From 1c4e2cbb2c437259a826fbeccae00eeb8dba3d76 Mon Sep 17 00:00:00 2001
From: knst-kotov <knst.kotov@gmail.com>
Date: Sun, 27 Jun 2021 12:56:33 +0000
Subject: [PATCH] add signIn mutation; create/update message only for auth user

---
 message_service.py |  66 +++++++++++++-
 schema.graphql     | 216 ++++++++++++++++++++++++++++++++-------------
 2 files changed, 217 insertions(+), 65 deletions(-)

diff --git a/message_service.py b/message_service.py
index 447d274d..5a1698f3 100644
--- a/message_service.py
+++ b/message_service.py
@@ -11,6 +11,9 @@ from peewee import *
 
 import asyncio
 
+import auth_utils
+
+
 type_defs = load_schema_from_path("schema.graphql")
 
 db = SqliteDatabase('discours.db')
@@ -19,6 +22,16 @@ class User(Model):
 	username = CharField()
 	email = CharField()
 	createdAt = DateTimeField(default=datetime.now)
+	muted = BooleanField(default=False)
+	rating = IntegerField(default=0)
+	# roles = 
+	updatedAt = DateTimeField(default=datetime.now)
+	username = CharField()
+	userpic = CharField(default="")
+	userpicId = CharField(default="")
+	wasOnlineAt = DateTimeField(default=datetime.now)
+	
+	password = CharField()
 
 	class Meta:
 		database = db
@@ -38,7 +51,11 @@ class Message(Model):
 db.connect()
 db.create_tables([User, Message])
 
-#only_user = User.create(username = "admin", email = "knst.kotov@gmail.com")
+#only_user = User.create(
+#	username = "admin",
+#	email = "knst.kotov@gmail.com",
+#	password = auth_utils.password_to_hash("12345")
+#)
 only_user = User.get(User.username == "admin")
 
 
@@ -65,17 +82,43 @@ def resolve_get_messages(_, info, count, page):
 
 mutation = MutationType()
 
+@mutation.field("signIn")
+def resolve_sign_in(_, info, email, password):
+	try:
+		user = User.get(User.email == email)
+	except DoesNotExist as err:
+		return {
+			"status" : False,
+			"error" : "invalid username or password"
+		}
+		
+	if auth_utils.verify_password(password, user.password) :
+		return {
+			"status" : True,
+			"token" : auth_utils.jwt_encode(user)
+		}
+		
+	return {
+		"status" : False,
+		"error" : "invalid username or password"
+	}
+
 @mutation.field("createMessage")
 def resolve_create_message(_, info, input):
+	request = info.context["request"]
+	
 	try:
+		user_id = auth_utils.authorize(request)
+		user = User.get(User.id == user_id)
+		
 		new_message = Message.create(
-			author = only_user,
+			author = user,
 			body = input["body"],
 			replyTo = input.get("replyTo")
 		)
 	except Exception as err:
 		return {
-			"status" : false,
+			"status" : False,
 			"message" : err
 		}
 	
@@ -90,6 +133,17 @@ def resolve_create_message(_, info, input):
 
 @mutation.field("updateMessage")
 def resolve_update_message(_, info, input):
+	request = info.context["request"]
+	
+	try:
+		user_id = auth_utils.authorize(request)
+		user = User.get(User.id == user_id)
+	except Exception as err:
+		return {
+			"status" : False,
+			"message" : err
+		}
+		
 	message_id = input["id"]
 	body = input["body"]
 	
@@ -101,6 +155,12 @@ def resolve_update_message(_, info, input):
 	
 	updated_message = all_messages[message_id]
 	
