From 5eef9a7a4db270c64824927427016e577e4c6143 Mon Sep 17 00:00:00 2001 From: petrCher <88943157+petrCher@users.noreply.github.com> Date: Fri, 29 Aug 2025 23:54:46 +0300 Subject: [PATCH 1/8] =?UTF-8?q?=D0=94=D0=BE=D0=B1=D0=B0=D0=B2=D0=B8=D0=BB?= =?UTF-8?q?=20=D0=BF=D1=80=D0=B8=20=D0=BE=D1=82=D0=B2=D1=8F=D0=B7=D0=BA?= =?UTF-8?q?=D0=B5=20=D0=BC=D0=B5=D1=82=D0=BE=D0=B4=D0=B0=20=D0=B2=D1=85?= =?UTF-8?q?=D0=BE=D0=B4=D0=B0=20=D1=83=D0=B4=D0=B0=D0=BB=D0=B5=D0=BD=D0=B8?= =?UTF-8?q?=D0=B5=20=D1=8E=D0=B7=D0=B5=D1=80=D0=B4=D0=B0=D1=82=D1=8B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- auth_backend/auth_method/outer.py | 9 ++++----- auth_backend/settings.py | 1 - 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/auth_backend/auth_method/outer.py b/auth_backend/auth_method/outer.py index 26b1ab02..e0c7eae1 100644 --- a/auth_backend/auth_method/outer.py +++ b/auth_backend/auth_method/outer.py @@ -9,7 +9,7 @@ from auth_backend.auth_method.base import AuthPluginMeta from auth_backend.base import Base -from auth_backend.models.db import AuthMethod, UserSession +from auth_backend.models.db import AuthMethod, User, UserSession from auth_backend.utils.security import UnionAuth @@ -205,8 +205,7 @@ async def _unlink( """ if cls.delete_scope() not in (s.name for s in request_user.scopes): raise HTTPException(status_code=HTTP_403_FORBIDDEN, detail="Not authorized") - username = await cls.__get_username(user_id) - if not username: + user = User.get(user_id, session=db.session) + if not user: raise UserNotLinked(user_id) - username.is_deleted = True - db.session.commit() + await cls._delete_auth_methods(user, db_session=db.session) diff --git a/auth_backend/settings.py b/auth_backend/settings.py index ff47cf5e..04e6d619 100644 --- a/auth_backend/settings.py +++ b/auth_backend/settings.py @@ -7,7 +7,6 @@ from annotated_types import Gt from pydantic import PostgresDsn -from pydantic.types import PathType from pydantic_settings import BaseSettings, SettingsConfigDict From cdabde01733e2938b0949efde53a86ccf4fd1c9c Mon Sep 17 00:00:00 2001 From: petrCher <88943157+petrCher@users.noreply.github.com> Date: Thu, 4 Sep 2025 23:30:50 +0300 Subject: [PATCH 2/8] =?UTF-8?q?=D0=B4=D0=BE=D0=B1=D0=B0=D0=B2=D0=B8=D0=BB?= =?UTF-8?q?=20=D1=81=D0=B2=D1=8F=D0=B7=D1=8C=20=D1=81=20kafka=20=D0=B4?= =?UTF-8?q?=D0=BB=D1=8F=20=D1=83=D0=B4=D0=B0=D0=BB=D0=B5=D0=BD=D0=B8=D1=8F?= =?UTF-8?q?=20userdata?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- auth_backend/auth_method/outer.py | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/auth_backend/auth_method/outer.py b/auth_backend/auth_method/outer.py index e0c7eae1..ba6a5654 100644 --- a/auth_backend/auth_method/outer.py +++ b/auth_backend/auth_method/outer.py @@ -2,14 +2,17 @@ from abc import ABCMeta, abstractmethod from typing import Any +from event_schema.auth import UserLoginKey from fastapi import Depends +from fastapi.background import BackgroundTasks from fastapi.exceptions import HTTPException from fastapi_sqlalchemy import db from starlette.status import HTTP_403_FORBIDDEN, HTTP_404_NOT_FOUND, HTTP_409_CONFLICT, HTTP_424_FAILED_DEPENDENCY from auth_backend.auth_method.base import AuthPluginMeta from auth_backend.base import Base -from auth_backend.models.db import AuthMethod, User, UserSession +from auth_backend.kafka.kafka import get_kafka_producer +from auth_backend.models.db import AuthMethod, UserSession from auth_backend.utils.security import UnionAuth @@ -197,6 +200,7 @@ async def _link( async def _unlink( cls, user_id: int, + background_tasks: BackgroundTasks, request_user: UserSession = Depends(UnionAuth()), ): """Отвязать внешний аккаунт пользователю @@ -205,7 +209,14 @@ async def _unlink( """ if cls.delete_scope() not in (s.name for s in request_user.scopes): raise HTTPException(status_code=HTTP_403_FORBIDDEN, detail="Not authorized") - user = User.get(user_id, session=db.session) - if not user: + username = await cls.