[WIP] Improved basics of api #70
This commit is contained in:
parent
6f95d0a055
commit
e0844a7f92
@ -4,6 +4,7 @@ from cpl_core.dependency_injection import ServiceCollectionABC
|
|||||||
from cpl_core.environment import ApplicationEnvironmentABC
|
from cpl_core.environment import ApplicationEnvironmentABC
|
||||||
|
|
||||||
from bot_data.abc.migration_abc import MigrationABC
|
from bot_data.abc.migration_abc import MigrationABC
|
||||||
|
from bot_data.migration.api_migration import ApiMigration
|
||||||
from bot_data.migration.auto_role_migration import AutoRoleMigration
|
from bot_data.migration.auto_role_migration import AutoRoleMigration
|
||||||
from bot_data.migration.initial_migration import InitialMigration
|
from bot_data.migration.initial_migration import InitialMigration
|
||||||
from bot_data.service.migration_service import MigrationService
|
from bot_data.service.migration_service import MigrationService
|
||||||
@ -21,3 +22,4 @@ class StartupMigrationExtension(StartupExtensionABC):
|
|||||||
services.add_transient(MigrationService)
|
services.add_transient(MigrationService)
|
||||||
services.add_transient(MigrationABC, InitialMigration)
|
services.add_transient(MigrationABC, InitialMigration)
|
||||||
services.add_transient(MigrationABC, AutoRoleMigration) # 03.10.2022 #54 - 0.2.2
|
services.add_transient(MigrationABC, AutoRoleMigration) # 03.10.2022 #54 - 0.2.2
|
||||||
|
services.add_transient(MigrationABC, ApiMigration) # 15.10.2022 #70 - 0.3.0
|
||||||
|
@ -1,13 +1,16 @@
|
|||||||
|
import json
|
||||||
import sys
|
import sys
|
||||||
|
import uuid
|
||||||
from functools import partial
|
from functools import partial
|
||||||
|
|
||||||
from blinker import Namespace
|
|
||||||
from cpl_core.dependency_injection import ServiceProviderABC
|
from cpl_core.dependency_injection import ServiceProviderABC
|
||||||
from flask import Flask, request
|
from flask import Flask, request, jsonify, Response, make_response
|
||||||
from flask_cors import CORS
|
from flask_cors import CORS
|
||||||
|
|
||||||
from bot_api.configuration.api_settings import ApiSettings
|
from bot_api.configuration.api_settings import ApiSettings
|
||||||
|
from bot_api.exception.service_exception import ServiceException
|
||||||
from bot_api.logging.api_logger import ApiLogger
|
from bot_api.logging.api_logger import ApiLogger
|
||||||
|
from bot_api.model.error_dto import ErrorDTO
|
||||||
from bot_api.route.route import Route
|
from bot_api.route.route import Route
|
||||||
|
|
||||||
|
|
||||||
@ -33,8 +36,8 @@ class Api(Flask):
|
|||||||
|
|
||||||
# register before request
|
# register before request
|
||||||
self.before_request_funcs.setdefault(None, []).append(self.before_request)
|
self.before_request_funcs.setdefault(None, []).append(self.before_request)
|
||||||
my_signals = Namespace()
|
exc_class, code = self._get_exc_class_and_code(Exception)
|
||||||
notify = my_signals.signal('notify')
|
self.error_handler_spec[None][code][exc_class] = self.handle_exception
|
||||||
|
|
||||||
def _register_routes(self):
|
def _register_routes(self):
|
||||||
for path, f in Route.registered_routes.items():
|
for path, f in Route.registered_routes.items():
|
||||||
@ -50,6 +53,21 @@ class Api(Flask):
|
|||||||
partial_f.__name__ = route.__name__
|
partial_f.__name__ = route.__name__
|
||||||
self.route(path, **kwargs)(partial_f)
|
self.route(path, **kwargs)(partial_f)
|
||||||
|
|
||||||
|
def handle_exception(self, e: Exception):
|
||||||
|
self._logger.error(__name__, f'Caught error', e)
|
||||||
|
|
||||||
|
if isinstance(e, ServiceException):
|
||||||
|
ex: ServiceException = e
|
||||||
|
self._logger.error(__name__, ex.get_detailed_message())
|
||||||
|
error = ErrorDTO(ex.error_code, ex.message)
|
||||||
|
return jsonify(error.to_dict()), 500
|
||||||
|
else:
|
||||||
|
tracking_id = uuid.uuid4()
|
||||||
|
user_message = f'Tracking Id: {tracking_id}'
|
||||||
|
self._logger.error(__name__, user_message, e)
|
||||||
|
error = ErrorDTO(None, user_message)
|
||||||
|
return jsonify(error.to_dict()), 400
|
||||||
|
|
||||||
def before_request(self, *args, **kwargs):
|
def before_request(self, *args, **kwargs):
|
||||||
self._logger.debug(__name__, f'Received GET @{request.url}')
|
self._logger.debug(__name__, f'Received GET @{request.url}')
|
||||||
headers = str(request.headers).replace("\n", "\n\t")
|
headers = str(request.headers).replace("\n", "\n\t")
|
||||||
|
0
src/bot_api/exception/__init__.py
Normal file
0
src/bot_api/exception/__init__.py
Normal file
19
src/bot_api/exception/service_error_code_enum.py
Normal file
19
src/bot_api/exception/service_error_code_enum.py
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
from enum import Enum
|
||||||
|
|
||||||
|
|
||||||
|
class ServiceErrorCode(Enum):
|
||||||
|
|
||||||
|
Unknown = 0
|
||||||
|
|
||||||
|
InvalidDependencies = 1
|
||||||
|
InvalidData = 2
|
||||||
|
NotFound = 3
|
||||||
|
DataAlreadyExists = 4
|
||||||
|
UnableToAdd = 5
|
||||||
|
UnableToDelete = 6
|
||||||
|
|
||||||
|
InvalidUser = 7
|
||||||
|
|
||||||
|
ConnectionFailed = 8
|
||||||
|
Timeout = 9
|
||||||
|
MailError = 10
|
13
src/bot_api/exception/service_exception.py
Normal file
13
src/bot_api/exception/service_exception.py
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
from bot_api.exception.service_error_code_enum import ServiceErrorCode
|
||||||
|
|
||||||
|
|
||||||
|
class ServiceException(Exception):
|
||||||
|
|
||||||
|
def __init__(self, error_code: ServiceErrorCode, message: str, *args):
|
||||||
|
Exception.__init__(self, *args)
|
||||||
|
|
||||||
|
self.error_code = error_code
|
||||||
|
self.message = message
|
||||||
|
|
||||||
|
def get_detailed_message(self) -> str:
|
||||||
|
return f'ServiceException - ErrorCode: {self.error_code} - ErrorMessage: {self.message}'
|
34
src/bot_api/model/error_dto.py
Normal file
34
src/bot_api/model/error_dto.py
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
import traceback
|
||||||
|
from typing import Optional
|
||||||
|
|
||||||
|
from cpl_core.console import Console
|
||||||
|
|
||||||
|
from bot_api.abc.dto_abc import DtoABC
|
||||||
|
from bot_api.exception.service_error_code_enum import ServiceErrorCode
|
||||||
|
|
||||||
|
|
||||||
|
class ErrorDTO(DtoABC):
|
||||||
|
|
||||||
|
def __init__(self, error_code: Optional[ServiceErrorCode], message: str):
|
||||||
|
DtoABC.__init__(self)
|
||||||
|
|
||||||
|
self._error_code = ServiceErrorCode.Unknown if error_code is None else error_code
|
||||||
|
self._message = message
|
||||||
|
|
||||||
|
@property
|
||||||
|
def error_code(self) -> ServiceErrorCode:
|
||||||
|
return self._error_code
|
||||||
|
|
||||||
|
@property
|
||||||
|
def message(self) -> str:
|
||||||
|
return self._message
|
||||||
|
|
||||||
|
def from_dict(self, values: dict):
|
||||||
|
self._error_code = values['ErrorCode']
|
||||||
|
self._message = values['Message']
|
||||||
|
|
||||||
|
def to_dict(self) -> dict:
|
||||||
|
return {
|
||||||
|
'ErrorCode': int(self._error_code.value),
