auth updated routes tested & password is not yet tested
This commit is contained in:
@@ -124,7 +124,7 @@ authentication_disconnect_user_event.endpoint_callable = (
|
||||
authentication_logout_user_event = Event(
|
||||
name="authentication_logout_user_event",
|
||||
key="g1j8i6j7-9k4h-0h6l-4i3j-2j0k1k0j0i0k",
|
||||
request_validator=None, # TODO: Add request validator
|
||||
request_validator=AuthenticationRequestModels.LogoutRequestModel,
|
||||
language_models=[],
|
||||
# response_validator=None, # TODO: Add response validator
|
||||
description="Logout user session",
|
||||
@@ -140,9 +140,9 @@ authentication_logout_user_event.endpoint_callable = (
|
||||
authentication_refresher_token_event = Event(
|
||||
name="authentication_refresher_token_event",
|
||||
key="h2k9j7k8-0l5i-1i7m-5j4k-3k1l2l1k1j1l",
|
||||
request_validator=None, # TODO: Add request validator
|
||||
request_validator=AuthenticationRequestModels.RefresherRequestModel, # TODO: Add request validator
|
||||
language_models=[],
|
||||
# response_validator=None, # TODO: Add response validator
|
||||
# response_validator=None,
|
||||
description="Refresh authentication token",
|
||||
)
|
||||
|
||||
|
||||
@@ -113,7 +113,7 @@ AuthenticationCheckTokenEventMethods = MethodToEvent(
|
||||
)
|
||||
|
||||
|
||||
def authentication_check_token_is_valid():
|
||||
def authentication_check_token_is_valid(request: Request):
|
||||
context_retriever = ContextRetrievers(func=authentication_check_token_is_valid)
|
||||
function = AuthenticationCheckTokenEventMethods.retrieve_event(
|
||||
event_function_code=f"{authentication_check_token_event.key}"
|
||||
@@ -142,7 +142,7 @@ AuthenticationRefreshEventMethods = MethodToEvent(
|
||||
)
|
||||
|
||||
|
||||
def authentication_refresh_user_info():
|
||||
def authentication_refresh_user_info(request: Request):
|
||||
context_retriever = ContextRetrievers(func=authentication_refresh_user_info)
|
||||
function = AuthenticationRefreshEventMethods.retrieve_event(
|
||||
event_function_code=f"{authentication_refresh_user_info_event.key}"
|
||||
@@ -169,7 +169,7 @@ AuthenticationChangePasswordEventMethods = MethodToEvent(
|
||||
)
|
||||
|
||||
|
||||
def authentication_change_password_event_callable(data: EndpointBaseRequestModel):
|
||||
def authentication_change_password_event_callable(request: Request, data: EndpointBaseRequestModel):
|
||||
context_retriever = ContextRetrievers(
|
||||
func=authentication_change_password_event_callable
|
||||
)
|
||||
@@ -198,7 +198,7 @@ AuthenticationCreatePasswordEventMethods = MethodToEvent(
|
||||
)
|
||||
|
||||
|
||||
def authentication_create_password(data: EndpointBaseRequestModel):
|
||||
def authentication_create_password(request: Request, data: EndpointBaseRequestModel):
|
||||
context_retriever = ContextRetrievers(func=authentication_create_password)
|
||||
function = AuthenticationCreatePasswordEventMethods.retrieve_event(
|
||||
event_function_code=f"{authentication_create_password_event.key}"
|
||||
@@ -227,13 +227,18 @@ AuthenticationDisconnectUserEventMethods = MethodToEvent(
|
||||
)
|
||||
|
||||
|
||||
def authentication_disconnect_user(data: EndpointBaseRequestModel):
|
||||
def authentication_disconnect_user(request: Request):
|
||||
context_retriever = ContextRetrievers(func=authentication_disconnect_user)
|
||||
function = AuthenticationDisconnectUserEventMethods.retrieve_event(
|
||||
event_function_code=f"{authentication_disconnect_user_event.key}"
|
||||
)
|
||||
AuthenticationFunctions.context_retriever = context_retriever
|
||||
return function.endpoint_callable(data=data)
|
||||
return function.endpoint_callable()
|
||||
|
||||
|
||||
AuthenticationDisconnectUserEventMethods.endpoint_callable = (
|
||||
authentication_disconnect_user
|
||||
)
|
||||
|
||||
|
||||
