BTHLABS-50: Safari Web Extension: Reloaded

Turns out, getting this thing out into the wild isn't as simple as I thought :D
Co-authored-by: Tomek Wójcik <labs@tomekwojcik.pl>
Co-committed-by: Tomek Wójcik <labs@tomekwojcik.pl>

services/backend/hotpocket_backend/apps/accounts/services/access_tokens.py

@@ -11,7 +11,10 @@ import uuid6
 
 from hotpocket_backend.apps.accounts.models import AccessToken
 from hotpocket_backend.apps.core.conf import settings
-from hotpocket_soa.dto.accounts import AccessTokensQuery
+from hotpocket_soa.dto.accounts import (
+    AccessTokenMetaUpdateIn,
+    AccessTokensQuery,
+)
 
 LOGGER = logging.getLogger(__name__)
 
@@ -54,6 +57,16 @@ class AccessTokensService:
                 f'Access Token not found: pk=`{pk}`',
             ) from exception
 
+    def get_by_key(self, *, key: str) -> AccessToken:
+        try:
+            query_set = AccessToken.active_objects
+
+            return query_set.get(key=key)
+        except AccessToken.DoesNotExist as exception:
+            raise self.AccessTokenNotFound(
+                f'Access Token not found: key=`{key}`',
+            ) from exception
+
     def search(self,
                *,
                query: AccessTokensQuery,
@@ -79,3 +92,27 @@ class AccessTokensService:
         access_token.soft_delete()
 
         return True
+
+    def update_meta(self,
+                    *,
+                    pk: uuid.UUID,
+                    update: AccessTokenMetaUpdateIn,
+                    ) -> AccessToken:
+        access_token = AccessToken.active_objects.get(pk=pk)
+
+        next_meta = {
+            **(access_token.meta or {}),
+        }
+
+        if update.version is not None:
+            next_meta['version'] = update.version
+
+        if update.platform is not None:
+            next_meta['platform'] = update.platform
+
+        access_token.meta = next_meta
+        access_token.save()
+
+        access_token.refresh_from_db()
+
+        return access_token

services/backend/hotpocket_backend/apps/ui/rpc_methods/accounts/auth.py

@@ -1,10 +1,62 @@
 # -*- coding: utf-8 -*-
 from __future__ import annotations
 
+import logging
+
 from bthlabs_jsonrpc_core import register_method
+from django import db
 from django.http import HttpRequest
 
+from hotpocket_soa.dto.accounts import AccessTokenMetaUpdateIn
+from hotpocket_soa.services import AccessTokensService
+
+LOGGER = logging.getLogger(__name__)
+
 
 @register_method('accounts.auth.check')
 def check(request: HttpRequest) -> bool:
     return request.user.is_anonymous is False
+
+
+@register_method('accounts.auth.check_access_token')
+def check_access_token(request: HttpRequest,
+                       access_token: str,
+                       meta: dict | None = None,
+                       ) -> bool:
+    result = True
+
+    try:
+        access_tokens_service = AccessTokensService()
+
+        with db.transaction.atomic():
+            access_token_object = access_tokens_service.get_by_key(
+                account_uuid=request.user.pk,
+                key=access_token,
+            )
+
+            meta_update = AccessTokenMetaUpdateIn.model_validate(
+                (meta or {}),
+            )
+
+            _ = access_tokens_service.update_meta(
+                access_token=access_token_object,
+                update=meta_update,
+            )
+    except AccessTokensService.AccessTokenNotFound as exception:
+        LOGGER.error(
+            'Access Token not found: account_uuid=`%s` key=`%s`',
+            request.user.pk,
+            access_token,
+            exc_info=exception,
+        )
+        result = False
+    except AccessTokensService.AccessTokenAccessDenied as exception:
+        LOGGER.error(
+            'Access Token access denied: account_uuid=`%s` key=`%s`',
+            request.user.pk,
+            access_token,
+            exc_info=exception,
+        )
+        result = False
+
+    return result