|
||||||
|
'Message': self._message
|
||||||
|
}
|
@ -1,3 +1,6 @@
|
|||||||
|
from flask_cors import cross_origin
|
||||||
|
|
||||||
|
|
||||||
class Route:
|
class Route:
|
||||||
registered_routes = {}
|
registered_routes = {}
|
||||||
|
|
||||||
@ -5,6 +8,7 @@ class Route:
|
|||||||
def route(cls, path=None, **kwargs):
|
def route(cls, path=None, **kwargs):
|
||||||
# simple decorator for class based views
|
# simple decorator for class based views
|
||||||
def inner(fn):
|
def inner(fn):
|
||||||
|
cross_origin(fn)
|
||||||
cls.registered_routes[path] = (fn, kwargs)
|
cls.registered_routes[path] = (fn, kwargs)
|
||||||
return fn
|
return fn
|
||||||
|
|
||||||
|
@ -13,6 +13,8 @@ from cpl_translation import TranslatePipe
|
|||||||
from bot_api.abc.auth_service_abc import AuthServiceABC
|
from bot_api.abc.auth_service_abc import AuthServiceABC
|
||||||
from bot_api.configuration.authentication_settings import AuthenticationSettings
|
from bot_api.configuration.authentication_settings import AuthenticationSettings
|
||||||
from bot_api.configuration.frontend_settings import FrontendSettings
|
from bot_api.configuration.frontend_settings import FrontendSettings
|
||||||
|
from bot_api.exception.service_error_code_enum import ServiceErrorCode
|
||||||
|
from bot_api.exception.service_exception import ServiceException
|
||||||
from bot_api.filter.auth_user_select_criteria import AuthUserSelectCriteria
|
from bot_api.filter.auth_user_select_criteria import AuthUserSelectCriteria
|
||||||
from bot_api.logging.api_logger import ApiLogger
|
from bot_api.logging.api_logger import ApiLogger
|
||||||
from bot_api.model.auth_user_dto import AuthUserDTO
|
from bot_api.model.auth_user_dto import AuthUserDTO
|
||||||
@ -131,7 +133,7 @@ class AuthService(AuthServiceABC):
|
|||||||
return user
|
return user
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self._logger.error(__name__, f'AuthUser not found', e)
|
self._logger.error(__name__, f'AuthUser not found', e)
|
||||||
raise Exception(f'User not found {email}')
|
raise ServiceException(ServiceErrorCode.InvalidData, f'User not found {email}')
|
||||||
|
|
||||||
async def find_auth_user_by_email_async(self, email: str) -> Optional[AuthUser]:
|
async def find_auth_user_by_email_async(self, email: str) -> Optional[AuthUser]:
|
||||||
user = self._auth_users.find_auth_user_by_email(email)
|
user = self._auth_users.find_auth_user_by_email(email)
|
||||||
@ -140,12 +142,12 @@ class AuthService(AuthServiceABC):
|
|||||||
async def add_auth_user_async(self, user_dto: AuthUserDTO):
|
async def add_auth_user_async(self, user_dto: AuthUserDTO):
|
||||||
db_user = self._auth_users.find_auth_user_by_email(user_dto.email)
|
db_user = self._auth_users.find_auth_user_by_email(user_dto.email)
|
||||||
if db_user is not None:
|
if db_user is not None:
|
||||||
raise Exception('User already exists')
|
raise ServiceException(ServiceErrorCode.InvalidUser, 'User already exists')
|
||||||
|
|
||||||
user_dto.password = self._hash_sha256(user_dto.password)
|
user_dto.password = self._hash_sha256(user_dto.password)
|
||||||
user = AUT.to_db(user_dto)
|
user = AUT.to_db(user_dto)
|
||||||
if not self._is_email_valid(user.email):
|
if not self._is_email_valid(user.email):
|
||||||
raise Exception('Invalid E-Mail address')
|
raise ServiceException(ServiceErrorCode.InvalidData, 'Invalid E-Mail address')
|
||||||
|
|
||||||
try:
|
try:
|
||||||
user.confirmation_id = uuid.uuid4()
|
user.confirmation_id = uuid.uuid4()
