with session.post(AUTH_URL, json=gql, headers=headers) as response:
|
||||||
|
if response.status == 200:
|
||||||
|
data = await response.json()
|
||||||
|
errors = data.get("errors")
|
||||||
|
if errors:
|
||||||
|
print(f"[services.auth] errors: {errors}")
|
||||||
|
else:
|
||||||
|
return data
|
||||||
|
except Exception as e:
|
||||||
|
# Handling and logging exceptions during authentication check
|
||||||
|
print(f"[services.auth] request_data error: {e}")
|
||||||
|
return None
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
async def check_auth(req) -> str | None:
|
async def check_auth(req) -> str | None:
|
||||||
token = req.headers.get("Authorization")
|
token = req.headers.get("Authorization")
|
||||||
user_id = ""
|
user_id = ""
|
||||||
|
|
@ -14,9 +33,6 @@ async def check_auth(req) -> str | None:
|
||||||
print(f"[services.auth] checking auth token: {token}")
|
print(f"[services.auth] checking auth token: {token}")
|
||||||
query_name = "validate_jwt_token"
|
query_name = "validate_jwt_token"
|
||||||
operation = "ValidateToken"
|
operation = "ValidateToken"
|
||||||
headers = {
|
|
||||||
"Content-Type": "application/json",
|
|
||||||
}
|
|
||||||
variables = {
|
variables = {
|
||||||
"params": {
|
"params": {
|
||||||
"token_type": "access_token",
|
"token_type": "access_token",
|
||||||
|
|
@ -29,52 +45,30 @@ async def check_auth(req) -> str | None:
|
||||||
"variables": variables,
|
"variables": variables,
|
||||||
"operationName": operation,
|
"operationName": operation,
|
||||||
}
|
}
|
||||||
try:
|
data = await request_data(gql)
|
||||||
# Asynchronous HTTP request to the authentication server
|
if data:
|
||||||
async with ClientSession() as session:
|
|
||||||
async with session.post(AUTH_URL, json=gql, headers=headers) as response:
|
|
||||||
if response.status == 200:
|
|
||||||
data = await response.json()
|
|
||||||
errors = data.get("errors")
|
|
||||||
if errors:
|
|
||||||
print(f"[services.auth] errors: {errors}")
|
|
||||||
else:
|
|
||||||
user_id = data.get("data", {}).get(query_name, {}).get("claims", {}).get("sub")
|
user_id = data.get("data", {}).get(query_name, {}).get("claims", {}).get("sub")
|
||||||
return user_id
|
return user_id
|
||||||
except Exception as e:
|
|
||||||
# Handling and logging exceptions during authentication check
|
|
||||||
print(f"[services.auth] {e}")
|
|
||||||
|
|
||||||
if not user_id:
|
if not user_id:
|
||||||
raise HTTPException(status_code=401, detail="Unauthorized")
|
raise HTTPException(status_code=401, detail="Unauthorized")
|
||||||
|
|
||||||
|
|
||||||
async def add_author_role(author_id):
|
async def add_user_role(user_id):
|
||||||
print(f"[services.auth] add author role for author with id {author_id}")
|
print(f"[services.auth] add author role for user_id: {user_id}")
|
||||||
query_name = "_update_user"
|
query_name = "_update_user"
|
||||||
operation = "UpdateUserRoles"
|
operation = "UpdateUserRoles"
|
||||||
headers = {"Content-Type": "application/json", "x-authorizer-admin-secret": AUTH_SECRET}
|
headers = {"Content-Type": "application/json", "x-authorizer-admin-secret": AUTH_SECRET}
|
||||||
variables = {"params": {"roles": "author, reader"}}
|
variables = {"params": {"roles": "author, reader", "id": user_id}}
|
||||||
gql = {
|
gql = {
|
||||||
"query": f"mutation {operation}($params: UpdateUserInput!) {{ {query_name}(params: $params) {{ id roles }} }}",
|
"query": f"mutation {operation}($params: UpdateUserInput!) {{ {query_name}(params: $params) {{ id roles }} }}",
|
||||||
"variables": variables,
|
"variables": variables,
|
||||||
"operationName": operation,
|
"operationName": operation,
|
||||||
}
|
}
|
||||||
try:
|
data = await request_data(gql, headers)
|
||||||
# Asynchronous HTTP request to the authentication server
|
if data:
|
||||||
async with ClientSession() as session:
|
|
||||||
async with session.post(AUTH_URL, json=gql, headers=headers) as response:
|
|
||||||
if response.status == 200:
|
|
||||||
data = await response.json()
|
|
||||||
errors = data.get("errors")
|
|
||||||
if errors:
|
|
||||||
print(f"[services.auth] errors: {errors}")
|
|
||||||
else:
|
|
||||||
user_id = data.get("data", {}).get(query_name, {}).get("id")
|
user_id = data.get("data", {}).get(query_name, {}).get("id")
|
||||||
return user_id
|
return user_id
|
||||||
except Exception as e:
|
|
||||||
print(f"[services.auth] {e}")
|
|
||||||
|
|
||||||
|
|
||||||
def login_required(f):
|
def login_required(f):
|
||||||
@wraps(f)
|
@wraps(f)
|
||||||
|
|
@ -84,7 +78,7 @@ def login_required(f):
|
||||||
req = context.get("request")
|
req = context.get("request")
|
||||||
user_id = await check_auth(req)
|
user_id = await check_auth(req)
|
||||||
if user_id:
|
if user_id:
|
||||||
context["user_id"] = user_id
|
context["user_id"] = user_id.strip()
|
||||||
return await f(*args, **kwargs)
|
return await f(*args, **kwargs)
|
||||||
|
|
||||||
return decorated_function
|
return decorated_function
|
||||||
|
|
@ -96,7 +90,7 @@ def auth_request(f):
|
||||||
req = args[0]
|
req = args[0]
|
||||||
user_id = await check_auth(req)
|
user_id = await check_auth(req)
|
||||||
if user_id:
|
if user_id:
|
||||||
req["user_id"] = user_id
|
req["user_id"] = user_id.strip()
|
||||||
return await f(*args, **kwargs)
|
return await f(*args, **kwargs)
|
||||||
|
|
||||||
return decorated_function
|
return decorated_function
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user