kdb-bot/src/bot_graphql/model/userJoinedGameServer.gql

@@ -24,6 +24,5 @@ type UserJoinedGameServerMutation {
 }
 
 input UserJoinedGameServerInput {
-    gameServer: String!
     userId: ID!
 }

kdb-bot/src/bot_graphql/mutations/user_joined_game_server_mutation.py

@@ -1,12 +1,19 @@
+import hashlib
 from datetime import datetime
+from typing import Optional
 
 from cpl_core.database.context import DatabaseContextABC
 from cpl_core.logging import LoggerABC
 from cpl_discord.service import DiscordBotServiceABC
+from flask import request
 
+from bot_api.configuration.authentication_settings import AuthenticationSettings
+from bot_data.abc.api_key_repository_abc import ApiKeyRepositoryABC
+from bot_data.abc.game_server_repository_abc import GameServerRepositoryABC
 from bot_data.abc.server_repository_abc import ServerRepositoryABC
 from bot_data.abc.user_joined_game_server_repository_abc import UserJoinedGameServerRepositoryABC
 from bot_data.abc.user_repository_abc import UserRepositoryABC
+from bot_data.model.api_key import ApiKey
 from bot_data.model.user_joined_game_server import UserJoinedGameServer
 from bot_data.model.user_role_enum import UserRoleEnum
 from bot_graphql.abc.query_abc import QueryABC
@@ -23,9 +30,12 @@ class UserJoinedGameServerMutation(QueryABC):
         servers: ServerRepositoryABC,
         users: UserRepositoryABC,
         user_joined_game_servers: UserJoinedGameServerRepositoryABC,
+        api_keys: ApiKeyRepositoryABC,
+        game_servers: GameServerRepositoryABC,
         bot: DiscordBotServiceABC,
         db: DatabaseContextABC,
         permissions: PermissionService,
+        auth_settings: AuthenticationSettings,
     ):
         QueryABC.__init__(self, "UserJoinedGameServerMutation")
 
@@ -34,13 +44,33 @@ class UserJoinedGameServerMutation(QueryABC):
         self._servers = servers
         self._users = users
         self._user_joined_game_servers = user_joined_game_servers
+        self._api_keys = api_keys
+        self._game_servers = game_servers
         self._bot = bot
         self._db = db
         self._permissions = permissions
+        self._auth_settings = auth_settings
 
         self.set_field("userJoined", self.resolve_user_joined)
         self.set_field("userLeaved", self.resolve_user_leaved)
 
+    def _get_api_key_str(self, api_key: ApiKey) -> str:
+        return hashlib.sha256(
+            f"{api_key.identifier}:{api_key.key}+{self._auth_settings.secret_key}".encode("utf-8")
+        ).hexdigest()
+
+    def _get_api_key(self) -> Optional[ApiKey]:
+        authorization = request.headers.get("Authorization").split()
+        if len(authorization) != 2:
+            return None
+
+        api_key_str = authorization[1]
+        return (
+            self._api_keys.get_api_keys()
+            .where(lambda key: self._get_api_key_str(key) == api_key_str)
+            .first_or_default()
+        )
+
     def resolve_user_joined(self, *_, input: dict):
         user = self._users.get_user_by_id(input["userId"])
         self._can_user_mutate_data(user.server, UserRoleEnum.admin)
@@ -53,7 +83,9 @@ class UserJoinedGameServerMutation(QueryABC):
             )
             return
 
-        new = UserJoinedGameServer(user, input["gameServer"], datetime.now())
+        api_key = self._get_api_key()
+        game_server = self._game_servers.get_game_server_by_api_key_id(api_key.id)
+        new = UserJoinedGameServer(user, game_server, datetime.now())
         self._user_joined_game_servers.add_user_joined_game_server(new)
         self._db.save_changes()