lint wip

2023-10-26 19:56:42 +02:00
parent 44bd146bdf
commit 2c524279f6
65 changed files with 802 additions and 1049 deletions
--- a/auth/authenticate.py
+++ b/auth/authenticate.py
@@ -2,24 +2,22 @@ from functools import wraps
 from typing import Optional, Tuple

 from graphql.type import GraphQLResolveInfo
-from sqlalchemy.orm import joinedload, exc
+from sqlalchemy.orm import exc, joinedload
 from starlette.authentication import AuthenticationBackend
 from starlette.requests import HTTPConnection

 from auth.credentials import AuthCredentials, AuthUser
-from base.orm import local_session
-from orm.user import User, Role
-
-from settings import SESSION_TOKEN_HEADER
 from auth.tokenstorage import SessionToken
 from base.exceptions import OperationNotAllowed
+from base.orm import local_session
+from orm.user import Role, User
+from settings import SESSION_TOKEN_HEADER


 class JWTAuthenticate(AuthenticationBackend):
    async def authenticate(
        self, request: HTTPConnection
    ) -> Optional[Tuple[AuthCredentials, AuthUser]]:
-
        if SESSION_TOKEN_HEADER not in request.headers:
            return AuthCredentials(scopes={}), AuthUser(user_id=None, username='')

@@ -36,28 +34,27 @@ class JWTAuthenticate(AuthenticationBackend):
            with local_session() as session:
                try:
                    user = (
-                        session.query(User).options(
+                        session.query(User)
+                        .options(
                            joinedload(User.roles).options(joinedload(Role.permissions)),
-                            joinedload(User.ratings)
-                        ).filter(
-                            User.id == payload.user_id
-                        ).one()
+                            joinedload(User.ratings),
+                        )
+                        .filter(User.id == payload.user_id)
+                        .one()
                    )

                    scopes = {}  # TODO: integrate await user.get_permission()

                    return (
-                        AuthCredentials(
-                            user_id=payload.user_id,
-                            scopes=scopes,
-                            logged_in=True
-                        ),
+                        AuthCredentials(user_id=payload.user_id, scopes=scopes, logged_in=True),
                        AuthUser(user_id=user.id, username=''),
                    )
                except exc.NoResultFound:
                    pass

-        return AuthCredentials(scopes={}, error_message=str('Invalid token')), AuthUser(user_id=None, username='')
+        return AuthCredentials(scopes={}, error_message=str('Invalid token')), AuthUser(
+            user_id=None, username=''
+        )


 def login_required(func):
@@ -68,9 +65,7 @@ def login_required(func):
        # print(auth)
        if not auth or not auth.logged_in:
            # raise Unauthorized(auth.error_message or "Please login")
-            return {
-                "error": "Please login first"
-            }
+            return {"error": "Please login first"}
        return await func(parent, info, *args, **kwargs)

    return wrap
@@ -79,7 +74,9 @@ def login_required(func):
 def permission_required(resource, operation, func):
    @wraps(func)
    async def wrap(parent, info: GraphQLResolveInfo, *args, **kwargs):
-        print('[auth.authenticate] permission_required for %r with info %r' % (func, info))  # debug only
+        print(
+            '[auth.authenticate] permission_required for %r with info %r' % (func, info)
+        )  # debug only
        auth: AuthCredentials = info.context["request"].auth
        if not auth.logged_in:
            raise OperationNotAllowed(auth.error_message or "Please login")
--- a/auth/credentials.py
+++ b/auth/credentials.py
@@ -23,9 +23,7 @@ class AuthCredentials(BaseModel):
    async def permissions(self) -> List[Permission]:
        if self.user_id is None:
            # raise Unauthorized("Please login first")
-            return {
-                "error": "Please login first"
-            }
+            return {"error": "Please login first"}
        else:
            # TODO: implement permissions logix
            print(self.user_id)
--- a/auth/email.py
+++ b/auth/email.py
@@ -4,10 +4,7 @@ from settings import MAILGUN_API_KEY, MAILGUN_DOMAIN

 api_url = "https://api.mailgun.net/v3/%s/messages" % (MAILGUN_DOMAIN or 'discours.io')
 noreply = "discours.io <noreply@%s>" % (MAILGUN_DOMAIN or 'discours.io')
-lang_subject = {
-    "ru": "Подтверждение почты",
-    "en": "Confirm email"
-}
+lang_subject = {"ru": "Подтверждение почты", "en": "Confirm email"}


