inbox/services/auth.py

from functools import wraps
from gql.transport import aiohttp
import aiohttp
import json
from services.db import local_session
from settings import AUTH_URL
from orm.author import Author
from graphql.error import GraphQLError


class BaseHttpException(GraphQLError):
    code = 500
    message = "500 Server error"


class Unauthorized(BaseHttpException):
    code = 401
    message = "401 Unauthorized"


async def check_auth(req):
    token = req.headers.get("Authorization")
    gql = (
        {"mutation": "{ getSession { user { id } } }"}
        if "v2" in AUTH_URL
        else {"query": "{ session { user { id } } }"}
    )
    headers = {"Authorization": token, "Content-Type": "application/json"}
    async with aiohttp.ClientSession(headers=headers) as session:
        async with session.post(AUTH_URL, data=json.dumps(gql)) as response:
            if response.status != 200:
                return False, None
            r = await response.json()
            user_id = (
                r.get("data", {}).get("session", {}).get("user", {}).get("id", None)
            )
            is_authenticated = user_id is not None
            return is_authenticated, user_id


def author_id_by_user_id(user_id):
    async with local_session() as session:
        author = session(Author).where(Author.user == user_id).first()
        return author.id


def login_required(f):
    @wraps(f)
    async def decorated_function(*args, **kwargs):
        info = args[1]
        context = info.context
        req = context.get("request")
        is_authenticated, user_id = await check_auth(req)
        if not is_authenticated:
            raise Exception("You are not logged in")
        else:
            # Добавляем author_id в контекст
            author_id = await author_id_by_user_id(user_id)
            context["author_id"] = author_id

        # Если пользователь аутентифицирован, выполняем резолвер
        return await f(*args, **kwargs)

    return decorated_function


def auth_request(f):
    @wraps(f)
    async def decorated_function(*args, **kwargs):
        req = args[0]
        is_authenticated, user_id = await check_auth(req)
        if not is_authenticated:
            raise Unauthorized("You are not logged in")
        else:
            author_id = await author_id_by_user_id(user_id)
            req["author_id"] = author_id
        return await f(*args, **kwargs)

    return decorated_function