+	if updated_message.author != user:
+		return {
+			"status" : False,
+			"error" : "update this message denied"
+		}
+	
 	updated_message.body = body
 	#updated_message.updatedAt = datetime.now
 	try:
diff --git a/schema.graphql b/schema.graphql
index 21d18c53..dd673957 100644
--- a/schema.graphql
+++ b/schema.graphql
@@ -1,62 +1,154 @@
-scalar DateTime
-	
-type User {
-	createdAt: DateTime!
-	email: String
-	emailConfirmed: Boolean
-	id: Int!
-	muted: Boolean
-	rating: Int
-	updatedAt: DateTime!
-	username: String
-	userpic: String
-	userpicId: String
-	wasOnlineAt: DateTime
-}
-
-type Message {
-	author: Int!
-	body: String!
-	createdAt: DateTime!
-	id: Int!
-	replyTo: Int
-	updatedAt: DateTime!
-	visibleForUsers: [Int]
-}
-
-type createMessagePayload {
-	status: Boolean!
-	error: String
-	message: Message
-}
-
-type deleteMessagePayload {
-	status: Boolean!
-	error: String
-}
-
-input MessageInput {
-	body: String!
-	replyTo: Int
-}
-
-input updateMessageInput {
-	id: Int!
-	body: String!
-}
-
-type Query {
-	getMessages(count: Int = 100, page: Int = 1): [Message!]!
-}
-
-type Mutation {
-	createMessage(input: MessageInput!): createMessagePayload!
-	updateMessage(input: updateMessageInput!): createMessagePayload!
-	deleteMessage(messageId: Int!): deleteMessagePayload!
-}
-
-type Subscription {
-	messageCreated: Message!
-	messageUpdated: Message!
-	messageDeleted: Message!
-}
+scalar DateTime
+
+type Like {
+  author: Int!
+  id: Int!
+  shout: Int
+  user: Int
+  value: Int!
+}
+
+type createMessagePayload {
+	status: Boolean!
+	error: String
+	message: Message
+}
+
+type deleteMessagePayload {
+	status: Boolean!
+	error: String
+}
+
+input MessageInput {
+	body: String!
+	replyTo: Int
+}
+
+input updateMessageInput {
+	id: Int!
+	body: String!
+}
+
+type Message {
+  author: Int!
+  body: String!
+  createdAt: DateTime!
+  id: Int!
+  replyTo: Int
+  updatedAt: DateTime!
+  visibleForUsers: [Int]
+}
+
+type signInPayload {
+	status: Boolean!
+	error: String
+	token: String
+}
+
+type Mutation {
+  # message
+	createMessage(input: MessageInput!): createMessagePayload!
+	updateMessage(input: updateMessageInput!): createMessagePayload!
+	deleteMessage(messageId: Int!): deleteMessagePayload!
+
+  # auth
+  confirmEmail(token: String!): Token!
+  invalidateAllTokens: Boolean!
+  invalidateTokenById(id: Int!): Boolean!
+  requestEmailConfirmation: User!
+  requestPasswordReset(email: String!): Boolean!
+  resetPassword(password: String!, token: String!): Token!
+  signIn(email: String!, password: String!): signInPayload!
+  signUp(email: String!, password: String!, username: String): User!
+
+  # shout
+  createShout(body: String!, replyTo: [Int], title: String, versionOf: [Int], visibleForRoles: [Int], visibleForUsers: [Int]): Message!
+  deleteShout(shoutId: Int!): Message!
+  rateShout(value: Int!): Boolean!
+
+  # profile
+  rateUser(value: Int!): Boolean!
+  updateOnlineStatus: Boolean!
+  updateUsername(username: String!): User!
+}
+
+type Query {
+  getCurrentUser: User!
+  getMessages(count: Int = 100, page: Int = 1): [Message!]!
+  getOnline: [User!]!
+  getShoutRating(shout: Int): Int!
+  getTokens: [Token!]!
+  getUserById(id: Int!): User!
+  getUserRating(shout: Int): Int!
+  isUsernameFree(username: String!): Boolean!
+  shoutsByAuthor(author: Int): [Shout]!
+  shoutsByReplyTo(shout: Int): [Shout]!
+  shoutsByTags(tags: [String]): [Shout]!
+  shoutsByTime(time: DateTime): [Shout]!
+  topAuthors: [User]!
+  topShouts: [Shout]!
+}
+
+type Role {
+  id: Int!
+  name: String!
+}
+
+type Shout {
+  author: Int!
+  body: String!
+  createdAt: DateTime!
+  deletedAt: DateTime
+  deletedBy: Int
+  id: Int!
+  rating: Int
+  published: DateTime! # if there is no published field - it is not published
+  replyTo: Int # another shout
+  tags: [String]
+  title: String
+  updatedAt: DateTime!
+  versionOf: Int
+  visibleForRoles: [Role]!
+  visibleForUsers: [Int]
+}
+
+type Proposal {
+  body: String!
+  shout: Int!
+  range: String # full / 0:2340
+  author: Int!
+  createdAt: DateTime!
+}
+
+type Subscription {
+  messageCreated: Message!
+  messageUpdated: Message!
+  messageDeleted: Message!
+  onlineUpdated: [User!]!
+  shoutUpdated: Shout!
+  userUpdated: User!
+}
+
+type Token {
+  createdAt: DateTime!
+  expiresAt: DateTime
+  id: Int!
+  ownerId: Int!
+  usedAt: DateTime
+  value: String!
+}
+
+type User {
+  createdAt: DateTime!
+  email: String
+  emailConfirmed: Boolean
+  id: Int!
+  muted: Boolean
+  rating: Int
+  roles: [Role!]!
+  updatedAt: DateTime!
+  username: String
+  userpic: String
+  userpicId: String
+  wasOnlineAt: DateTime
+}