migration, auth, refactoring, formatting

2022-09-17 21:12:14 +03:00
parent 6b4c00d9e7
commit 3136eecd7e
68 changed files with 968 additions and 930 deletions
--- a/auth/identity.py
+++ b/auth/identity.py
@@ -1,16 +1,30 @@
-from auth.password import Password
-from base.exceptions import InvalidPassword
-from orm import User as OrmUser
-from base.orm import local_session
-from auth.validations import User
-
+from jwt import DecodeError, ExpiredSignatureError
 from sqlalchemy import or_

+from auth.jwtcodec import JWTCodec
+from auth.tokenstorage import TokenStorage
+from validations.auth import AuthInput
+from base.exceptions import InvalidPassword
+from base.exceptions import InvalidToken
+from base.orm import local_session
+from orm import User
+from passlib.hash import bcrypt
+
+
+class Password:
+    @staticmethod
+    def encode(password: str) -> str:
+        return bcrypt.hash(password)
+
+    @staticmethod
+    def verify(password: str, other: str) -> bool:
+        return bcrypt.verify(password, other)
+

 class Identity:
    @staticmethod
-    def identity(orm_user: OrmUser, password: str) -> User:
-        user = User(**orm_user.dict())
+    def password(orm_user: User, password: str) -> User:
+        user = AuthInput(**orm_user.dict())
        if not user.password:
            raise InvalidPassword("User password is empty")
        if not Password.verify(password, user.password):
@@ -18,22 +32,37 @@ class Identity:
        return user

    @staticmethod
-    def identity_oauth(input) -> User:
+    def oauth(inp: AuthInput) -> User:
        with local_session() as session:
            user = (
-                session.query(OrmUser)
-                .filter(
-                    or_(
-                        OrmUser.oauth == input["oauth"], OrmUser.email == input["email"]
-                    )
-                )
+                session.query(User)
+                .filter(or_(User.oauth == inp["oauth"], User.email == inp["email"]))
                .first()
            )
            if not user:
-                user = OrmUser.create(**input)
+                user = User.create(**inp)
            if not user.oauth:
-                user.oauth = input["oauth"]
+                user.oauth = inp["oauth"]
                session.commit()

        user = User(**user.dict())
        return user
+
+    @staticmethod
+    async def onetime(token: str) -> User:
+        try:
+            payload = JWTCodec.decode(token)
+            if not await TokenStorage.exist(f"{payload.user_id}-{token}"):
+                raise InvalidToken("Login token has expired, please login again")
+        except ExpiredSignatureError:
+            raise InvalidToken("Login token has expired, please try again")
+        except DecodeError as e:
+            raise InvalidToken("token format error") from e
+        with local_session() as session:
+            user = session.query(User).filter_by(id=payload.user_id).first()
+            if not user:
+                raise Exception("user not exist")
+            if not user.emailConfirmed:
+                user.emailConfirmed = True
+                session.commit()
+            return user