AuthenticationLogoutEventMethods = MethodToEvent(
|
||||
@@ -249,13 +254,14 @@ AuthenticationLogoutEventMethods = MethodToEvent(
|
||||
)
|
||||
|
||||
|
||||
def authentication_logout_user(data: EndpointBaseRequestModel):
|
||||
def authentication_logout_user(request: Request, data: EndpointBaseRequestModel):
|
||||
context_retriever = ContextRetrievers(func=authentication_logout_user)
|
||||
function = AuthenticationLogoutEventMethods.retrieve_event(
|
||||
event_function_code=f"{authentication_logout_user_event.key}"
|
||||
)
|
||||
validated_data = function.REQUEST_VALIDATOR(**data.data)
|
||||
AuthenticationFunctions.context_retriever = context_retriever
|
||||
return function.endpoint_callable(data=data)
|
||||
return function.endpoint_callable(data=validated_data)
|
||||
|
||||
|
||||
AuthenticationLogoutEventMethods.endpoint_callable = authentication_logout_user
|
||||
@@ -268,7 +274,7 @@ AuthenticationRefreshTokenEventMethods = MethodToEvent(
|
||||
},
|
||||
headers=[],
|
||||
errors=[],
|
||||
decorators_list=[MiddlewareModule.auth_required],
|
||||
decorators_list=[],
|
||||
url="/refresh-token",
|
||||
method="POST",
|
||||
summary="Refresh token",
|
||||
@@ -276,13 +282,12 @@ AuthenticationRefreshTokenEventMethods = MethodToEvent(
|
||||
)
|
||||
|
||||
|
||||
def authentication_refresher_token(data: EndpointBaseRequestModel):
|
||||
context_retriever = ContextRetrievers(func=authentication_refresher_token)
|
||||
def authentication_refresher_token(request: Request, data: EndpointBaseRequestModel):
|
||||
function = AuthenticationRefreshTokenEventMethods.retrieve_event(
|
||||
event_function_code=f"{authentication_refresher_token_event.key}"
|
||||
)
|
||||
AuthenticationFunctions.context_retriever = context_retriever
|
||||
return function.endpoint_callable(data=data)
|
||||
validated_data = function.REQUEST_VALIDATOR(**data.data)
|
||||
return function.endpoint_callable(request=request, data=validated_data)
|
||||
|
||||
|
||||
AuthenticationRefreshTokenEventMethods.endpoint_callable = (
|
||||
@@ -304,7 +309,7 @@ AuthenticationForgotPasswordEventMethods = MethodToEvent(
|
||||
)
|
||||
|
||||
|
||||
def authentication_forgot_password(data: EndpointBaseRequestModel):
|
||||
def authentication_forgot_password(request: Request, data: EndpointBaseRequestModel):
|
||||
context_retriever = ContextRetrievers(func=authentication_forgot_password)
|
||||
function = AuthenticationForgotPasswordEventMethods.retrieve_event(
|
||||
event_function_code=f"{authentication_forgot_password_event.key}"
|
||||
@@ -333,7 +338,7 @@ AuthenticationResetPasswordEventMethods = MethodToEvent(
|
||||
)
|
||||
|
||||
|
||||
def authentication_reset_password(data: EndpointBaseRequestModel):
|
||||
def authentication_reset_password(request: Request, data: EndpointBaseRequestModel):
|
||||
context_retriever = ContextRetrievers(func=authentication_reset_password)
|
||||
function = AuthenticationResetPasswordEventMethods.retrieve_event(
|
||||
event_function_code=f"{authentication_reset_password_event.key}"
|
||||
@@ -362,7 +367,7 @@ AuthenticationDownloadAvatarEventMethods = MethodToEvent(
|
||||
)
|
||||
|
||||
|
||||
def authentication_download_avatar():
|
||||
def authentication_download_avatar(request: Request):
|
||||
context_retriever = ContextRetrievers(func=authentication_download_avatar)
|
||||
function = AuthenticationDownloadAvatarEventMethods.retrieve_event(
|
||||
event_function_code=f"{authentication_download_avatar_event.key}"
|
||||
|
||||
@@ -27,7 +27,9 @@ from ApiLayers.Schemas import (
|
||||
Users,
|
||||
UsersTokens,
|
||||
)
|
||||
from Events.base_request_model import ContextRetrievers, TokenDictType
|
||||
from Events.base_request_model import TokenDictType, BaseRouteModel
|
||||
from Services.Redis.Actions.actions import RedisActions
