aji/authsquare
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixing the list bug on profile roles and not to use try, so the abort can work well.

Browse Source
This commit is contained in:
Dita Aji Pratama 2024-08-14 11:25:54 +07:00
parent 50fcd41add
commit 6d0126911b
1 changed files with 106 additions and 98 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
app/procedure/validation.py
View File

@ -11,7 +11,6 @@ class validation():
def account(self, APIADDR, allowed_roles): def account(self, APIADDR, allowed_roles):
response = {} response = {}
try:
loggorilla.prcss(APIADDR, "Define parameters") loggorilla.prcss(APIADDR, "Define parameters")
beaker_session = request.environ.get('beaker.session') beaker_session = request.environ.get('beaker.session')
jwt = beaker_session["token"] if "token" in beaker_session else None jwt = beaker_session["token"] if "token" in beaker_session else None
@ -34,16 +33,23 @@ class validation():
db_main = mariadb.connect(**database.db_main) db_main = mariadb.connect(**database.db_main)
cursor = db_main.cursor(dictionary=True) cursor = db_main.cursor(dictionary=True)
loggorilla.prcss(APIADDR, "Get dependency data: Session")
cursor.execute(f"SELECT * FROM auth_session WHERE id = %s ; ", (payload["session"]["id"],) ) cursor.execute(f"SELECT * FROM auth_session WHERE id = %s ; ", (payload["session"]["id"],) )
r_session = cursor.fetchone() r_session = cursor.fetchone()
loggorilla.prcss(APIADDR, "Get dependency data: Profile")
cursor.execute(f"SELECT COUNT(*) AS `count`, auth_profile.* FROM auth_profile_verification LEFT JOIN auth_profile ON auth_profile.id = auth_profile_verification.auth_profile WHERE auth_profile.token = %s AND auth_profile_verification.type = 'email' AND auth_profile_verification.verified = 1 ; ", (r_session['token'],) ) cursor.execute(f"SELECT COUNT(*) AS `count`, auth_profile.* FROM auth_profile_verification LEFT JOIN auth_profile ON auth_profile.id = auth_profile_verification.auth_profile WHERE auth_profile.token = %s AND auth_profile_verification.type = 'email' AND auth_profile_verification.verified = 1 ; ", (r_session['token'],) )
r_profile = cursor.fetchone() r_profile = cursor.fetchone()
loggorilla.prcss(APIADDR, "Get dependency data: Roles: execute")
cursor.execute(f"SELECT auth_roles FROM auth_profile_roles WHERE auth_profile = %s ; ", (r_profile['id'],) ) cursor.execute(f"SELECT auth_roles FROM auth_profile_roles WHERE auth_profile = %s ; ", (r_profile['id'],) )
loggorilla.prcss(APIADDR, "Get dependency data: Roles: fetchall")
r_roles = cursor.fetchall() r_roles = cursor.fetchall()
r_profile['roles'] = r_roles['auth_roles'] loggorilla.fyinf(APIADDR, f"r_roles: {r_roles}")
loggorilla.prcss(APIADDR, "Get dependency data: Roles: variable replace")
r_profile['roles'] = [item['auth_roles'] for item in r_roles]
loggorilla.prcss(APIADDR, "Get dependency data: Close DB")
cursor.close() cursor.close()
db_main.close() db_main.close()
@ -54,6 +60,7 @@ class validation():
loggorilla.prcss(APIADDR, "Giving response") loggorilla.prcss(APIADDR, "Giving response")
loggorilla.accss(APIADDR, "Expired. Your session removed." ) loggorilla.accss(APIADDR, "Expired. Your session removed." )
loggorilla.accss(APIADDR, f"Session: {r_session}" ) loggorilla.accss(APIADDR, f"Session: {r_session}" )
loggorilla.accss(APIADDR, f"Session ID: {r_session['id']}" )
loggorilla.accss(APIADDR, f"Profile: {r_profile}" ) loggorilla.accss(APIADDR, f"Profile: {r_profile}" )
response["status" ] = "failed" response["status" ] = "failed"
response["desc" ] = "Expired. Your session removed." response["desc" ] = "Expired. Your session removed."
@ -70,6 +77,7 @@ class validation():
loggorilla.prcss(APIADDR, "Giving response") loggorilla.prcss(APIADDR, "Giving response")
loggorilla.accss(APIADDR, "No active account for this" ) loggorilla.accss(APIADDR, "No active account for this" )
loggorilla.accss(APIADDR, f"Session: {r_session}" ) loggorilla.accss(APIADDR, f"Session: {r_session}" )
loggorilla.accss(APIADDR, f"Session ID: {r_session['id']}" )
loggorilla.accss(APIADDR, f"Profile: {r_profile}" ) loggorilla.accss(APIADDR, f"Profile: {r_profile}" )
response["status" ] = "failed" response["status" ] = "failed"
response["desc" ] = "No active account for this" response["desc" ] = "No active account for this"
@ -100,8 +108,13 @@ class validation():
else: else:
loggorilla.prcss(APIADDR, "Giving response") loggorilla.prcss(APIADDR, "Giving response")
loggorilla.accss(APIADDR, "User roles unauthorized" ) loggorilla.accss(APIADDR, "User roles unauthorized" )
loggorilla.accss(APIADDR, f"Session: {r_session}" ) loggorilla.accss(APIADDR, f"Session ID : {r_session['id']}" )
loggorilla.accss(APIADDR, f"Profile: {r_profile}" ) loggorilla.accss(APIADDR, f"Session Start : {r_session['start'].strftime('%Y-%m-%d %H:%M:%S')}" )
loggorilla.accss(APIADDR, f"Session End : {r_session['end'].strftime('%Y-%m-%d %H:%M:%S')}" )
loggorilla.accss(APIADDR, f"Profile ID : {r_profile['id']}" )
loggorilla.accss(APIADDR, f"Profile Username : {r_profile['username']}" )
loggorilla.accss(APIADDR, f"Profile Email : {r_profile['email']}" )
loggorilla.accss(APIADDR, f"Profile Phone : {r_profile['phone']}" )
response["status" ] = "failed" response["status" ] = "failed"
response["desc" ] = "User roles unauthorized" response["desc" ] = "User roles unauthorized"
response["data" ] = { response["data" ] = {
@ -113,8 +126,3 @@ class validation():
"profile" : r_profile "profile" : r_profile
} }
abort(401, "User roles unauthorized") # 401 Unauthorized abort(401, "User roles unauthorized") # 401 Unauthorized
except Exception as e:
loggorilla.error(APIADDR, str(e) )
response["status" ] = "failed"
response["desc" ] = "Internal Server Error. Please contact us if you still have an error."
return response