xn-auth 0.2.39__py3-none-any.whl → 0.2.41__py3-none-any.whl

x_auth/controller.py

@@ -1,6 +1,8 @@
+from base64 import b64encode
 from datetime import timedelta
 
-from aiogram.utils.web_app import WebAppInitData, safe_parse_webapp_init_data
+from aiogram.utils.auth_widget import check_signature
+from aiogram.utils.web_app import WebAppInitData, safe_parse_webapp_init_data, WebAppUser
 from litestar import Response, post
 from litestar.connection import ASGIConnection
 from litestar.exceptions import NotAuthorizedException
@@ -8,7 +10,7 @@ from litestar.security.jwt import JWTCookieAuth
 
 from x_auth.middleware import JWTAuthMiddleware, Tok
 from x_auth.models import User
-from x_auth.types import AuthUser
+from x_auth.types import AuthUser, TgUser, XyncUser
 
 
 async def retrieve_user_handler(token: Tok, _cn: ASGIConnection) -> AuthUser:
@@ -33,20 +35,32 @@ class Auth:
             exclude=["/schema", "/auth", "/public"] + (exc_paths or []),
         )
 
-        @post("/auth/tma", tags=["Auth"], description="Gen JWToken from tg initData")
-        async def tma(tid: str) -> Response[user_model.in_type(True)]:
-            try:
-                twaid: WebAppInitData = safe_parse_webapp_init_data(self.jwt.token_secret, tid)
-            except ValueError:
-                raise NotAuthorizedException(detail="Tg Initdata invalid")
-            user_in = await user_model.tg2in(twaid.user)
+        async def user_proc(user: WebAppUser) -> Response[XyncUser]:
+            user_in = await user_model.tg2in(user)
             db_user, cr = await user_model.update_or_create(**user_in.df_unq())  # on login: update user in db from tg
             res = self.jwt.login(
                 identifier=str(db_user.id),
                 token_extras={"role": db_user.role, "blocked": db_user.blocked},
-                response_body=user_model.validate(dict(db_user)),
+                response_body=XyncUser.model_validate({**user.model_dump(), "pub": b64encode(db_user.pub)}),
             )
             res.cookies[0].httponly = False
             return res
 
-        self.handler = tma
+        # login for api endpoint
+        @post("/auth/twa", tags=["Auth"], description="Gen JWToken from tg login widget")
+        async def twa(data: TgUser) -> Response[XyncUser]:  # widget
+            dct = data.dump()
+            if not check_signature(self.jwt.token_secret, dct.pop("hash"), **dct):
+                raise NotAuthorizedException("Tg login widget data invalid")
+            return await user_proc(WebAppUser(**dct))
+
+        @post("/auth/tma", tags=["Auth"], description="Gen JWToken from tg initData")
+        async def tma(tid: str) -> Response[XyncUser]:
+            try:
+                twaid: WebAppInitData = safe_parse_webapp_init_data(self.jwt.token_secret, tid)
+            except ValueError as e:
+                raise NotAuthorizedException(detail=f"Tg Initdata invalid {e}")
+            return await user_proc(twaid.user)
+
+        self.tma_handler = tma
+        self.twa_handler = twa

x_auth/models.py

@@ -35,6 +35,10 @@ from x_model.types import BaseUpd
 from x_auth.enums import Lang, Role, PeerType
 
 
+class UniqBinaryField(BinaryField):
+    indexable = True
+
+
 class Username(TortModel):
     id: int = BigIntField(True, description="tg_id")
     username: str = CharField(127, null=True)
@@ -49,10 +53,13 @@ class User(Model):
     username: OneToOneRelation[Username] = OneToOneField("models.Username", "user")
     username_id: int
     first_name: str | None = CharField(63)
+    pic: str | None = CharField(127, null=True)
     last_name: str | None = CharField(31, null=True)
     blocked: bool = BooleanField(default=False)
     lang: Lang | None = IntEnumField(Lang, default=Lang.ru, null=True)
     role: Role = IntEnumField(Role, default=Role.READER)
+    # prv = BinaryField(null=True)  # len=32
+    pub = UniqBinaryField(unique=True, null=True)  # len=32
 
     app: BackwardOneToOneRelation["App"]
 
@@ -65,6 +72,7 @@ class User(Model):
                 "last_name": u.last_name,
                 "username_id": un.id,
                 "lang": u.language_code and Lang[u.language_code],
+                "pic": u.photo_url and u.photo_url.replace("https://t.me/i/userpic/320/", "")[:-4],
             }
         )
         if blocked is not None:

x_auth/types.py

@@ -1,11 +1,26 @@
 from datetime import datetime
-from typing import Literal
+from json import dumps
+from typing import Literal, Self
 