|
||||
from ApiLayers.AllConfigs.Redis.configs import RedisAuthKeys
|
||||
|
||||
|
||||
class Handlers:
|
||||
@@ -211,11 +213,9 @@ class Handlers:
|
||||
)
|
||||
|
||||
|
||||
class AuthenticationFunctions:
|
||||
class AuthenticationFunctions(BaseRouteModel):
|
||||
"""Class for handling authentication functions"""
|
||||
|
||||
context_retriever: Union[ContextRetrievers] = None
|
||||
|
||||
@classmethod # Requires no auth context
|
||||
def authentication_login_with_domain_and_creds(cls, request: Request, data: Any):
|
||||
"""
|
||||
@@ -292,13 +292,13 @@ class AuthenticationFunctions:
|
||||
return EndpointSuccessResponse(
|
||||
code="USER_INFO_REFRESHED", lang=cls.context_retriever.token.lang
|
||||
).as_dict({
|
||||
"access_token": cls.context_retriever.token, "user": found_user.get_dict(),
|
||||
"access_token": cls.context_retriever.get_token, "user": found_user.get_dict(),
|
||||
})
|
||||
if not found_user:
|
||||
return EndpointNotAcceptableResponse(
|
||||
code="USER_NOT_FOUND", lang=cls.context_retriever.token.lang
|
||||
).as_dict(
|
||||
data={"user": found_user.get_dict()}
|
||||
data={}
|
||||
)
|
||||
|
||||
@classmethod # Requires no auth context
|
||||
@@ -315,7 +315,7 @@ class AuthenticationFunctions:
|
||||
return EndpointNotAcceptableResponse(
|
||||
code="USER_NOT_FOUND", lang=cls.context_retriever.token.lang
|
||||
).as_dict(
|
||||
data={"user": found_user.get_dict()}
|
||||
data={}
|
||||
)
|
||||
|
||||
@classmethod # Requires not auth context
|
||||
@@ -349,14 +349,18 @@ class AuthenticationFunctions:
|
||||
return EndpointNotAcceptableResponse(
|
||||
code="USER_NOT_FOUND", lang=cls.context_retriever.token.lang
|
||||
).as_dict(
|
||||
data={"user": found_user.get_dict()}
|
||||
data={}
|
||||
)
|
||||
registered_tokens = UsersTokens.filter_all(
|
||||
UsersTokens.user_id == cls.context_retriever.token.id, db=db
|
||||
UsersTokens.user_id == cls.context_retriever.token.user_id, db=db
|
||||
)
|
||||
if registered_tokens.count:
|
||||
registered_tokens.query.delete()
|
||||
UsersTokens.save(db=db)
|
||||
|
||||
RedisActions.delete(
|
||||
list_keys=[f"{RedisAuthKeys.AUTH}:*:{str(found_user.uu_id)}"]
|
||||
)
|
||||
return EndpointSuccessResponse(
|
||||
code="DISCONNECTED_USER", lang=cls.context_retriever.token.lang
|
||||
).as_dict(data={"user": found_user.get_dict()})
|
||||
@@ -372,23 +376,32 @@ class AuthenticationFunctions:
|
||||
return EndpointNotAcceptableResponse(
|
||||
code="USER_NOT_FOUND", lang=cls.context_retriever.token.lang
|
||||
).as_dict(
|
||||
data={"user": found_user.get_dict()}
|
||||
data={}
|
||||
)
|
||||
registered_tokens = UsersTokens.filter_all_system(
|
||||
UsersTokens.user_id == cls.context_retriever.token.id,
|
||||
UsersTokens.user_id == cls.context_retriever.token.user_id,
|
||||
UsersTokens.domain == cls.context_retriever.token.domain,
|
||||
db=db,
|
||||
)
|
||||
if registered_tokens.count:
|
||||
registered_tokens.query.delete()
|
||||
UsersTokens.save(db=db)
|
||||
TokenService.remove_token_with_domain(user=found_user, domain=data.domain)
|
||||
return EndpointSuccessResponse(
|
||||
code="DISCONNECTED_USER", lang=cls.context_retriever.token.lang
|
||||
code="LOGOUT_USER", lang=cls.context_retriever.token.lang
|
||||
).as_dict(data={"user": found_user.get_dict()})
|
||||
|
||||
@classmethod # Requires not auth context
|
||||
def authentication_refresher_token(cls, data: Any):
|
||||
"""Refresh access token with refresher token"""
|
||||
def authentication_refresher_token(cls, request: Request, data: Any):
|
||||
"""
|
||||
Refresh access token with refresher token
|
||||
{
|
||||
"data": {
|
||||
"refresh_token": "string",
|
||||
"domain": "string"
|
||||
}
|
||||
}
|
||||
"""
|
||||
import arrow
|
||||
from ApiLayers.ApiServices.Token.token_handler import TokenService