__get_username(user_id) + if not username: raise UserNotLinked(user_id) - await cls._delete_auth_methods(user, db_session=db.session) + username.is_deleted = True + db.session.commit() + background_tasks.add_task( + get_kafka_producer().produce, + cls.settings.KAFKA_USER_LOGIN_TOPIC_NAME, + UserLoginKey(user_id=user_id, auth_method=cls.get_name()), + None, + ) From 94225a8528769367f3f9b4f269107d4004ef249e Mon Sep 17 00:00:00 2001 From: petrCher <88943157+petrCher@users.noreply.github.com> Date: Sat, 6 Sep 2025 19:50:09 +0300 Subject: [PATCH 3/8] =?UTF-8?q?=D1=81=D0=B2=D1=8F=D0=B7=D1=8C=20=D1=81=20k?= =?UTF-8?q?afka?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- auth_backend/auth_method/outer.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/auth_backend/auth_method/outer.py b/auth_backend/auth_method/outer.py index ba6a5654..19e0838b 100644 --- a/auth_backend/auth_method/outer.py +++ b/auth_backend/auth_method/outer.py @@ -2,7 +2,7 @@ from abc import ABCMeta, abstractmethod from typing import Any -from event_schema.auth import UserLoginKey +from event_schema.auth import UserInfo, UserLogin, UserLoginKey from fastapi import Depends from fastapi.background import BackgroundTasks from fastapi.exceptions import HTTPException @@ -217,6 +217,6 @@ async def _unlink( background_tasks.add_task( get_kafka_producer().produce, cls.settings.KAFKA_USER_LOGIN_TOPIC_NAME, - UserLoginKey(user_id=user_id, auth_method=cls.get_name()), - None, + UserLoginKey(user_id=user_id), + UserLogin(source=cls.get_name(), items=[UserInfo(category="", param="", value=None)]), ) From 559f06f5e0b302919021f092003973b54bbdf4c2 Mon Sep 17 00:00:00 2001 From: petrCher <88943157+petrCher@users.noreply.github.com> Date: Sun, 7 Sep 2025 23:15:15 +0300 Subject: [PATCH 4/8] =?UTF-8?q?=D0=B4=D0=BE=D0=B1=D0=B0=D0=B2=D0=B8=D0=BB?= =?UTF-8?q?=20=D1=83=D0=B4=D0=B0=D0=BB=D0=B5=D0=BD=D0=B8=D0=B5=20=D1=8E?= =?UTF-8?q?=D0=B7=D0=B5=D1=80=D0=B4=D0=B0=D1=82=D1=8B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- auth_backend/auth_method/outer.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/auth_backend/auth_method/outer.py b/auth_backend/auth_method/outer.py index 19e0838b..4efa4b1e 100644 --- a/auth_backend/auth_method/outer.py +++ b/auth_backend/auth_method/outer.py @@ -168,7 +168,7 @@ async def _get_link( Получить данные может администратор или сам пользователь """ - if cls.get_scope() not in (s.name for s in request_user.scopes) and request_user.id != user_id: + if cls.get_scope() not in (s.name for s in request_user.scopes) and request_user.user_id != user_id: raise HTTPException(status_code=HTTP_403_FORBIDDEN, detail="Not authorized") username = await cls.__get_username(user_id) if not username: @@ -218,5 +218,5 @@ async def _unlink( get_kafka_producer().produce, cls.settings.KAFKA_USER_LOGIN_TOPIC_NAME, UserLoginKey(user_id=user_id), - UserLogin(source=cls.get_name(), items=[UserInfo(category="", param="", value=None)]), + UserLogin(source=cls.get_name(), items=[UserInfo(category=cls.get_name(), param="username", value=None)]), ) From 7c10bd9b1f6296d35ef161b40ffc3e5a58614f9b Mon Sep 17 00:00:00 2001 From: petrCher <88943157+petrCher@users.noreply.github.com> Date: Sun, 14 Sep 2025 00:13:55 +0300 Subject: [PATCH 5/8] =?UTF-8?q?=D0=B8=D1=81=D0=BF=D1=80=D0=B0=D0=B2=D0=B8?= =?UTF-8?q?=D0=BB=20=D0=BF=D0=B0=D1=80=D0=B0=D0=BC=D0=B5=D1=82=D1=80=20?= =?UTF-8?q?=D0=B8=20=D0=BA=D0=B0=D1=82=D0=B5=D0=B3=D0=BE=D1=80=D0=B8=D1=8E?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- auth_backend/auth_method/outer.