|
||||||
@ -155,26 +157,27 @@ class AuthService(AuthServiceABC):
|
|||||||
self._logger.info(__name__, f'Added auth user with E-Mail: {user_dto.email}')
|
self._logger.info(__name__, f'Added auth user with E-Mail: {user_dto.email}')
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self._logger.error(__name__, f'Cannot add user with E-Mal {user_dto.email}', e)
|
self._logger.error(__name__, f'Cannot add user with E-Mal {user_dto.email}', e)
|
||||||
|
raise ServiceException(ServiceErrorCode.UnableToAdd, "Invalid E-Mail")
|
||||||
|
|
||||||
async def update_user_async(self, update_user_dto: UpdateAuthUserDTO):
|
async def update_user_async(self, update_user_dto: UpdateAuthUserDTO):
|
||||||
if update_user_dto is None:
|
if update_user_dto is None:
|
||||||
raise Exception(f'User is empty')
|
raise ServiceException(ServiceErrorCode.InvalidData, f'User is empty')
|
||||||
|
|
||||||
if update_user_dto.auth_user is None:
|
if update_user_dto.auth_user is None:
|
||||||
raise Exception(f'Existing user is empty')
|
raise ServiceException(ServiceErrorCode.InvalidData, f'Existing user is empty')
|
||||||
|
|
||||||
if update_user_dto.new_auth_user is None:
|
if update_user_dto.new_auth_user is None:
|
||||||
raise Exception(f'New user is empty')
|
raise ServiceException(ServiceErrorCode.InvalidData, f'New user is empty')
|
||||||
|
|
||||||
if not self._is_email_valid(update_user_dto.auth_user.email) or not self._is_email_valid(update_user_dto.new_auth_user.email):
|
if not self._is_email_valid(update_user_dto.auth_user.email) or not self._is_email_valid(update_user_dto.new_auth_user.email):
|
||||||
raise Exception(f'Invalid E-Mail')
|
raise ServiceException(ServiceErrorCode.InvalidData, f'Invalid E-Mail')
|
||||||
|
|
||||||
user = self._auth_users.find_auth_user_by_email(update_user_dto.auth_user.email)
|
user = self._auth_users.find_auth_user_by_email(update_user_dto.auth_user.email)
|
||||||
if user is None:
|
if user is None:
|
||||||
raise Exception('User not found')
|
raise ServiceException(ServiceErrorCode.InvalidUser, 'User not found')
|
||||||
|
|
||||||
if user.confirmation_id is not None:
|
if user.confirmation_id is not None:
|
||||||
raise Exception('E-Mail not confirmed')
|
raise ServiceException(ServiceErrorCode.InvalidUser, 'E-Mail not confirmed')
|
||||||
|
|
||||||
# update first name
|
# update first name
|
||||||
if update_user_dto.new_auth_user.first_name is not None and update_user_dto.auth_user.first_name != update_user_dto.new_auth_user.first_name:
|
if update_user_dto.new_auth_user.first_name is not None and update_user_dto.auth_user.first_name != update_user_dto.new_auth_user.first_name:
|
||||||
@ -189,7 +192,7 @@ class AuthService(AuthServiceABC):
|
|||||||
if update_user_dto.new_auth_user.email is not None and update_user_dto.new_auth_user.email != '' and update_user_dto.auth_user.email != update_user_dto.new_auth_user.email:
|
if update_user_dto.new_auth_user.email is not None and update_user_dto.new_auth_user.email != '' and update_user_dto.auth_user.email != update_user_dto.new_auth_user.email:
|
||||||
user_by_new_e_mail = self._auth_users.find_auth_user_by_email(update_user_dto.new_auth_user.email)
|
user_by_new_e_mail = self._auth_users.find_auth_user_by_email(update_user_dto.new_auth_user.email)
|
||||||
if user_by_new_e_mail is not None:
|
if user_by_new_e_mail is not None:
|
||||||
raise Exception('User already exists')
|
raise ServiceException(ServiceErrorCode.InvalidUser, 'User already exists')
|
||||||
