discours.io/core
5
0
Fork 0
Code Pull Requests Actions Projects Activity

Merge branch 'main' of github.com:Discours/discours-backend into main

Browse Source
This commit is contained in:
tonyrewin 2022-11-11 21:07:59 +03:00
commit a88ede7a97
6 changed files with 57 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
CHECKS Normal file
View File

@ -0,0 +1,5 @@
# WAIT=30
# TIMEOUT=10
# ATTEMPTS=60 # 60 * 30 = 30 min
# / Playground

2
Dockerfile
View File

@ -11,5 +11,3 @@ COPY requirements.txt ./
RUN set -ex && pip install -r requirements.txt RUN set -ex && pip install -r requirements.txt
COPY . . COPY . .
CMD ["python", "server.py"]

2
Procfile Normal file
View File

@ -0,0 +1,2 @@
web: python server.py

39
auth/identity.py
View File

@ -1,3 +1,6 @@
from binascii import hexlify
from hashlib import sha256
from jwt import DecodeError, ExpiredSignatureError from jwt import DecodeError, ExpiredSignatureError
from passlib.hash import bcrypt from passlib.hash import bcrypt
from sqlalchemy import or_ from sqlalchemy import or_
@ -12,16 +15,40 @@ from validations.auth import AuthInput
class Password: class Password:
@staticmethod @staticmethod
def encode(password: str) -> str: def _to_bytes(data: str) -> bytes:
return bytes(data.encode())
# TODO: sha256 -> hexdigest -> bcrypt @classmethod
return bcrypt.hash(password) def _get_sha256(cls, password: str) -> bytes:
bytes_password = cls._to_bytes(password)
return hexlify(sha256(bytes_password).digest())
@staticmethod
def encode(password: str) -> str:
password_sha256 = Password._get_sha256(password)
return bcrypt.using(rounds=10).hash(password_sha256)
@staticmethod @staticmethod
def verify(password: str, hashed: str) -> bool: def verify(password: str, hashed: str) -> bool:
# TODO: detect rounds amount """
# TODO: sha256 -> hexdigest -> bcrypt Verify that password hash is equal to specified hash. Hash format:
return bcrypt.verify(password, hashed)
$2a$10$Ro0CUfOqk6cXEKf3dyaM7OhSCvnwM9s4wIX9JeLapehKK5YdLxKcm
\__/\/ \____________________/\_____________________________/
| | Salt Hash
| Cost
Version
More info: https://passlib.readthedocs.io/en/stable/lib/passlib.hash.bcrypt.html
:param password: clear text password
:param hashed: hash of the password
:return: True if clear text password matches specified hash
"""
hashed_bytes = Password._to_bytes(hashed)
password_sha256 = Password._get_sha256(password)
return bcrypt.verify(password_sha256, hashed_bytes)
class Identity: class Identity:

4
resolvers/profile.py
View File

@ -213,6 +213,6 @@ def get_top_authors(_, _info, offset, limit):
@query.field("getAuthor") @query.field("getAuthor")
async def get_author(_, _info, slug): async def get_author(_, _info, slug):
a = await UserStorage.users[slug] a = await UserStorage.get_user_by_slug(slug)
a.stat = get_author_stat(slug) a.stat = await get_author_stat(slug)
return a return a

4
resolvers/topics.py
View File

@ -55,8 +55,8 @@ async def topics_by_author(_, _info, author):
@query.field("getTopic") @query.field("getTopic")
async def get_topic(_, _info, slug): async def get_topic(_, _info, slug):
t = await TopicStorage.topics[slug] t = TopicStorage.topics[slug]
t.stat = get_topic_stat(slug) t.stat = await get_topic_stat(slug)
return t return t