From 88309083076238c52b74e28b845e9d5256d8a092 Mon Sep 17 00:00:00 2001 From: Untone Date: Mon, 18 Dec 2023 10:12:17 +0300 Subject: [PATCH] auth-connector-less --- services/auth.py | 55 +++++++++++------------------------------------- 1 file changed, 12 insertions(+), 43 deletions(-) diff --git a/services/auth.py b/services/auth.py index 305384be..1d8cba24 100644 --- a/services/auth.py +++ b/services/auth.py @@ -6,13 +6,14 @@ from aiohttp.web import HTTPUnauthorized from settings import AUTH_URL -async def check_auth(req) -> (bool, int | None): +async def check_auth(req) -> str | None: token = req.headers.get("Authorization") + user_id = "" if token: # Logging the authentication token print(f"[services.auth] checking auth token: {token}") query_name = "validate_jwt_token" - opeation = "ValidateToken" + operation = "ValidateToken" headers = { "Content-Type": "application/json", } @@ -25,46 +26,28 @@ async def check_auth(req) -> (bool, int | None): } gql = { - "query": f"query {opeation}($params: ValidateJWTTokenInput!) {{ {query_name}(params: $params) {{ is_valid claims }} }}", + "query": f"query {operation}($params: ValidateJWTTokenInput!) {{ {query_name}(params: $params) {{ is_valid claims }} }}", "variables": variables, - "operationName": opeation, + "operationName": operation, } - # print(f"[services.auth] Graphql: {gql}") try: # Asynchronous HTTP request to the authentication server async with aiohttp.ClientSession() as session: async with session.post(AUTH_URL, json=gql, headers=headers) as response: - # Logging the GraphQL response - # response_text = await response.text() - # print(f"[services.auth] GraphQL Response: {response_text}") - if response.status == 200: - # Parsing JSON response data = await response.json() errors = data.get("errors") if errors: print(f"[services.auth] errors: {errors}") else: user_id = data.get("data", {}).get(query_name, {}).get("claims", {}).get("sub") - - if user_id: - # Logging the retrieved user ID - # print(f"[services.auth] User ID retrieved: {user_id}") - return True, user_id - else: - # Logging when no user ID is found in the response - # print("[services.auth] No user ID found in the response") - pass - else: - # Logging when the request to the authentication server fails - # print(f"[services.auth] Request failed with status: {response.status}") - pass - + return user_id except Exception as e: # Handling and logging exceptions during authentication check print(f"[services.auth] {e}") - return False, None + if not user_id: + raise HTTPUnauthorized(text="Please, login first") def login_required(f): @@ -72,19 +55,10 @@ def login_required(f): async def decorated_function(*args, **kwargs): info = args[1] context = info.context - # print(context) req = context.get("request") - # print(f"[services.auth] login_required request headers: {req.headers}") - # Performing authentication check - is_authenticated, user_id = await check_auth(req) - if not is_authenticated: - # Raising an exception if the user is not authenticated - raise HTTPUnauthorized(text="Please, login first") - else: - # Adding user_id to the context + user_id = await check_auth(req) + if user_id: context["user_id"] = user_id - - # If the user is authenticated, execute the resolver return await f(*args, **kwargs) return decorated_function @@ -94,13 +68,8 @@ def auth_request(f): @wraps(f) async def decorated_function(*args, **kwargs): req = args[0] - # Performing authentication check - is_authenticated, user_id = await check_auth(req) - if not is_authenticated: - # Raising HTTPUnauthorized exception if the user is not authenticated - raise HTTPUnauthorized(text="Please, login first") - else: - # Modifying the req with the author_id + user_id = await check_auth(req) + if user_id: req["user_id"] = user_id return await f(*args, **kwargs)