-from msgspec import Struct
+from aiogram.utils.web_app import WebAppUser
+from msgspec import Struct, to_builtins, convert
 
 from x_auth.enums import Role
 
 
+class Xs(Struct):
+    def dump(self, nones: bool = False) -> dict:
+        return {k: v for k, v in to_builtins(self).items() if nones or v is not None}
+
+    def json(self, nones: bool = False) -> str:
+        return dumps(self.dump())
+
+    @classmethod
+    def load(cls, obj, **kwargs) -> Self:
+        dct = dict(obj)
+        return convert({**dct, **kwargs}, cls)  # , strict=False
+
+
 class AuthUser(Struct):
     id: int
     blocked: bool
@@ -35,3 +50,17 @@ class Replacement(Struct):
     proxy_port: int
     proxy_country_code: str
     created_at: datetime
+
+
+class TgUser(Xs):
+    id: int
+    first_name: str
+    auth_date: int
+    hash: str
+    username: str | None = None
+    photo_url: str | None = None
+    last_name: str | None = None
+
+
+class XyncUser(WebAppUser):
+    pub: bytes

{xn_auth-0.2.39.dist-info → xn_auth-0.2.41.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: xn-auth
-Version: 0.2.39
+Version: 0.2.41
 Summary: Auth adapter for XN-Api framework
 Author-email: Artemiev <mixartemev@gmail.com>
 License: MIT

xn_auth-0.2.41.dist-info/RECORD

@@ -0,0 +1,10 @@
+x_auth/controller.py,sha256=KGbXT-hX7Rp6eYZJGx_-ioAr3As73bbKjPhow41c1SE,2973
+x_auth/enums.py,sha256=l4NTYsA-h0gyOp4PUe40Lb8LKoA94zL6EDkCmoGmBL0,732
+x_auth/exceptions.py,sha256=2B4okJxhPyNqTJXlSTfblJUQJ60bLGXdgJIu6ue7S6w,162
+x_auth/middleware.py,sha256=JfssQomDv0J_69GfS2a_2_uyRzs26zSY6IW1Vk7m8K0,2900
+x_auth/models.py,sha256=kDk0je7f2TcfRrnCeTbB99ERBJmDaxGGjvIm53BIaYM,8996
+x_auth/types.py,sha256=GTjNOm7XkyYDCdIaqByP2LzHnwCJRkWGOwdc4tVWFy0,1400
+xn_auth-0.2.41.dist-info/METADATA,sha256=lPj2C37gFR3GN2b1xvIMxBzWbyU6KtTurQfNc3QBcTU,823
+xn_auth-0.2.41.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+xn_auth-0.2.41.dist-info/top_level.txt,sha256=ydMDkzxgQPtW-E_MNDfUAroAFZvWSqU-x_kZSA7NSFo,7
+xn_auth-0.2.41.dist-info/RECORD,,

xn_auth-0.2.39.dist-info/RECORD

@@ -1,10 +0,0 @@
-x_auth/controller.py,sha256=0QhqmqXOqFaWIUTWHlJKITQNmJQ5kXZOkLg7wSUTh60,2240
-x_auth/enums.py,sha256=l4NTYsA-h0gyOp4PUe40Lb8LKoA94zL6EDkCmoGmBL0,732
-x_auth/exceptions.py,sha256=2B4okJxhPyNqTJXlSTfblJUQJ60bLGXdgJIu6ue7S6w,162
-x_auth/middleware.py,sha256=JfssQomDv0J_69GfS2a_2_uyRzs26zSY6IW1Vk7m8K0,2900
-x_auth/models.py,sha256=Srhu7he0cxEdQ7smQbqlHBE0ChCqAMcj4E_y-WPZlRI,8684
-x_auth/types.py,sha256=j3WGcyH24DmFEdTT6U7xzb_fEm1tFcBZsANKMy7bydo,689
-xn_auth-0.2.39.dist-info/METADATA,sha256=MPxvb7MeAhnRbKke04ahT5ZlSZKnkvvGToy7qyAVaQM,823
-xn_auth-0.2.39.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-xn_auth-0.2.39.dist-info/top_level.txt,sha256=ydMDkzxgQPtW-E_MNDfUAroAFZvWSqU-x_kZSA7NSFo,7
-xn_auth-0.2.39.dist-info/RECORD,,