def mutate(self, _, email, password, user_data): if _UserModel.find_by_email(email): LOG.warning(f'Repeated registration for {email}') raise GraphQLError(f'User {email} already exists') access_token = create_access_token(identity=email) refresh_token = create_refresh_token(identity=email) try: new_user = _UserModel(email=email.strip(), password=_UserModel.generate_hash(password), jti=decode_token(refresh_token)['jti'], created_time=datetime.datetime.now()) new_user.save() Persistent.flush() new_user_profile = UserProfile( user_id=new_user.id, email=email.strip(), first_name=user_data.first_name.strip(), last_name=user_data.last_name.strip()) new_user_profile.save_and_persist() except Exception as e: LOG.error(f"User registration failed. Error: {e}") Persistent.rollback() raise GraphQLError("User registration failed.") else: # check ws invitatitons try: pending_invitations = WorkspaceInvitation.find_all( email=email, status=WorkspaceInvitationStatus.PENDING) processed_ws_ids = set() for inv in pending_invitations: if inv.ws_id not in processed_ws_ids: processed_ws_ids.add(inv.ws_id) WorkspaceUser(user_id=new_user.id, ws_id=inv.ws_id, start_date=inv.start_date).save() WorkspaceUserRole( ws_id=inv.ws_id, user_id=new_user.id, role=WorkspaceUserRoles.MEMBER).save() inv.status = WorkspaceInvitationStatus.ACCEPTED WorkspaceInvitation.query() \ .filter(WorkspaceInvitation.id == inv.id) \ .update({WorkspaceInvitation.status: inv.status}) Persistent.commit() except Exception as e: LOG.error( f"Workspace invitations check failed for user {new_user.email}. Error: {e}" ) db.session.rollback() return Register(ok=True, user_id=new_user.id, access_token=access_token, refresh_token=refresh_token)
def logout_v1(): jti = get_raw_jwt()['jti'] user = User.find_by_email(get_jwt_identity()) if user.jti != jti: LOG.warning(f'Wrong JTI ({jti}) for user {user.email} on logout') return HttpError('Invalid token'), 400 user.jti = None user.save_and_persist() return HttpMessage('Refresh token has been revoked'), 200
def token_refresh_v1(): jti = get_raw_jwt()['jti'] user = User.find_by_email(get_jwt_identity()) if not user: return HttpError('User not found'), 404 if user.jti != jti: return HttpError('Invalid token'), 400 access_token, refresh_token = new_tokens(user.email) user.jti = decode_token(refresh_token)['jti'] user.save_and_persist() return RefreshResponse(access_token=access_token, refresh_token=refresh_token), 200
def login_v1(request: LoginRequest): current_user = User.find_by_email(request.email) if not current_user: LOG.warning(f'Non-existing user {request.email} login') return HttpError(f"User {request.email} doesn't exist"), 400 if User.verify_hash(request.password, current_user.password): access_token, refresh_token = new_tokens(current_user.email) current_user.jti = decode_token(refresh_token)['jti'] current_user.save_and_persist() return LoginResponse(current_user.id, access_token, refresh_token), 200 else: LOG.warning(f'Wrong credentials for user {request.email}') return HttpError('Wrong credentials'), 403
def mutate(self, _, email, password): current_user = _UserModel.find_by_email(email) if not current_user: LOG.warning(f'Non-existing user {email} login') raise GraphQLError('Wrong credentials') if not _UserModel.verify_hash(password, current_user.password): LOG.warning(f'Wrong credentials for user {email}') raise GraphQLError('Wrong credentials') access_token = create_access_token(current_user.email) refresh_token = create_refresh_token(current_user.email) current_user.jti = decode_token(refresh_token)['jti'] current_user.save_and_persist() return Login(ok=True, access_token=access_token, refresh_token=refresh_token)
def mutate(self, _, name, description, members): now = datetime.datetime.now() user = current_user_or_error() try: new_ws = WorkspaceModel(name=name, description=description) new_ws.save() Persistent.flush() # so we now have ID for new_ws WorkspaceUser(ws_id=new_ws.id, user_id=user.id, start_date=now).save() for role in WorkspaceUserRoles.__members__: WorkspaceUserRole(ws_id=new_ws.id, user_id=user.id, role=role).save() for email in members: if email.strip() == user.email: continue wsi = WorkspaceInvitation(email=email, ws_id=new_ws.id) # check if user with this email already exist user_by_email = _UserModel.find_by_email(email=email) if user_by_email: WorkspaceUser(ws_id=new_ws.id, user_id=user_by_email.id, start_date=now).save() WorkspaceUserRole(ws_id=new_ws.id, user_id=user_by_email.id, role=WorkspaceUserRoles.MEMBER).save() wsi.status = WorkspaceInvitationStatus.ACCEPTED wsi.save() Persistent.commit() return CreateWorkspace(ok=True, ws=new_ws) except Exception as e: LOG.error(f'Workspace creation failed. Error: {e}') Persistent.rollback() raise GraphQLError('Workspace creation failed.')
def user_by_name(_, info, email): return _User.find_by_email(email)
def current_user_or_error(message="User not found"): user = _User.find_by_email(get_jwt_identity()) if not user: raise GraphQLError(message) return user