user.email = update_user_dto.new_auth_user.email
|
user.email = update_user_dto.new_auth_user.email
|
||||||
|
|
||||||
is_existing_password_set = False
|
is_existing_password_set = False
|
||||||
@ -200,7 +203,7 @@ class AuthService(AuthServiceABC):
|
|||||||
update_user_dto.auth_user.Password = self._hash_sha256(update_user_dto.auth_user.Password)
|
update_user_dto.auth_user.Password = self._hash_sha256(update_user_dto.auth_user.Password)
|
||||||
|
|
||||||
if update_user_dto.auth_user.Password != user.Password:
|
if update_user_dto.auth_user.Password != user.Password:
|
||||||
raise Exception('Wrong password')
|
raise ServiceException(ServiceErrorCode.InvalidUser, 'Wrong password')
|
||||||
|
|
||||||
if update_user_dto.new_auth_user.Password is not None and update_user_dto.new_auth_user.Password != '':
|
if update_user_dto.new_auth_user.Password is not None and update_user_dto.new_auth_user.Password != '':
|
||||||
is_new_password_set = True
|
is_new_password_set = True
|
||||||
@ -214,27 +217,27 @@ class AuthService(AuthServiceABC):
|
|||||||
|
|
||||||
async def update_user_as_admin_async(self, update_user_dto: UpdateAuthUserDTO):
|
async def update_user_as_admin_async(self, update_user_dto: UpdateAuthUserDTO):
|
||||||
if update_user_dto is None:
|
if update_user_dto is None:
|
||||||
raise Exception(f'User is empty')
|
raise ServiceException(ServiceErrorCode.InvalidData, f'User is empty')
|
||||||
|
|
||||||
if update_user_dto.auth_user is None:
|
if update_user_dto.auth_user is None:
|
||||||
raise Exception(f'Existing user is empty')
|
raise ServiceException(ServiceErrorCode.InvalidData, f'Existing user is empty')
|
||||||
|
|
||||||
if update_user_dto.new_auth_user is None:
|
if update_user_dto.new_auth_user is None:
|
||||||
raise Exception(f'New user is empty')
|
raise ServiceException(ServiceErrorCode.InvalidData, f'New user is empty')
|
||||||
|
|
||||||
if not self._is_email_valid(update_user_dto.auth_user.email) or not self._is_email_valid(update_user_dto.new_auth_user.email):
|
if not self._is_email_valid(update_user_dto.auth_user.email) or not self._is_email_valid(update_user_dto.new_auth_user.email):
|
||||||
raise Exception(f'Invalid E-Mail')
|
raise ServiceException(ServiceErrorCode.InvalidData, f'Invalid E-Mail')
|
||||||
|
|
||||||
user = self._auth_users.find_auth_user_by_email(update_user_dto.auth_user.email)
|
user = self._auth_users.find_auth_user_by_email(update_user_dto.auth_user.email)
|
||||||
if user is None:
|
if user is None:
|
||||||
raise Exception('User not found')
|
raise ServiceException(ServiceErrorCode.InvalidUser, 'User not found')
|
||||||
|
|
||||||
if user.ConfirmationId is not None and update_user_dto.new_auth_user.is_confirmed:
|
if user.ConfirmationId is not None and update_user_dto.new_auth_user.is_confirmed:
|
||||||
user.ConfirmationId = None
|
user.ConfirmationId = None
|
||||||
elif user.ConfirmationId is None and not update_user_dto.new_auth_user.is_confirmed:
|
elif user.ConfirmationId is None and not update_user_dto.new_auth_user.is_confirmed:
|
||||||
user.confirmation_id = uuid.uuid4()
|
user.confirmation_id = uuid.uuid4()
|
||||||
# else
|
# else
|
||||||
# raise Exception(ServiceErrorCode.InvalidUser, 'E-Mail not confirmed')
|
# raise ServiceException(ServiceErrorCode.InvalidUser, 'E-Mail not confirmed')
|
||||||
|
|
||||||
# update first name
|
# update first name
|
||||||
if update_user_dto.new_auth_user.first_name is not None and update_user_dto.auth_user.first_name != update_user_dto.new_auth_user.first_name:
