From b2b8cf747f507897a21eff6bfb21f3b2f0fd7c60 Mon Sep 17 00:00:00 2001 From: tonyrewin Date: Thu, 24 Nov 2022 18:19:58 +0300 Subject: [PATCH] fix getSession, fix getAuthor --- auth/authenticate.py | 2 +- resolvers/auth.py | 27 +++++++++------------------ resolvers/zine/profile.py | 3 +-- schema.graphql | 2 +- 4 files changed, 12 insertions(+), 22 deletions(-) diff --git a/auth/authenticate.py b/auth/authenticate.py index e8104fae..d12924dc 100644 --- a/auth/authenticate.py +++ b/auth/authenticate.py @@ -68,7 +68,7 @@ def login_required(func): def permission_required(resource, operation, func): @wraps(func) async def wrap(parent, info: GraphQLResolveInfo, *args, **kwargs): - # print('[auth.authenticate] login required for %r with info %r' % (func, info)) # debug only + print('[auth.authenticate] permission_required for %r with info %r' % (func, info)) # debug only auth: AuthCredentials = info.context["request"].auth if not auth.logged_in: return {"error": auth.error_message or "Please login"} diff --git a/resolvers/auth.py b/resolvers/auth.py index 648253c8..d6f1d40b 100644 --- a/resolvers/auth.py +++ b/resolvers/auth.py @@ -21,32 +21,23 @@ from resolvers.zine.profile import user_subscriptions from settings import SESSION_TOKEN_HEADER -@mutation.field("refreshSession") +@mutation.field("getSession") @login_required async def get_current_user(_, info): user = info.context["request"].user - # print(info.context["request"].headers) - old_token = info.context["request"].headers.get("Authorization") - user.lastSeen = datetime.now(tz=timezone.utc) - with local_session() as session: - session.add(user) - session.commit() - token = await TokenStorage.create_session(user) - print("[resolvers.auth] new session token created") - if old_token: - payload = await TokenStorage.get(str(user.id) + '-' + str(old_token)) - if payload: - print("[resolvers.auth] got session from old token: %r" % payload) + token = info.context["request"].headers.get("Authorization") + if user and token: + user.lastSeen = datetime.now(tz=timezone.utc) + with local_session() as session: + session.add(user) + session.commit() return { "token": token, "user": user, "news": await user_subscriptions(user.slug), } - return { - "token": token, - "user": user, - "news": await user_subscriptions(user.slug), - } + else: + raise OperationNotAllowed("No session token present in request, try to login") @mutation.field("confirmEmail") diff --git a/resolvers/zine/profile.py b/resolvers/zine/profile.py index cbb5d4c3..d2db5ccb 100644 --- a/resolvers/zine/profile.py +++ b/resolvers/zine/profile.py @@ -185,8 +185,7 @@ async def get_authors_all(_, _info): async def get_author(_, _info, slug): with local_session() as session: author = session.query(User).join(ShoutAuthor).where(User.slug == slug).first() - for author in author: - author.stat = await get_author_stat(author.slug) + author.stat = await get_author_stat(author.slug) return author diff --git a/schema.graphql b/schema.graphql index ba62a678..adce2273 100644 --- a/schema.graphql +++ b/schema.graphql @@ -159,7 +159,7 @@ type Mutation { markAsRead(chatId: String!, ids: [Int]!): Result! # auth - refreshSession: AuthResult! + getSession: AuthResult! registerUser(email: String!, password: String, name: String): AuthResult! sendLink(email: String!, lang: String): Result! confirmEmail(token: String!): AuthResult!