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/auth_backend/auth_method/outer.py b/auth_backend/auth_method/outer.py index 4efa4b1e..1ef0ee5d 100644 --- a/auth_backend/auth_method/outer.py +++ b/auth_backend/auth_method/outer.py @@ -218,5 +218,7 @@ async def _unlink( get_kafka_producer().produce, cls.settings.KAFKA_USER_LOGIN_TOPIC_NAME, UserLoginKey(user_id=user_id), - UserLogin(source=cls.get_name(), items=[UserInfo(category=cls.get_name(), param="username", value=None)]), + UserLogin( + source=cls.get_name(), items=[UserInfo(category=username.auth_method, param=username.param, value=None)] + ), ) From 7367fcd4e1abec4710cf698d387c3da0ae40a99e Mon Sep 17 00:00:00 2001 From: petrCher <88943157+petrCher@users.noreply.github.com> Date: Sat, 11 Oct 2025 12:46:26 +0300 Subject: [PATCH 6/8] =?UTF-8?q?=D0=BF=D1=80=D0=BE=D0=BC=D0=B5=D0=B6=D1=83?= =?UTF-8?q?=D1=82=D0=BE=D1=87=D0=BD=D1=8B=D0=B9=20=D0=BA=D0=BE=D0=BC=D0=BC?= =?UTF-8?q?=D0=B8=D1=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- auth_backend/auth_method/oauth.py | 15 ++++++++++++++- auth_backend/auth_method/outer.py | 12 ------------ 2 files changed, 14 insertions(+), 13 deletions(-) diff --git a/auth_backend/auth_method/oauth.py b/auth_backend/auth_method/oauth.py index 961e2767..5345a50e 100644 --- a/auth_backend/auth_method/oauth.py +++ b/auth_backend/auth_method/oauth.py @@ -1,13 +1,16 @@ import logging from abc import abstractmethod +from event_schema.auth import UserInfo, UserLogin, UserLoginKey from fastapi import Depends +from fastapi.background import BackgroundTasks from fastapi_sqlalchemy import db from sqlalchemy.orm import Session as DbSession from auth_backend.auth_method import AUTH_METHODS, LoginableMixin from auth_backend.base import Base from auth_backend.exceptions import LastAuthMethodDelete +from auth_backend.kafka.kafka import get_kafka_producer from auth_backend.models.db import AuthMethod, User, UserSession from auth_backend.utils.security import UnionAuth @@ -44,13 +47,23 @@ async def _auth_url(*args, **kwargs) -> UrlSchema: raise NotImplementedError() @classmethod - async def _unregister(cls, user_session: UserSession = Depends(UnionAuth(scopes=[], auto_error=True))): + async def _unregister( + cls, + background_tasks: BackgroundTasks, + user_session: UserSession = Depends(UnionAuth(scopes=[], auto_error=True)), + ): """Отключает для пользователя метод входа""" old_user = {"user_id": user_session.user.id} new_user = {"user_id": user_session.user.id} old_user_params = await cls._delete_auth_methods(user_session.user, db_session=db.session) old_user[cls.get_name()] = old_user_params await AuthPluginMeta.user_updated(new_user, old_user) + background_tasks.add_task( + get_kafka_producer().produce, + cls.settings.KAFKA_USER_LOGIN_TOPIC_NAME, + UserLoginKey(user_id=user_session.user.id), + UserLogin(source=cls.get_name(), items=[UserInfo(category="Контакты", param="", value=None)]), + ) return None @classmethod diff --git a/auth_backend/auth_method/outer.py b/auth_backend/auth_method/outer.py index 1ef0ee5d..00a46975 100644 --- a/auth_backend/auth_method/outer.py +++ b/auth_backend/auth_method/outer.py @@ -2,16 +2,13 @@ from abc import ABCMeta, abstractmethod from typing import Any -from event_schema.auth import UserInfo, UserLogin, UserLoginKey from fastapi import Depends -from fastapi.background import BackgroundTasks from fastapi.exceptions import HTTPException from fastapi_sqlalchemy import db from starlette.status import HTTP_403_FORBIDDEN, HTTP_404_NOT_FOUND, HTTP_409_CONFLICT, HTTP_424_FAILED_DEPENDENCY from auth_backend.auth_method.base import AuthPluginMeta from auth_backend.base import Base -from auth_backend.kafka.kafka import get_kafka_producer from auth_backend.models.db import AuthMethod, UserSession from auth_backend.utils.security import