|
if update_user_dto.new_auth_user.first_name is not None and update_user_dto.auth_user.first_name != update_user_dto.new_auth_user.first_name:
|
||||||
@ -248,7 +251,7 @@ class AuthService(AuthServiceABC):
|
|||||||
if update_user_dto.new_auth_user.email is not None and update_user_dto.new_auth_user.email != '' and update_user_dto.auth_user.email != update_user_dto.new_auth_user.email:
|
if update_user_dto.new_auth_user.email is not None and update_user_dto.new_auth_user.email != '' and update_user_dto.auth_user.email != update_user_dto.new_auth_user.email:
|
||||||
user_by_new_e_mail = self._auth_users.find_auth_user_by_email(update_user_dto.new_auth_user.email)
|
user_by_new_e_mail = self._auth_users.find_auth_user_by_email(update_user_dto.new_auth_user.email)
|
||||||
if user_by_new_e_mail is not None:
|
if user_by_new_e_mail is not None:
|
||||||
raise Exception('User already exists')
|
raise ServiceException(ServiceErrorCode.InvalidUser, 'User already exists')
|
||||||
user.EMail = update_user_dto.new_auth_user.email
|
user.EMail = update_user_dto.new_auth_user.email
|
||||||
|
|
||||||
# update password
|
# update password
|
||||||
@ -268,7 +271,7 @@ class AuthService(AuthServiceABC):
|
|||||||
self._db.save_changes()
|
self._db.save_changes()
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self._logger.error(__name__, f'Cannot delete user', e)
|
self._logger.error(__name__, f'Cannot delete user', e)
|
||||||
raise Exception(f'Cannot delete user by mail {email}')
|
raise ServiceException(ServiceErrorCode.UnableToDelete, f'Cannot delete user by mail {email}')
|
||||||
|
|
||||||
async def delete_auth_user_async(self, user_dto: AuthUserDTO):
|
async def delete_auth_user_async(self, user_dto: AuthUserDTO):
|
||||||
try:
|
try:
|
||||||
@ -276,21 +279,21 @@ class AuthService(AuthServiceABC):
|
|||||||
self._db.save_changes()
|
self._db.save_changes()
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self._logger.error(__name__, f'Cannot delete user', e)
|
self._logger.error(__name__, f'Cannot delete user', e)
|
||||||
raise Exception(f'Cannot delete user by mail {user_dto.email}')
|
raise ServiceException(ServiceErrorCode.UnableToDelete, f'Cannot delete user by mail {user_dto.email}')
|
||||||
|
|
||||||
async def login_async(self, user_dto: AuthUserDTO) -> TokenDTO:
|
async def login_async(self, user_dto: AuthUserDTO) -> TokenDTO:
|
||||||
if user_dto is None:
|
if user_dto is None:
|
||||||
raise Exception('User not set')
|
raise ServiceException(ServiceErrorCode.InvalidData, 'User not set')
|
||||||
|
|
||||||
db_user = self._auth_users.find_auth_user_by_email(user_dto.email)
|
db_user = self._auth_users.find_auth_user_by_email(user_dto.email)
|
||||||
if db_user is None:
|
if db_user is None:
|
||||||
raise Exception(f'User with E-Mail {user_dto.email} not found')
|
raise ServiceException(ServiceErrorCode.InvalidUser, f'User not found')
|
||||||
|
|
||||||
user_dto.password = self._hash_sha256(user_dto.password)
|
user_dto.password = self._hash_sha256(user_dto.password)
|
||||||
if db_user.password != user_dto.password:
|
if db_user.password != user_dto.password:
|
||||||
raise Exception('Wrong password')
|
raise ServiceException(ServiceErrorCode.InvalidUser, 'Wrong password')
|
||||||
|
|
||||||
token = self._generate_token(user_dto)
|
token = self._generate_token(db_user)
|
||||||
refresh_token = self._create_and_save_refresh_token(db_user)
|
refresh_token = self._create_and_save_refresh_token(db_user)
|
||||||
if db_user.forgot_password_id is not None:
|
if db_user.forgot_password_id is not None:
|
||||||
db_user.forgot_password_id = None
|
db_user.forgot_password_id = None
|
||||||
@ -300,16 +303,16 @@ class AuthService(AuthServiceABC):
|
|||||||
|
|
||||||
async def refresh_async(self, token_dto: TokenDTO) -> TokenDTO:
|
async def refresh_async(self, token_dto: TokenDTO) -> TokenDTO:
|
||||||
if token_dto is None:
|
if token_dto is None:
|
||||||
raise Exception(f'Token not set')
|
raise ServiceException(ServiceErrorCode.InvalidData, f'Token not set')
|
||||||
|
|
||||||
token = jwt.decode(token_dto.token, key=self._auth_settings.secret_key)
|
token = jwt.decode(token_dto.token, key=self._auth_settings.secret_key)
|
||||||
if token is None or 'email' not in token:
|
if token is None or 'email' not in token:
|
||||||
raise Exception('Token invalid')
|
raise ServiceException(ServiceErrorCode.InvalidData, 'Token invalid')
|
||||||
|
|
||||||
try:
|
try:
|
||||||
user = self._auth_users.get_auth_user_by_email(token)
|
user = self._auth_users.get_auth_user_by_email(token)
|
||||||
if user is None or user.refresh_token != token_dto.refresh_token or user.refresh_token_expire_time <= datetime.now():
|
if user is None or user.refresh_token != token_dto.refresh_token or user.refresh_token_expire_time <= datetime.now():
|
||||||
raise Exception('Token expired')
|
raise ServiceException(ServiceErrorCode.InvalidData, 'Token expired')
|
||||||
|
|
||||||
return TokenDTO(self._generate_token(user), self._create_and_save_refresh_token(user))
|
return TokenDTO(self._generate_token(user), self._create_and_save_refresh_token(user))
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
@ -318,13 +321,13 @@ class AuthService(AuthServiceABC):
|
|||||||
|
|
||||||
async def revoke_async(self, token_dto: TokenDTO):
|
async def revoke_async(self, token_dto: TokenDTO):
|
||||||
if token_dto is None or token_dto.token is None or token_dto.refresh_token is None:
|
if token_dto is None or token_dto.token is None or token_dto.refresh_token is None:
|
||||||
raise Exception('Token not set')
|
raise ServiceException(ServiceErrorCode.InvalidData, 'Token not set')
|
||||||
|
|
||||||
token = jwt.decode(token_dto.token, key=self._auth_settings.secret_key)
|
token = jwt.decode(token_dto.token, key=self._auth_settings.secret_key)
|
||||||
try:
|
try:
|
||||||
user = self._auth_users.get_auth_user_by_email(token)
|
user = self._auth_users.get_auth_user_by_email(token)
|
||||||
if user is None or user.refresh_token != token_dto.refresh_token or user.refresh_token_expire_time <= datetime.now():
|
if user is None or user.refresh_token != token_dto.refresh_token or user.refresh_token_expire_time <= datetime.now():
|
||||||
raise Exception('Token expired')
|
raise ServiceException(ServiceErrorCode.InvalidData, 'Token expired')
|
||||||
|
|
||||||
user.refresh_token = None
|
user.refresh_token = None
|
||||||
self._auth_users.update_auth_user(user)
|
self._auth_users.update_auth_user(user)
|
||||||
@ -359,13 +362,13 @@ class AuthService(AuthServiceABC):
|
|||||||
async def reset_password_async(self, rp_dto: ResetPasswordDTO):
|
async def reset_password_async(self, rp_dto: ResetPasswordDTO):
|
||||||
user = self._auth_users.find_auth_user_by_forgot_password_id(rp_dto.id)
|
user = self._auth_users.find_auth_user_by_forgot_password_id(rp_dto.id)
|
||||||
if user is None:
|
if user is None:
|
||||||
raise Exception(f'User by forgot password id {rp_dto.id} not found')
|
