add socket verifity token

2025-10-20 18:21:32 +03:00 · 2025-10-20 18:21:32 +03:00 · 9b5ffcccce
commit 9b5ffcccce
parent bfc63823bd
2 changed files with 67 additions and 1 deletions
--- a/common_lib/utils/auth.py
+++ b/common_lib/utils/auth.py
@ -60,6 +60,72 @@ async def _fetch_current_user(
    )


+class AuthInvalidToken(Exception): pass
+class AuthSessionNotFound(Exception): pass
+class AuthPermissionDenied(Exception): pass
+class AuthConflictError(Exception): pass
+class AuthServiceError(Exception): pass
+
+
+async def fetch_user_for_sio(
+    token: str,
+    ip: str,
+    user_agent: str,
+    require_permissions: bool = False
+) -> CurrentUser:
+    """
+    Fetches user data for Socket.IO, decoupled from FastAPI's Request object.
+    """
+    try:
+        response = await client.post(
+            f"{settings.TOKEN_SERVICE}/decode",
+            json={
+                "token": token,
+                "ip": ip,
+                "user_agent": user_agent,
+                "require_permissions": require_permissions
+            },
+        )
+    except httpx.RequestError as e:
+        # Сервис недоступен (network error / timeout)
+        raise AuthServiceError("Token service unavailable") from e
+
+    # Если не 200, разбираем ошибку
+    if response.status_code != 200:
+        try:
+            error_json = response.json()
+            message = error_json.get("errors", [{}])[0].get("message", "Unknown error")
+        except ValueError:
+            message = response.text or "Unknown error"
+        
+        print("response.status_code", response.status_code)
+        # Разные статусы → разные исключения
+        if response.status_code in (400, 401):
+            raise AuthInvalidToken(message)
+        elif response.status_code == 403:
+            raise AuthPermissionDenied(message)
+        elif response.status_code == 404:
+            raise AuthSessionNotFound(message)
+        elif response.status_code == 409:
+            raise AuthConflictError(message)
+        elif response.status_code >= 500:
+            raise AuthServiceError("Authentication service error: " + message)
+        else:
+            # fallback (нестандартный статус)
+            raise AuthServiceError(message)
+
+    # Успех
+    wrapped = response.json()
+    data = wrapped["data"]
+
+    return CurrentUser(
+        token=token,
+        user_id=data["user_id"],
+        session_id=data["session_id"],
+        permissions=data["permissions"]
+    )
+
+
 async def get_current_user(
    request: Request,
    credentials: HTTPAuthorizationCredentials = Depends(auth_scheme)
--- a/pyproject.toml
+++ b/pyproject.toml
@ -1,6 +1,6 @@
 [project]
 name = "common-lib"
-version = "0.0.24"
+version = "0.0.25"
 description = "Библиотека общих компонентов для микросервисов yobble"
 authors = [{ name = "cheykrym", email = "you@example.com" }]
 license = "MIT"