events and auth updated

2024-11-13 13:11:56 +03:00
parent 5fa183c12e
commit 934c7bc845
7 changed files with 29 additions and 26 deletions
--- a/api_services/redis/auth_actions/token.py
+++ b/api_services/redis/auth_actions/token.py
@@ -6,9 +6,12 @@ def parse_token_object_to_dict(request):  # from requests import Request

    from api_services.redis.functions import get_object_via_access_key
    from databases import EndpointRestriction, Events
+    from api_configs.configs import Config

    if valid_token := get_object_via_access_key(request=request):
        endpoint_name = str(request.url).replace(str(request.base_url), "/")
+        if str(endpoint_name) in Config.INSECURE_PATHS:
+            return valid_token
        endpoint_active = EndpointRestriction.filter_one(
            EndpointRestriction.endpoint_name.ilike(f"%{endpoint_name}%"),
            *EndpointRestriction.valid_record_args(EndpointRestriction),
@@ -18,24 +21,22 @@ def parse_token_object_to_dict(request):  # from requests import Request
                status_code=status.HTTP_401_UNAUTHORIZED,
                detail=f"This endpoint {endpoint_name} is not active for this user, please contact your responsible company for further information.",
            )
-
        if valid_token.user_type == 1:
            if not valid_token.selected_company:
                raise HTTPException(
                    status_code=status.HTTP_418_IM_A_TEAPOT,
                    detail="Selected company is not found in the token object.",
                )
-            selected_event = Events.filter_all(
+            selected_event = Events.filter_one(
                Events.endpoint_id == endpoint_active.id,
                Events.id.in_(valid_token.selected_company.reachable_event_list_id),
                *Events.valid_record_args(Events),
-            )
-            if not selected_event.data:
+            ).data
+            if not selected_event:
                raise HTTPException(
                    status_code=status.HTTP_401_UNAUTHORIZED,
                    detail="This endpoint requires event validation. Please contact your responsible company to use this event.",
                )
-            selected_event = selected_event.data[0]
            event_function_class = getattr(selected_event, "function_class", None)
            event_function_code = getattr(selected_event, "function_code", None)
            function_class = getattr(events, event_function_class, None)