UnionAuth @@ -200,7 +197,6 @@ async def _link( async def _unlink( cls, user_id: int, - background_tasks: BackgroundTasks, request_user: UserSession = Depends(UnionAuth()), ): """Отвязать внешний аккаунт пользователю @@ -214,11 +210,3 @@ async def _unlink( raise UserNotLinked(user_id) username.is_deleted = True db.session.commit() - background_tasks.add_task( - get_kafka_producer().produce, - cls.settings.KAFKA_USER_LOGIN_TOPIC_NAME, - UserLoginKey(user_id=user_id), - UserLogin( - source=cls.get_name(), items=[UserInfo(category=username.auth_method, param=username.param, value=None)] - ), - ) From 0cf25a4247d473c73a4f28b93a42fcb241ec9cce Mon Sep 17 00:00:00 2001 From: petrCher <88943157+petrCher@users.noreply.github.com> Date: Mon, 13 Oct 2025 17:26:55 +0300 Subject: [PATCH 7/8] added userdata delete --- auth_backend/auth_method/oauth.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/auth_backend/auth_method/oauth.py b/auth_backend/auth_method/oauth.py index 5345a50e..d65ab0d1 100644 --- a/auth_backend/auth_method/oauth.py +++ b/auth_backend/auth_method/oauth.py @@ -58,11 +58,14 @@ async def _unregister( old_user_params = await cls._delete_auth_methods(user_session.user, db_session=db.session) old_user[cls.get_name()] = old_user_params await AuthPluginMeta.user_updated(new_user, old_user) + user_data = {} + userdata = await cls._convert_data_to_userdata_format(user_data) + items_login = [UserInfo(category=item.category, param=item.param, value=None) for item in userdata.items] background_tasks.add_task( get_kafka_producer().produce, cls.settings.KAFKA_USER_LOGIN_TOPIC_NAME, UserLoginKey(user_id=user_session.user.id), - UserLogin(source=cls.get_name(), items=[UserInfo(category="Контакты", param="", value=None)]), + UserLogin(source=cls.get_name(), items=items_login), ) return None From 6c5bf8966704010d9870e0a74b6bc79888971a60 Mon Sep 17 00:00:00 2001 From: petrCher <88943157+petrCher@users.noreply.github.com> Date: Mon, 13 Oct 2025 17:40:18 +0300 Subject: [PATCH 8/8] added userdata delete for lk msu --- auth_backend/auth_plugins/lkmsu.py | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/auth_backend/auth_plugins/lkmsu.py b/auth_backend/auth_plugins/lkmsu.py index 4b170daa..a8fca628 100644 --- a/auth_backend/auth_plugins/lkmsu.py +++ b/auth_backend/auth_plugins/lkmsu.py @@ -4,7 +4,7 @@ import aiohttp import jwt -from event_schema.auth import UserLogin +from event_schema.auth import UserInfo, UserLogin, UserLoginKey from fastapi import Depends from fastapi_sqlalchemy import db from pydantic import BaseModel, Field @@ -174,7 +174,11 @@ async def _login( ) @classmethod - async def _unregister(cls, user_session: UserSession = Depends(UnionAuth(scopes=[], auto_error=True))): + async def _unregister( + cls, + background_tasks: BackgroundTasks, + user_session: UserSession = Depends(UnionAuth(scopes=[], auto_error=True)), + ): """Отключает для пользователя метод входа""" user: User = user_session.user verified_group_id = DynamicOption.get("verified_group_id", session=db.session).value @@ -198,6 +202,15 @@ async def _unregister(cls, user_session: UserSession = Depends(UnionAuth(scopes= old_user_params = await cls._delete_auth_methods(user_session.user, db_session=db.session) old_user[cls.get_name()] = old_user_params await AuthPluginMeta.user_updated(new_user, old_user) + user_data = {} + userdata = await cls._convert_data_to_userdata_format(user_data) + items_login = [UserInfo(category=item.category, param=item.param, value=None) for item in userdata.items] + background_tasks.add_task( + get_kafka_producer().produce, + cls.settings.KAFKA_USER_LOGIN_TOPIC_NAME, + UserLoginKey(user_id=user_session.user.id), + UserLogin(source=cls.get_name(), items=items_login), + ) return None @classmethod