from aiohttp import ClientSession from strawberry.extensions import Extension from settings import AUTH_URL from services.db import local_session from orm.author import Author import logging logger = logging.getLogger("\t[services.auth]\t") logger.setLevel(logging.DEBUG) async def check_auth(req) -> str | None: token = req.headers.get("Authorization") user_id = "" if token: query_name = "validate_jwt_token" operation = "ValidateToken" headers = { "Content-Type": "application/json", } variables = { "params": { "token_type": "access_token", "token": token, } } gql = { "query": f"query {operation}($params: ValidateJWTTokenInput!) {{ {query_name}(params: $params) {{ is_valid claims }} }}", "variables": variables, "operationName": operation, } try: # Asynchronous HTTP request to the authentication server async with ClientSession() as session: async with session.post(AUTH_URL, json=gql, headers=headers) as response: print(f"[services.auth] HTTP Response {response.status} {await response.text()}") if response.status == 200: data = await response.json() errors = data.get("errors") if errors: print(f"[services.auth] errors: {errors}") else: user_id = data.get("data", {}).get(query_name, {}).get("claims", {}).get("sub") if user_id: print(f"[services.auth] got user_id: {user_id}") return user_id except Exception as e: import traceback traceback.print_exc() # Handling and logging exceptions during authentication check print(f"[services.auth] Error {e}") return None class LoginRequiredMiddleware(Extension): async def on_request_start(self): context = self.execution_context.context req = context.get("request") user_id = await check_auth(req) if user_id: context["user_id"] = user_id.strip() with local_session() as session: author = session.query(Author).filter(Author.user == user_id).first() if author: context["author_id"] = author.id context["user_id"] = user_id or None self.execution_context.context = context