async def method_post(self, request: Request, body: dict, session, *args,
**kwargs) -> BaseHTTPResponse:
request_model = RequestAuthUserDto(body)
try:
db_user = user_queries.get_user(session, login=request_model.login)
except DBUserNotExistsException:
raise SanicUserNotFound('User not found')
try:
check_hash(request_model.password, db_user.password)
except CheckPasswordHashException:
raise SanicAuthException('Wrong password')
payload = {
'uid': db_user.id,
}
token = create_token(payload)
response = AuthResponseObject(token)
response_model = ResponseAuthUserDto(response)
return await self.make_response_json(
body=response_model.dump(),
status=200,
)
def import_body_auth(request: Request) -> dict:
# получаем токен из заголовка запроса
token = request.headers.get('Authorization')
try:
return read_token(token)
except ReadTokenException as error:
raise SanicAuthException(str(error))
def wrapper(self, request, body: dict, session, token, *args, **kwargs):
try:
user_id = token.get('uid')
user_queries.get_user(session=session, user_id=user_id)
except DBUserNotExistsException:
raise SanicAuthException(message='Unauthorized')
return view_func(self,
request=request,
body=body,
session=session,
token=token,
*args,
**kwargs)
async def method_get(self, request: Request, body: dict,
session: DBSession, uid: int, token: dict, *args,
**kwargs) -> BaseHTTPResponse:
if token.get('uid') != uid:
return await self.make_response_json(status=403)
try:
db_user = user_queries.get_user(session, user_id=uid)
except DBUserNotExistsException:
raise SanicAuthException("Unauthorized")
res_model = ResGetUserDTO(db_user)
return await self.make_response_json(body=res_model.dump(), status=200)
def import_body_auth(request: Request) -> dict:
token = request.headers.get("Authorization")
try:
return read_token(token)
except ReadTokenException as e:
raise SanicAuthException(str(e))