urec/chat_back
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions
chat_back/app/utils/auth.py

91 lines
3 KiB
Python
Raw Blame History

from datetime import datetime, timedelta, UTC
from cryptography.fernet import Fernet
from jose import jwt
from passlib.context import CryptContext
from app.config import settings
from app.exceptions import (
UserNotFoundException,
UserMustConfirmEmailException,
)
from app.users.exceptions import IncorrectAuthDataException
from app.chat.exceptions import UserDontHavePermissionException, ChatNotFoundException
from app.unit_of_work import UnitOfWork
from app.users.schemas import SUser, SConfirmationData, SInvitationData
pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
cipher_suite = Fernet(settings.INVITATION_LINK_TOKEN_KEY)
def get_password_hash(password: str) -> str:
return pwd_context.hash(password)
def verify_password(plain_password: str, hashed_password: str) -> bool:
return pwd_context.verify(plain_password, hashed_password)
def create_access_token(data: dict[str, str | datetime]) -> str:
to_encode = data.copy()
expire = datetime.now(UTC) + timedelta(days=30)
to_encode.update({"exp": expire})
encoded_jwt = jwt.encode(to_encode, settings.SECRET_KEY, settings.ALGORITHM)
return encoded_jwt
def encode_invitation_token(user_data: SInvitationData) -> str:
invitation_token = cipher_suite.encrypt(user_data.model_dump_json().encode())
return invitation_token.decode()
def decode_invitation_token(invitation_token: str) -> SInvitationData:
user_code = invitation_token.encode()
user_data = cipher_suite.decrypt(user_code)
return SInvitationData.model_validate_json(user_data)
def encode_confirmation_token(user_data: SConfirmationData) -> str:
invitation_token = cipher_suite.encrypt(user_data.model_dump_json().encode())
return invitation_token.decode()
def decode_confirmation_token(invitation_token: str) -> SConfirmationData:
user_code = invitation_token.encode()
user_data = cipher_suite.decrypt(user_code)
return SConfirmationData.model_validate_json(user_data)
class AuthService:
@classmethod
async def authenticate_user(cls, uow: UnitOfWork, email_or_username: str, password: str) -> SUser:
try:
async with uow:
user = await uow.user.find_one_by_username_or_email(username=email_or_username, email=email_or_username)
if not verify_password(password, user.hashed_password):
raise IncorrectAuthDataException
return user
except UserNotFoundException:
raise IncorrectAuthDataException
@staticmethod
async def check_verificated_user(uow: UnitOfWork, user_id: int) -> bool:
async with uow:
user = await uow.user.find_one(id=user_id)
return user.role >= settings.VERIFICATED_USER
@classmethod
async def check_verificated_user_with_exc(cls, uow: UnitOfWork, user_id: int) -> None:
if not await cls.check_verificated_user(uow=uow, user_id=user_id):
raise UserMustConfirmEmailException
@classmethod
async def validate_user_access_to_chat(cls, uow: UnitOfWork, user_id: int, chat_id: int) -> None:
try:
async with uow:
await uow.chat.find_one(chat_id=chat_id, user_id=user_id)
except ChatNotFoundException:
raise UserDontHavePermissionException
Reference in a new issue View git blame Copy permalink