add support for /api/profile

iiPythonx · iiPythonx · commit 06cde389035f · 2024-07-17T23:16:11.000-05:00
diff --git a/nightwatch/auth/__init__.py b/nightwatch/auth/__init__.py
@@ -35,12 +35,26 @@ def __init__(self) -> None:
 app: AuthenticationServer = AuthenticationServer()
 
 # Routing
+@app.post(path = "/api/profile")
+async def route_api_profile(payload: models.BaseTokenModel) -> JSONResponse:
+    """Fetches a users profile. This method is POST to prevent query strings with account tokens
+    from being logged via uvicorn or whatever HTTP server is running at the moment."""
+    response: dict | None = app.db.tokens.find_one(filter = {"token": payload.token.get_secret_value()})
+    if response is None:
+        return JSONResponse(
+            content = {"code": 403, "data": "Invalid account token."},
+            status_code = 403
+        )
+
+    return JSONResponse(content = {"code": 200, "data": {"username": response["username"]}})
+
 @app.post(path = "/api/authorize")
 async def route_api_authorize(payload: models.AuthorizeModel) -> JSONResponse:
+    """Authorizes a new external Nightwatch server with a burner account token."""
     response: dict | None = app.db.users.find_one(filter = {"token": payload.token.get_secret_value()})
     if response is None:
         return JSONResponse(
-            content = {"code": 403, "data": "Invalid account token."},
+            content = {"comde": 403, "data": "Invalid account token."},
             status_code = 403
         )
 
@@ -57,6 +71,7 @@ async def route_api_authorize(payload: models.AuthorizeModel) -> JSONResponse:
 
 @app.post(path = "/api/signup")
 async def route_api_signup(payload: models.BaseAuthenticationModel) -> JSONResponse:
+    """Creates a new account and returns its token given a basic username and password."""
     response: dict | None = app.db.users.find_one(filter = {"username": payload.username})
     if response is not None:
         return JSONResponse(
@@ -75,14 +90,14 @@ async def route_api_signup(payload: models.BaseAuthenticationModel) -> JSONRespo
 
 @app.post(path = "/api/login")
 async def route_api_login(payload: models.BaseAuthenticationModel) -> JSONResponse:
+    """Logs in and returns the master token for a given account."""
     response: dict | None = app.db.users.find_one(filter = {"username": payload.username})
     if response is None:
         return JSONResponse(
             content = {"code": 404, "data": "No account with that username exists."},
             status_code = 404
         )
 
-    # Check password
     try:
         app.hasher.verify(hash = response["password"], password = payload.password.get_secret_value())
         if app.hasher.check_needs_rehash(hash = response["password"]):
diff --git a/nightwatch/auth/models.py b/nightwatch/auth/models.py
@@ -4,13 +4,16 @@
 from typing import Annotated
 from pydantic import BaseModel, HttpUrl, SecretStr, StringConstraints
 
-# Models
+# Base models
+class BaseTokenModel(BaseModel):
+
+    # Force token length to 64 characters thanks to 32 byte secret
+    token: Annotated[SecretStr, StringConstraints(min_length = 64, max_length = 64)]
+
 class BaseAuthenticationModel(BaseModel):
     username: Annotated[str, StringConstraints(min_length = 4, max_length = 36)]
     password: Annotated[SecretStr, StringConstraints(min_length = 8, max_length = 512)]
 
-class AuthorizeModel(BaseModel):
+# Token-based models
+class AuthorizeModel(BaseTokenModel):
     server: HttpUrl
-
-    # Force token length to 64 characters thanks to 32 byte secret
-    token: Annotated[SecretStr, StringConstraints(min_length = 64, max_length = 64)]