raise ServiceException(ServiceErrorCode.InvalidUser, f'User by forgot password id {rp_dto.id} not found')
|
||||||
|
|
||||||
if user.confirmation_id is not None:
|
if user.confirmation_id is not None:
|
||||||
raise Exception(f'E-Mail not confirmed')
|
raise ServiceException(ServiceErrorCode.InvalidUser, f'E-Mail not confirmed')
|
||||||
|
|
||||||
if user.password is None or rp_dto.password == '':
|
if user.password is None or rp_dto.password == '':
|
||||||
raise Exception(f'Password not set')
|
raise ServiceException(ServiceErrorCode.InvalidData, f'Password not set')
|
||||||
|
|
||||||
user.password = self._hash_sha256(rp_dto.password)
|
user.password = self._hash_sha256(rp_dto.password)
|
||||||
self._db.save_changes()
|
self._db.save_changes()
|
||||||
|
@ -27,9 +27,9 @@ class ApiMigration(MigrationABC):
|
|||||||
`ConfirmationId` varchar(255) DEFAULT NULL,
|
`ConfirmationId` varchar(255) DEFAULT NULL,
|
||||||
`ForgotPasswordId` varchar(255) DEFAULT NULL,
|
`ForgotPasswordId` varchar(255) DEFAULT NULL,
|
||||||
`RefreshTokenExpiryTime` datetime(6) NOT NULL,
|
`RefreshTokenExpiryTime` datetime(6) NOT NULL,
|
||||||
`AuthRole` int NOT NULL DEFAULT '0'
|
`AuthRole` int NOT NULL DEFAULT '0',
|
||||||
`CreatedOn` datetime(6) NOT NULL,
|
`CreatedOn` datetime(6) NOT NULL,
|
||||||
`LastModifiedOn` datetime(6) NOT NULL,
|
`LastModifiedOn` datetime(6) NOT NULL
|
||||||
)
|
)
|
||||||
""")
|
""")
|
||||||
)
|
)
|
||||||
|
@ -132,21 +132,21 @@ class AuthUser(TableABC):
|
|||||||
def get_select_by_email_string(email: str) -> str:
|
def get_select_by_email_string(email: str) -> str:
|
||||||
return str(f"""
|
return str(f"""
|
||||||
SELECT * FROM `AuthUsers`
|
SELECT * FROM `AuthUsers`
|
||||||
WHERE `EMail` = {email};
|
WHERE `EMail` = '{email}';
|
||||||
""")
|
""")
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def get_select_by_confirmation_id_string(id: str) -> str:
|
def get_select_by_confirmation_id_string(id: str) -> str:
|
||||||
return str(f"""
|
return str(f"""
|
||||||
SELECT * FROM `AuthUsers`
|
SELECT * FROM `AuthUsers`
|
||||||
WHERE `ConfirmationId` = {id};
|
WHERE `ConfirmationId` = '{id}';
|
||||||
""")
|
""")
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def get_select_by_forgot_password_i_string(id: str) -> str:
|
def get_select_by_forgot_password_i_string(id: str) -> str:
|
||||||
return str(f"""
|
return str(f"""
|
||||||
SELECT * FROM `AuthUsers`
|
SELECT * FROM `AuthUsers`
|
||||||
WHERE `ForgotPasswordId` = {id};
|
WHERE `ForgotPasswordId` = '{id}';
|
||||||
""")
|
""")
|
||||||
|
|
||||||
@property
|
@property
|
||||||
@ -167,17 +167,17 @@ class AuthUser(TableABC):
|
|||||||
`LastModifiedOn`
|
`LastModifiedOn`
|
||||||
) VALUES (
|
) VALUES (
|
||||||
{self._auth_user_id},
|
{self._auth_user_id},
|
||||||
{self._first_name},
|
'{self._first_name}',
|
||||||
{self._last_name},
|
'{self._last_name}',
|
||||||
{self._email},
|
'{self._email}',
|
||||||
{self._password},
|
'{self._password}',
|
||||||
{self._refresh_token},
|
'{self._refresh_token}',
|
||||||
{self._confirmation_id},
|
'{self._confirmation_id}',
|
||||||
{self._forgot_password_id},
|
'{self._forgot_password_id}',
|
||||||
{self._refresh_token_expire_time},
|
'{self._refresh_token_expire_time}',
|
||||||
{self._auth_role_id.value}
|
{self._auth_role_id.value},
|
||||||
{self._created_at},
|
'{self._created_at}',
|
||||||
{self._modified_at}
|
'{self._modified_at}'
|
||||||
)
|
)
|
||||||
""")
|
""")
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user