auth updated routes tested & password is not yet tested

2025-01-29 15:58:42 +03:00
parent a0b1b1bef9
commit f7eedb5ea0
11 changed files with 147 additions and 84 deletions
--- a/ApiLayers/ApiServices/Token/token_handler.py
+++ b/ApiLayers/ApiServices/Token/token_handler.py
@@ -2,6 +2,8 @@

 from typing import List, Union, TypeVar, Dict, Any, TYPE_CHECKING

+import arrow
+
 from ApiLayers.AllConfigs.Token.config import Auth
 from ApiLayers.ApiLibrary.common.line_number import get_line_number_for_error
 from ApiLayers.ApiLibrary.date_time_actions.date_functions import DateTimeLocal
@@ -51,11 +53,7 @@ class TokenService:
    @classmethod
    def _get_user_tokens(cls, user: Users) -> RedisResponse:
        """Get all tokens for a user from Redis."""
-        return RedisActions.get_json(
-            list_keys=AccessToken(
-                userUUID=user.uu_id,
-            ).to_list()
-        )
+        return RedisActions.get_json(list_keys=[f"*:{str(user.uu_id)}"])

    @classmethod
    def do_occupant_login(
@@ -147,6 +145,7 @@ class TokenService:
            userUUID=user.uu_id,
            accessToken=cls._create_access_token(),
        )
+        cls.remove_token_with_domain(user=user, domain=model.get("domain"))
        redis_action = RedisActions.set_json(
            list_keys=access_object.to_list(),
            value=model,
@@ -282,8 +281,9 @@ class TokenService:
        remember: bool,
    ) -> Dict[str, Any]:
        """Set access token to redis and handle user session."""
+        from ApiLayers.AllConfigs.Token.config import Auth
        cls.remove_token_with_domain(user=user, domain=domain)
-        Users.client_arrow = DateTimeLocal(is_client=True, timezone=user.local_timezone)
+        # Users.client_arrow = DateTimeLocal(is_client=True, timezone=user.local_timezone)
        login_dict, db_session = {}, UsersTokens.new_session()
        if user.is_occupant:  # Handle login based on user type
            login_dict = cls.do_occupant_login(
@@ -295,30 +295,35 @@ class TokenService:
            )

        # Handle remember me functionality
+        user.remember_me = bool(remember)
        if remember:
+            users_token_created = cls._create_access_token(access=False)
+            login_dict["refresh_token"] = users_token_created
            users_token = UsersTokens.find_or_create(
                db=db_session,
                user_id=user.id,
                token_type="RememberMe",
-                token=cls._create_access_token(access=False),
                domain=domain,
            )
-            if users_token.meta_data.get("created"):
-                user.remember_me = True
+            if users_token.meta_data.created:
+                users_token.token = users_token_created
+                users_token.save(db=db_session)
+            else:
+                if arrow.now() > arrow.get(str(users_token.expires_at)):  # Check if token is expired
+                    users_token.token = users_token_created
+                    users_token.expires_at = str(arrow.now().datetime + Auth.TOKEN_EXPIRE_DAY_1)
+                    users_token.save(db=db_session)
+                else:
+                    login_dict["refresh_token"] = users_token.token
        else:
-            if UsersTokens.filter_all(
+            already_refresher = UsersTokens.filter_all(
                UsersTokens.user_id == user.id,
                UsersTokens.token_type == "RememberMe",
                UsersTokens.domain == domain,
                db=db_session,
-            ).data:
-                UsersTokens.filter_all(
-                    UsersTokens.user_id == user.id,
-                    UsersTokens.token_type == "RememberMe",
-                    UsersTokens.domain == domain,
-                    db=db_session,
-                ).query.delete(synchronize_session=False)
-            user.remember_me = False
+            )
+            if already_refresher.count:
+                already_refresher.query.delete(synchronize_session=False)
        user.save(db=db_session)
        return {**login_dict, "user": user.get_dict()}

@@ -399,7 +404,6 @@ class TokenService:
            return EmployeeTokenObject(**redis_object)
        elif redis_object.get("user_type") == UserType.occupant.value:
            return OccupantTokenObject(**redis_object)
-
        raise HTTPExceptionApi(
            error_code="",
            lang="en",
--- a/ApiLayers/LanguageModels/Response/authentication/auth.py
+++ b/ApiLayers/LanguageModels/Response/authentication/auth.py
@@ -49,12 +49,20 @@ authResponses = {
            "message": "Password changed successfully.",
        },
    },
-    "DISCONNECTED_USER": {
+    "LOGOUT_USER": {
        "tr": {
            "message": "Kullanıcı başarılı bir şekilde çıkış yaptı.",
        },
        "en": {
-            "message": "User logged out successfully.",
+            "message": "User successfully logged out.",
+        },
+    },
+    "DISCONNECTED_USER": {
+        "tr": {
+            "message": "Kullanıcı tüm cihazlardan başarılı bir şekilde çıkış yaptı.",
+        },
+        "en": {
+            "message": "User successfully logged out of all devices.",
        },
    },
    "USER_NOT_FOUND": {
@@ -72,5 +80,21 @@ authResponses = {
        "en": {
            "message": "Password reset request created successfully.",
        },
+    },
+    "USER_AVATAR": {
+        "tr": {
+            "message": "Kullanıcı avatarı data blogunda belirtildiği şekildedir.",
+        },
+        "en": {
+            "message": "User avatar is as specified in the data block.",
+        },
+    },
+    "TOKEN_REFRESH": {
+        "tr": {
+            "message": "Token başarılı bir şekilde yenilendi.",
+        },
+        "en": {
+            "message": "Token successfully refreshed.",
+        },
    }
 }