diff --git a/app/controllers/Ballot.py b/app/controllers/Ballot.py index 10584eb..73510d3 100644 --- a/app/controllers/Ballot.py +++ b/app/controllers/Ballot.py @@ -30,7 +30,7 @@ class Ballot: await self.redis.json().set( name=discord_hashed_id, path=".", - obj=ballot, + obj=ballot.dict(), nx=True ) await self.BallotLogger.log("STORE_BALLOT", None, discord_hashed_id) diff --git a/app/controllers/Clients.py b/app/controllers/Clients.py index c6bf7f4..0f52b2c 100644 --- a/app/controllers/Clients.py +++ b/app/controllers/Clients.py @@ -64,25 +64,3 @@ class Clients: return banned - async def voted(self, token: str, discord_id: str) -> bool: - """Check if the user already voted - - Args: - token (str): Token to check - - Returns: - bool: True if the user voted, False otherwise - """ - - voted: bool = False - - try: - if (await self.is_token_banned(token) or - await self.ballot.exists(discord_id)): - - voted = True - except aioredis.RedisError as e: - await self.UserLogger.log("AUTH_CHECKS", e) - raise e - - return voted diff --git a/app/routers/auth.py b/app/routers/auth.py index 3610a40..f22e078 100644 --- a/app/routers/auth.py +++ b/app/routers/auth.py @@ -8,6 +8,7 @@ from app.controllers.Ballot import Ballot import app.models.ClientModels as ClientModels import app.models.GeneralErrors as GeneralErrors import app.models.ResponseModels as ResponseModels +from loguru import logger router = APIRouter( prefix="/auth", @@ -59,7 +60,7 @@ async def auth(request: Request, response: Response, client: ClientModels.Client } ) -@router.put("/exchange", response_model=ResponseModels.ClientAuthTokenResponse, status_code=status.HTTP_200_OK) +@router.post("/exchange", response_model=ResponseModels.ClientAuthTokenResponse, status_code=status.HTTP_200_OK) async def exchange_token(request: Request, response: Response, Authorize: AuthPASETO = Depends(), Authorization: str = Header(None)) -> dict: """Exchange a token for a new one. @@ -70,13 +71,18 @@ async def exchange_token(request: Request, response: Response, Authorize: AuthPA Authorize.paseto_required() user_claims: dict[str, str | bool] = {} - user_claims['discord_id_hash'] = Authorize.get_user_claims()['discord_id_hash'] - user_claims['is_exchange_token'] = True - access_token = Authorize.create_access_token(subject=Authorize.get_subject(), - user_claims=user_claims, - fresh=True) - if not await ballot.exists(Authorize.get_subject()): + + user_id = Authorize.get_token_payload()['discord_id_hash'] + + if not await ballot.exists(user_id): if await clients.ban_token(Authorize.get_jti()): + user_claims['discord_id_hash'] = user_id + user_claims['is_exchange_token'] = True + access_token = Authorize.create_access_token( + subject=Authorize.get_subject(), + user_claims=user_claims + ) + return {"access_token": access_token} else: raise HTTPException(status_code=500, detail={ diff --git a/app/routers/ballot.py b/app/routers/ballot.py index 00a1ad0..ea1443a 100644 --- a/app/routers/ballot.py +++ b/app/routers/ballot.py @@ -28,16 +28,14 @@ async def cast_ballot(request: Request, response: Response, Authorize.paseto_required() - if (Authorize.get_paseto_claims()['is_exchange_token'] and - not client.voted( - Authorize.get_jti(), - Authorize.get_paseto_claims()['discord_hashed_id'] + if (Authorize.get_token_payload()['is_exchange_token'] and + not await ballot_controller.exists( + Authorize.get_token_payload()['discord_id_hash'] )): stored: bool = await ballot_controller.store( - Authorize.get_paseto_claims()['discord_hashed_id'], - ballot - ) + Authorize.get_token_payload()['discord_id_hash'], + ballot) if stored: await client.ban_token(Authorize.get_jti())