 async def send_auth_email(user, token, lang="ru", template="email_confirmation"):
@@ -22,16 +19,12 @@ async def send_auth_email(user, token, lang="ru", template="email_confirmation")
            "to": to,
            "subject": subject,
            "template": template,
-            "h:X-Mailgun-Variables": "{ \"token\": \"%s\" }" % token
+            "h:X-Mailgun-Variables": "{ \"token\": \"%s\" }" % token,
        }
        print('[auth.email] payload: %r' % payload)
        # debug
        # print('http://localhost:3000/?modal=auth&mode=confirm-email&token=%s' % token)
-        response = requests.post(
-            api_url,
-            auth=("api", MAILGUN_API_KEY),
-            data=payload
-        )
+        response = requests.post(api_url, auth=("api", MAILGUN_API_KEY), data=payload)
        response.raise_for_status()
    except Exception as e:
        print(e)
--- a/auth/identity.py
+++ b/auth/identity.py
@@ -7,6 +7,7 @@ from sqlalchemy import or_

 from auth.jwtcodec import JWTCodec
 from auth.tokenstorage import TokenStorage
+
 # from base.exceptions import InvalidPassword, InvalidToken
 from base.orm import local_session
 from orm import User
@@ -57,14 +58,10 @@ class Identity:
        user = User(**orm_user.dict())
        if not user.password:
            # raise InvalidPassword("User password is empty")
-            return {
-                "error": "User password is empty"
-            }
+            return {"error": "User password is empty"}
        if not Password.verify(password, user.password):
            # raise InvalidPassword("Wrong user password")
-            return {
-                "error": "Wrong user password"
-            }
+            return {"error": "Wrong user password"}
        return user

    @staticmethod
@@ -91,26 +88,18 @@ class Identity:
            payload = JWTCodec.decode(token)
            if not await TokenStorage.exist(f"{payload.user_id}-{payload.username}-{token}"):
                # raise InvalidToken("Login token has expired, please login again")
-                return {
-                    "error": "Token has expired"
-                }
+                return {"error": "Token has expired"}
        except ExpiredSignatureError:
            # raise InvalidToken("Login token has expired, please try again")
-            return {
-                "error": "Token has expired"
-            }
+            return {"error": "Token has expired"}
        except DecodeError:
            # raise InvalidToken("token format error") from e
-            return {
-                "error": "Token format error"
-            }
+            return {"error": "Token format error"}
        with local_session() as session:
            user = session.query(User).filter_by(id=payload.user_id).first()
            if not user:
                # raise Exception("user not exist")
-                return {
-                    "error": "User does not exist"
-                }
+                return {"error": "User does not exist"}
            if not user.emailConfirmed:
                user.emailConfirmed = True
                session.commit()
--- a/auth/jwtcodec.py
+++ b/auth/jwtcodec.py
@@ -1,8 +1,10 @@
 from datetime import datetime, timezone
+
 import jwt
+
 from base.exceptions import ExpiredToken, InvalidToken
-from validations.auth import TokenPayload, AuthInput
 from settings import JWT_ALGORITHM, JWT_SECRET_KEY
+from validations.auth import AuthInput, TokenPayload


 class JWTCodec:
@@ -13,7 +15,7 @@ class JWTCodec:
            "username": user.email or user.phone,
            "exp": exp,
            "iat": datetime.now(tz=timezone.utc),
-            "iss": "discours"
+            "iss": "discours",
        }
        try:
            return jwt.encode(payload, JWT_SECRET_KEY, JWT_ALGORITHM)
@@ -33,7 +35,7 @@ class JWTCodec:
                    # "verify_signature": False
                },
                algorithms=[JWT_ALGORITHM],
-                issuer="discours"
+                issuer="discours",
            )
            r = TokenPayload(**payload)
            # print('[auth.jwtcodec] debug token %r' % r)
--- a/auth/oauth.py
+++ b/auth/oauth.py
@@ -1,8 +1,9 @@
 from authlib.integrations.starlette_client import OAuth
 from starlette.responses import RedirectResponse
+
 from auth.identity import Identity
 from auth.tokenstorage import TokenStorage
-from settings import OAUTH_CLIENTS, FRONTEND_URL
+from settings import FRONTEND_URL, OAUTH_CLIENTS

 oauth = OAuth()

--- a/auth/tokenstorage.py
+++ b/auth/tokenstorage.py
@@ -1,9 +1,9 @@
 from datetime import datetime, timedelta, timezone

 from auth.jwtcodec import JWTCodec
-from validations.auth import AuthInput
 from base.redis import redis
-from settings import SESSION_TOKEN_LIFE_SPAN, ONETIME_TOKEN_LIFE_SPAN
+from settings import ONETIME_TOKEN_LIFE_SPAN, SESSION_TOKEN_LIFE_SPAN
+from validations.auth import AuthInput


 async def save(token_key, life_span, auto_delete=True):