feat: auth exceptions + roles with user object

2025-12-19 04:19:25 +00:00 · 2022-11-19 20:19:56 +01:00 · 2022-11-19 20:19:56 +01:00 · 143f21b70b
commit 143f21b70b
parent 23c4224b2b
11 changed files with 74 additions and 68 deletions
--- a/front/components/security/AuthProvider.tsx
+++ b/front/components/security/AuthProvider.tsx
@ -1,8 +1,10 @@
 import React, { useEffect } from "react";
 import { getRefreshToken, getUserInfo } from "../../services/auth/auth";
+import { useRouter } from "next/router";

 export const AuthContext: any = React.createContext({});

+const NON_AUTHENTICATED_ROUTES = ["/login", "/signup"];
 export interface Auth {
  access_token: string;
  isAuthenticated: boolean;
@ -10,7 +12,9 @@ export interface Auth {
  isLoading: boolean;
 }

+
 const AuthProvider = (props: any) => {
+  const router = useRouter();
  const [auth, setAuth] = React.useState<Auth>({ access_token: "", isAuthenticated: false, userInfo: {}, isLoading: true });

  async function checkRefreshToken() {
@ -19,30 +23,35 @@ const AuthProvider = (props: any) => {
  }

  async function checkAuth() {
+    try {
      let access_token = await checkRefreshToken();
-    let isAuthenticated = false;
      let userInfo = {};
      let isLoading = false;
    
      if (access_token) {
        userInfo = await getUserInfo(access_token);
-      isAuthenticated = true;
-      setAuth({ access_token, isAuthenticated, userInfo, isLoading });
+        setAuth({ access_token, isAuthenticated: true, userInfo, isLoading });
+
+        // if user is authenticated and tries to access login or signup page, redirect to home
+        if(NON_AUTHENTICATED_ROUTES.includes(router.pathname)) {
+          router.push("/");
+        }
      } else {
-      isAuthenticated = false;
-      setAuth({ access_token, isAuthenticated, userInfo, isLoading });
+        setAuth({ access_token, isAuthenticated: false, userInfo, isLoading });
+        router.push("/login");
+      }
+    } catch (error) {
+      router.push("/");
    }
  }

-  
-
  useEffect(() => {
    if (auth.isLoading) {
      checkAuth();
    }
    return () => {
      auth.isLoading = false;
-    }
+    };
  }, []);

  return <AuthContext.Provider value={auth}>{props.children}</AuthContext.Provider>;
--- a/front/components/security/AuthenticatedOnly.tsx
+++ b/front/components/security/AuthenticatedOnly.tsx
@ -1,42 +0,0 @@
-import React from "react";
-import { getRefreshToken, getUserInfo } from "../../services/auth/auth";
-import { Auth, AuthContext } from "./AuthProvider";
-
-const AuthenticatedOnly = (props: any) => {
-  const [auth, setAuth] = React.useState<Auth>({ access_token: "", isAuthenticated: false, userInfo: {}, isLoading: true });
-
-  async function checkRefreshToken() {
-    let data = await getRefreshToken();
-    return data.access_token;
-  }
-
-  async function checkAuth() {
-    let access_token = await checkRefreshToken();
-    let isAuthenticated = false;
-    let userInfo = {};
-    let isLoading = false;
-
-    if (access_token) {
-      userInfo = await getUserInfo(access_token);
-      isAuthenticated = true;
-      setAuth({ access_token, isAuthenticated, userInfo, isLoading });
-    } else {
-      isAuthenticated = false;
-      setAuth({ access_token, isAuthenticated, userInfo, isLoading });
-    }
-  }
-
-  React.useEffect(() => {
-    checkAuth();
-  }, []);
-
-  return (
-    <div>
-      {auth.isLoading && <div>Loading...</div>}
-      {!auth.isLoading && auth.isAuthenticated && <div>{props.children}</div>}
-      {!auth.isLoading && !auth.isAuthenticated && <div>Not Authenticated</div>}
-    </div>
-  );
-};
-
-export default AuthenticatedOnly;
--- a/front/components/security/HeaderProfileBox.tsx
+++ b/front/components/security/HeaderProfileBox.tsx
@ -1,8 +1,7 @@
 import React from "react";
 import styled from "styled-components";
 import Link from "next/link";
-import { AuthContext } from "../security/AuthProvider";
-import { getBackendUrl } from "../../services/config";
+import { AuthContext } from "./AuthProvider";
 import Avvvatars from "avvvatars-react";

