feat: auth.py total recomp
All checks were successful
Deploy on Push / deploy (push) Successful in 1m29s
All checks were successful
Deploy on Push / deploy (push) Successful in 1m29s
This commit is contained in:
Stepan Vladovskiy
parent
2e6678c657
commit
2964b72635
34
auth.py
34
auth.py
|
|
@ -1,22 +1,18 @@
|
|||
from functools import wraps
|
||||
from starlette.responses import JSONResponse
|
||||
import aiohttp
|
||||
from aiohttp import web
|
||||
|
||||
AUTH_URL = 'https://auth.discours.io'
|
||||
|
||||
|
||||
async def check_auth(req):
|
||||
token = req.headers.get("Authorization")
|
||||
headers = {"Authorization": token, "Content-Type": "application/json"} # "Bearer " + removed
|
||||
headers = {"Authorization": token, "Content-Type": "application/json"}
|
||||
|
||||
print(f"[services.auth] checking auth token: {token}")
|
||||
|
||||
query_name = "session"
|
||||
query_type = "query"
|
||||
operation = "GetUserId"
|
||||
|
||||
gql = {
|
||||
"query": query_type + " " + operation + " { " + query_name + " { user { id } } }",
|
||||
"operationName": operation,
|
||||
"query": "query GetUserId { session { user { id } } }",
|
||||
"operationName": "GetUserId",
|
||||
"variables": None,
|
||||
}
|
||||
|
||||
|
|
@ -27,25 +23,19 @@ async def check_auth(req):
|
|||
return False, None
|
||||
r = await response.json()
|
||||
if r:
|
||||
user_id = r.get("data", {}).get(query_name, {}).get("user", {}).get("id", None)
|
||||
user_id = r.get("data", {}).get("session", {}).get("user", {}).get("id", None)
|
||||
is_authenticated = user_id is not None
|
||||
return is_authenticated, user_id
|
||||
return False, None
|
||||
|
||||
|
||||
def login_required(f):
|
||||
@wraps(f)
|
||||
async def decorated_function(*args, **kwargs):
|
||||
info = args[1]
|
||||
context = info.context
|
||||
req = context.get("request")
|
||||
is_authenticated, user_id = await check_auth(req)
|
||||
async def decorated_function(request, *args, **kwargs):
|
||||
is_authenticated, user_id = await check_auth(request)
|
||||
if not is_authenticated:
|
||||
raise web.HTTPUnauthorized(text="You are not logged in") # Return HTTP 401 Unauthorized
|
||||
else:
|
||||
context["user_id"] = user_id
|
||||
|
||||
# If the user is authenticated, execute the resolver
|
||||
return await f(*args, **kwargs)
|
||||
return JSONResponse({'error': 'Unauthorized'}, status_code=401)
|
||||
|
||||
# Make user_id available to the route handler, if needed
|
||||
request.state.user_id = user_id
|
||||
return await f(request, *args, **kwargs)
|
||||
return decorated_function
|
||||
|
|
|
|||
2
main.py
2
main.py
|
|
@ -18,7 +18,7 @@ STORJ_END_POINT = os.environ.get('STORJ_END_POINT')
|
|||
STORJ_BUCKET_NAME = os.environ.get('STORJ_BUCKET_NAME')
|
||||
CDN_DOMAIN = os.environ.get('CDN_DOMAIN')
|
||||
|
||||
# @check_auth
|
||||
@check_auth
|
||||
async def upload_handler(request: Request):
|
||||
logging.debug("Received upload request")
|
||||
form = await request.form()
|
||||
|
|
|
|||
|
|
@ -12,6 +12,7 @@ aiohttp = "^3.9.1"
|
|||
uvicorn = "^0.24.0.post1"
|
||||
starlette = "^0.33.0"
|
||||
aioboto3 = "^9.0.0"
|
||||
python-multipart = "^0.0.5"
|
||||
|
||||
[tool.poetry.dev-dependencies]
|
||||
black = "^23.10.1"
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user