Exemple #1
0
    async def method_post(self, request: Request, body: dict, session, *args,
                          **kwargs) -> BaseHTTPResponse:

        request_model = RequestAuthUserDto(body)

        try:
            db_user = user_queries.get_user(session, login=request_model.login)
        except DBUserNotExistsException:
            raise SanicUserNotFound('User not found')

        try:
            check_hash(request_model.password, db_user.password)
        except CheckPasswordHashException:
            raise SanicAuthException('Wrong password')

        payload = {
            'uid': db_user.id,
        }

        token = create_token(payload)
        response = AuthResponseObject(token)
        response_model = ResponseAuthUserDto(response)

        return await self.make_response_json(
            body=response_model.dump(),
            status=200,
        )
Exemple #2
0
 def import_body_auth(request: Request) -> dict:
     # получаем токен из заголовка запроса
     token = request.headers.get('Authorization')
     try:
         return read_token(token)
     except ReadTokenException as error:
         raise SanicAuthException(str(error))
Exemple #3
0
 def wrapper(self, request, body: dict, session, token, *args, **kwargs):
     try:
         user_id = token.get('uid')
         user_queries.get_user(session=session, user_id=user_id)
     except DBUserNotExistsException:
         raise SanicAuthException(message='Unauthorized')
     return view_func(self,
                      request=request,
                      body=body,
                      session=session,
                      token=token,
                      *args,
                      **kwargs)
Exemple #4
0
    async def method_get(self, request: Request, body: dict,
                         session: DBSession, uid: int, token: dict, *args,
                         **kwargs) -> BaseHTTPResponse:

        if token.get('uid') != uid:
            return await self.make_response_json(status=403)
        try:
            db_user = user_queries.get_user(session, user_id=uid)
        except DBUserNotExistsException:
            raise SanicAuthException("Unauthorized")

        res_model = ResGetUserDTO(db_user)

        return await self.make_response_json(body=res_model.dump(), status=200)
Exemple #5
0
 def import_body_auth(request: Request) -> dict:
     token = request.headers.get("Authorization")
     try:
         return read_token(token)
     except ReadTokenException as e:
         raise SanicAuthException(str(e))