|
||||
db = UsersTokens.new_session()
|
||||
@@ -397,15 +410,15 @@ class AuthenticationFunctions:
|
||||
domain=data.domain,
|
||||
db=db,
|
||||
).data
|
||||
language = request.headers.get("evyos-language", "tr")
|
||||
if not token_refresher:
|
||||
return EndpointNotAcceptableResponse(
|
||||
code="REFRESHER_NOT_FOUND", lang=cls.context_retriever.token.lang
|
||||
code="REFRESHER_NOT_FOUND", lang=language
|
||||
).as_dict(
|
||||
data={"refresh_token": data.refresh_token}
|
||||
)
|
||||
|
||||
if found_user := Users.filter_one(Users.id == token_refresher.user_id, db=db).data:
|
||||
request = cls.context_retriever.request
|
||||
token_created = TokenService.set_access_token_to_redis(
|
||||
request=request,
|
||||
user=found_user,
|
||||
@@ -420,9 +433,12 @@ class AuthenticationFunctions:
|
||||
"access_token": token_created.get("access_token"),
|
||||
"refresh_token": data.refresh_token,
|
||||
}
|
||||
return EndpointSuccessResponse(
|
||||
code="TOKEN_REFRESH", lang=cls.context_retriever.token.lang
|
||||
).as_dict(data=response_data)
|
||||
return EndpointSuccessResponse(code="TOKEN_REFRESH", lang=language).as_dict(data=response_data)
|
||||
raise EndpointNotAcceptableResponse(
|
||||
code="USER_NOT_FOUND", lang=language
|
||||
).as_dict(
|
||||
data={}
|
||||
)
|
||||
|
||||
@classmethod # Requires not auth context
|
||||
def authentication_forgot_password(cls, data: Any):
|
||||
@@ -463,7 +479,7 @@ class AuthenticationFunctions:
|
||||
return cls.context_retriever.base
|
||||
|
||||
@classmethod # Requires not auth context
|
||||
def authentication_download_avatar(cls, data: Any):
|
||||
def authentication_download_avatar(cls):
|
||||
"""Download avatar icon and profile info of user"""
|
||||
import arrow
|
||||
db = Users.new_session()
|
||||
@@ -471,19 +487,19 @@ class AuthenticationFunctions:
|
||||
Users.id == cls.context_retriever.token.user_id, db=db
|
||||
).data:
|
||||
expired_starts = str(arrow.now() - arrow.get(str(found_user.expiry_ends)))
|
||||
expired_int = arrow.now() - arrow.get(str(found_user.expiry_ends)).days
|
||||
expired_int = arrow.now().datetime - arrow.get(str(found_user.expiry_ends)).datetime
|
||||
user_info = {
|
||||
"lang": cls.context_retriever.token.lang,
|
||||
"full_name": found_user.person.full_name,
|
||||
"avatar": found_user.avatar,
|
||||
"remember_me": found_user.remember_me,
|
||||
"expiry_ends": str(found_user.expiry_ends),
|
||||
"expired_str": expired_starts,
|
||||
"expired_int": int(expired_int),
|
||||
"expired_humanized": expired_starts,
|
||||
"expired_day": int(expired_int.days) * -1,
|
||||
}
|
||||
return EndpointSuccessResponse(
|
||||
code="USER_AVATAR", lang=cls.context_retriever.token.lang
|
||||
).as_dict(data=user_info)
|
||||
return EndpointNotAcceptableResponse(
|
||||
code="USER_NOT_FOUND", lang=cls.context_retriever.token.lang
|
||||
).as_dict(data={"user": found_user.get_dict()})
|
||||
).as_dict(data={})
|
||||
|
||||
@@ -7,5 +7,5 @@ authentication_page_info = PageInfo(
|
||||
description={"en": "Authentication"},
|
||||
icon="",
|
||||
parent="",
|
||||
url="",
|
||||
url=""
|
||||
)
|
||||
|
||||
@@ -2,9 +2,11 @@ from ApiLayers.ApiValidations.Request import (
|
||||
Login,
|
||||
EmployeeSelection,
|
||||
OccupantSelection,
|
||||
Logout,
|
||||
CreatePassword,
|
||||
ChangePassword,
|
||||
Forgot,
|
||||
Remember,
|
||||
)
|
||||
|
||||
|
||||
@@ -13,6 +15,8 @@ class AuthenticationRequestModels:
|
||||
SelectCompanyOrOccupantTypeSuperUserRequestModel = {
|
||||
"EmployeeSelection": EmployeeSelection, "OccupantSelection": OccupantSelection,
|
||||
}
|
||||
RefresherRequestModel = Remember
|
||||
LogoutRequestModel = Logout
|
||||
|
||||
|
||||
class AuthenticationResponseModels:
|
||||
|
||||
Reference in New Issue
Block a user