diff --git a/kdb-bot/src/bot_api/app_api_extension.py b/kdb-bot/src/bot_api/app_api_extension.py index 91075b3d..ea9fda56 100644 --- a/kdb-bot/src/bot_api/app_api_extension.py +++ b/kdb-bot/src/bot_api/app_api_extension.py @@ -2,12 +2,9 @@ from cpl_core.application import ApplicationExtensionABC from cpl_core.configuration import ConfigurationABC from cpl_core.dependency_injection import ServiceProviderABC -from bot_api.abc.auth_service_abc import AuthServiceABC -from bot_api.configuration.authentication_settings import AuthenticationSettings from bot_api.route.route import Route from bot_core.configuration.feature_flags_enum import FeatureFlagsEnum from bot_core.configuration.feature_flags_settings import FeatureFlagsSettings -from bot_data.abc.auth_user_repository_abc import AuthUserRepositoryABC class AppApiExtension(ApplicationExtensionABC): @@ -19,7 +16,4 @@ class AppApiExtension(ApplicationExtensionABC): if not feature_flags.get_flag(FeatureFlagsEnum.api_module): return - auth_settings: AuthenticationSettings = config.get_configuration(AuthenticationSettings) - auth_users: AuthUserRepositoryABC = services.get_service(AuthUserRepositoryABC) - auth: AuthServiceABC = services.get_service(AuthServiceABC) - Route.init_authorize(auth_users, auth) + Route.init_authorize() diff --git a/kdb-bot/src/bot_api/controller/grahpql_controller.py b/kdb-bot/src/bot_api/controller/grahpql_controller.py index cc5e4c7c..1cbc9877 100644 --- a/kdb-bot/src/bot_api/controller/grahpql_controller.py +++ b/kdb-bot/src/bot_api/controller/grahpql_controller.py @@ -25,10 +25,15 @@ class GraphQLController: self._schema = schema @Route.get(f"{BasePath}/playground") + @Route.authorize(skip_in_dev=True) async def playground(self): + if self._env.environment_name != "development": + return "", 403 + return PLAYGROUND_HTML, 200 @Route.post(f"{BasePath}") + @Route.authorize async def graphql(self): data = request.get_json() diff --git a/kdb-bot/src/bot_api/route/route.py b/kdb-bot/src/bot_api/route/route.py index 63c01016..f437fdb6 100644 --- a/kdb-bot/src/bot_api/route/route.py +++ b/kdb-bot/src/bot_api/route/route.py @@ -2,6 +2,8 @@ import functools from functools import wraps from typing import Optional, Callable +from cpl_core.dependency_injection import ServiceProviderABC +from cpl_core.environment import ApplicationEnvironmentABC from flask import request, jsonify from flask_cors import cross_origin @@ -18,19 +20,25 @@ class Route: _auth_users: Optional[AuthUserRepositoryABC] = None _auth: Optional[AuthServiceABC] = None + _env = "production" @classmethod - def init_authorize(cls, auth_users: AuthUserRepositoryABC, auth: AuthServiceABC): + @ServiceProviderABC.inject + def init_authorize(cls, env: ApplicationEnvironmentABC, auth_users: AuthUserRepositoryABC, auth: AuthServiceABC): cls._auth_users = auth_users cls._auth = auth + cls._env = env.environment_name @classmethod - def authorize(cls, f: Callable = None, role: AuthRoleEnum = None): + def authorize(cls, f: Callable = None, role: AuthRoleEnum = None, skip_in_dev=False): if f is None: - return functools.partial(cls.authorize, role=role) + return functools.partial(cls.authorize, role=role, skip_in_dev=skip_in_dev) @wraps(f) async def decorator(*args, **kwargs): + if skip_in_dev and cls._env == "development": + return await f(*args, **kwargs) + token = None if "Authorization" in request.headers: bearer = request.headers.get("Authorization")