 export const HeaderProfileBox = () => {
@ -28,9 +27,9 @@ export const HeaderProfileBox = () => {
      )}
      {auth.isAuthenticated && (
        <AccountArea>
-          <div>{auth.userInfo.username}</div>
+          <div>{auth.userInfo.user_object.username}</div>
          <div>
-            <Avvvatars value={auth.userInfo.user_id} style="shape" />
+            <Avvvatars value={auth.userInfo.user_object.user_id} style="shape" />
          </div>
        </AccountArea>
      )}
--- a/front/components/ui/elements/menu.tsx
+++ b/front/components/ui/elements/menu.tsx
@ -1,6 +1,6 @@
 import React from "react";
 import styled from "styled-components";
-import { HeaderProfileBox } from "../../auth/HeaderProfileBox";
+import { HeaderProfileBox } from "../../security/HeaderProfileBox";
 import learnhouseIcon from "public/learnhouse_icon.png";
 import learnhouseLogo from "public/learnhouse_logo.png";
 import Link from "next/link";
--- a/front/pages/org/[orgslug]/course/[courseid]/element/[elementid]/index.tsx
+++ b/front/pages/org/[orgslug]/course/[courseid]/element/[elementid]/index.tsx
@ -30,7 +30,7 @@ function ElementPage() {
  }, [router.isReady]);

  const output = useMemo(() => {
-    if (router.isReady) {
+    if (router.isReady && !isLoading) {
      console.log( "el",element.content);
      
      let content = Object.keys(element.content).length > 0 ? element.content : {
--- a/front/pages/org/[orgslug]/course/[courseid]/index.tsx
+++ b/front/pages/org/[orgslug]/course/[courseid]/index.tsx
@ -6,7 +6,6 @@ import styled from "styled-components";
 import Layout from "../../../../../components/ui/Layout";
 import { getAPIUrl, getBackendUrl } from "../../../../../services/config";
 import { getCourse, getCourseMetadata } from "../../../../../services/courses/courses";
-import { getOrganizationContextInfo } from "../../../../../services/orgs";

 const CourseIdPage = () => {
  const router = useRouter();
@ -57,7 +56,7 @@ const CourseIdPage = () => {
                    return (
                      <>
                        <Link href={`/org/${orgslug}/course/${courseid}/element/${element.id.replace("element_", "")}`}>
-                          <a target="_blank" rel="noopener noreferrer">
+                          <a>
                            <ChapterIndicator />
                          </a>
                        </Link>{" "}
--- a/front/pages/organizations/index.tsx
+++ b/front/pages/organizations/index.tsx
@ -1,6 +1,5 @@
 import Link from "next/link";
 import React from "react";
-import AuthenticatedOnly from "../../components/security/AuthenticatedOnly";
 import Layout from "../../components/ui/Layout";
 import { Title } from "../../components/ui/styles/Title";
 import { deleteOrganizationFromBackend, getUserOrganizations } from "../../services/orgs";
@ -33,7 +32,6 @@ const Organizations = () => {
  return (
    
    <Layout>
-      <AuthenticatedOnly>
      <Title>
        Your Organizations{" "}
        <Link href={"/organizations/new"}>
@ -61,7 +59,6 @@ const Organizations = () => {
          ))}
        </div>
      )}
-      </AuthenticatedOnly>
      
    </Layout>
  );
--- a/front/pages/organizations/update.tsx
+++ b/front/pages/organizations/update.tsx
--- a/front/services/auth/auth.ts
+++ b/front/services/auth/auth.ts
@ -37,7 +37,7 @@ export async function getUserInfo(token: string): Promise<any> {
    credentials: "include",
  };

-  return fetch(`${getAPIUrl()}users/profile`, requestOptions)
+  return fetch(`${getAPIUrl()}users/profile_metadata`, requestOptions)
    .then((result) => result.json())
    .catch((error) => console.log("error", error));
 }
--- a/src/routers/users.py
+++ b/src/routers/users.py
@ -24,6 +24,13 @@ async def api_get_current_user(current_user: User = Depends(get_current_user)):
    """
    return current_user.dict()

+@router.get("/profile_metadata")
+async def api_get_current_user(current_user: User = Depends(get_current_user)):
+    """
+    Get current user
+    """
+    return await get_profile_metadata(current_user.dict())
+

@router.get("/username/{username}")
 async def api_get_user_by_username(username: str):
--- a/src/services/users.py
+++ b/src/services/users.py
@ -35,6 +35,18 @@ class UserInDB(UserWithPassword):
    creationDate: str
    updateDate: str

+
+class UserProfileMetadata(BaseModel):
+    user_object: PublicUser
+    roles = list
+
+# TODO : terrible, export role classes from one single source of truth
+class Role(BaseModel):
+    name: str
+    description: str
+    permissions: object
+    elements: object
+
 #### Classes ####################################################

 # TODO : user actions security
@ -55,6 +67,31 @@ async def get_user(username: str):
    return user


+async def get_profile_metadata(user):
+    await check_database()
+    users = learnhouseDB["users"]
+    roles = learnhouseDB["roles"]
+
+    user = users.find_one({"user_id": user['user_id']})
+
+    if not user:
+        raise HTTPException(
+            status_code=status.HTTP_409_CONFLICT, detail="User does not exist")
+
+    # get roles
+    user_roles = roles.find({"linked_users": user['user_id']})
+
+    user_roles_list = []
+    for role in user_roles:
+        print(role)
+        user_roles_list.append(Role(**role))
+
+    return {
+        "user_object": PublicUser(**user),
+        "roles": user_roles_list
+    }
+
+
 async def get_user_by_userid(user_id: str):
    await check_database()
    users = learnhouseDB["users"]