BTHLABS-58: Share Extension in Apple Apps

2025-10-04 08:02:13 +02:00
parent 0c12f52569
commit 99e9226338
122 changed files with 5488 additions and 411 deletions
--- a/services/backend/hotpocket_backend/apps/ui/rpc_methods/accounts/access_tokens.py
+++ b/services/backend/hotpocket_backend/apps/ui/rpc_methods/accounts/access_tokens.py
@@ -7,23 +7,37 @@ from bthlabs_jsonrpc_core import register_method
 from django import db
 from django.http import HttpRequest

-from hotpocket_soa.services import AccessTokensService
+from hotpocket_soa.services import (
+    AccessTokensService,
+    AccountsService,
+    AuthKeysService,
+)

 LOGGER = logging.getLogger(__name__)


-@register_method('accounts.access_tokens.create')
+@register_method('accounts.access_tokens.create', namespace='accounts')
 def create(request: HttpRequest,
           auth_key: str,
           meta: dict,
           ) -> str:
    with db.transaction.atomic():
        try:
-            assert 'extension_auth_key' in request.session, 'Auth key missing'
-            assert request.session['extension_auth_key'] == auth_key, (
-                'Auth key mismatch'
+            auth_key_object = AuthKeysService().get_by_key(
+                account_uuid=None,
+                key=auth_key,
            )
-        except AssertionError as exception:
+        except AuthKeysService.AuthKeyNotFound as exception:
+            LOGGER.error(
+                'Unable to issue access token: %s',
+                exception,
+                exc_info=exception,
+            )
+            raise
+
+        try:
+            account = AccountsService().get(pk=auth_key_object.account_uuid)
+        except AccountsService.AccountNotFound as exception:
            LOGGER.error(
                'Unable to issue access token: %s',
                exception,
@@ -32,12 +46,9 @@ def create(request: HttpRequest,
            raise

        access_token = AccessTokensService().create(
-            account_uuid=request.user.pk,
+            account_uuid=account.pk,
            origin=request.META['HTTP_ORIGIN'],
            meta=meta,
        )

-        request.session.pop('extension_auth_key')
-        request.session.save()
-
        return access_token.key
--- a/services/backend/hotpocket_backend/apps/ui/rpc_methods/accounts/auth.py
+++ b/services/backend/hotpocket_backend/apps/ui/rpc_methods/accounts/auth.py
@@ -13,16 +13,18 @@ from hotpocket_soa.services import AccessTokensService
 LOGGER = logging.getLogger(__name__)


-@register_method('accounts.auth.check')
+@register_method('accounts.auth.check', namespace='accounts')
 def check(request: HttpRequest) -> bool:
    return request.user.is_anonymous is False


-@register_method('accounts.auth.check_access_token')
+@register_method('accounts.auth.check_access_token', namespace='accounts')
 def check_access_token(request: HttpRequest,
                       access_token: str,
                       meta: dict | None = None,
                       ) -> bool:
+    assert request.user.is_anonymous is False, 'Not authenticated'
+
    result = True

    try: