update

2025-03-28 11:51:16 -03:00
parent 88c2585d2a
commit ac61f8aba0
9 changed files with 31 additions and 17 deletions
--- a/http-api/.env.sample
+++ b/http-api/.env.sample
@@ -3,7 +3,5 @@

 KONVIVA_API_URL=https://saladeaula.digital
 KONVIVA_SECRET_KEY=
-ELASTIC_HOSTS=http://127.0.0.1:9200
-DYNAMODB_ENDPOINT_URL=http://127.0.0.1:8000
 DYNAMODB_PARTITION_KEY=id
 DYNAMODB_SORT_KEY=sk
--- a/http-api/auth.py
+++ b/http-api/auth.py
@@ -35,6 +35,7 @@ from aws_lambda_powertools.utilities.data_classes.api_gateway_authorizer_event i
 from aws_lambda_powertools.utilities.typing import LambdaContext
 from botocore.endpoint_provider import Enum
 from layercake.dynamodb import DynamoDBCollection, DynamoDBPersistenceLayer, KeyPair
+from layercake.funcs import pick

 from boto3clients import dynamodb_client
 from cognito import get_user
@@ -100,7 +101,16 @@ def _authorizer(bearer: BearerToken) -> Authorizer:
                return Authorizer(True, {'user': user})
            case TokenType.API_KEY:
                apikey = collect.get_item(KeyPair('apikey', bearer.token))
-                return Authorizer(True, {'tenant': apikey['tenant']})
+                return Authorizer(
+                    True,
+                    pick(
+                        (
+                            'user',
+                            'tenant',
+                        ),
+                        apikey,
+                    ),
+                )
    except Exception:
        return Authorizer()

--- a/http-api/boto3clients.py
+++ b/http-api/boto3clients.py
@@ -8,9 +8,9 @@ DYNAMODB_ENDPOINT_URL: str | None = None
 if 'AWS_SAM_LOCAL' in os.environ:
    DYNAMODB_ENDPOINT_URL = 'http://host.docker.internal:8000'

-
-if 'DYNAMODB_ENDPOINT_URL' in os.environ:
-    DYNAMODB_ENDPOINT_URL = os.getenv('DYNAMODB_ENDPOINT_URL')
+# Only when running `pytest`
+if 'PYTEST_VERSION' in os.environ:
+    DYNAMODB_ENDPOINT_URL = 'http://127.0.0.1:8000'


 dynamodb_client = boto3.client('dynamodb', endpoint_url=DYNAMODB_ENDPOINT_URL)
--- a/http-api/cli/seeds/test-users.jsonl
+++ b/http-api/cli/seeds/test-users.jsonl
@@ -1,4 +1,4 @@
-{"id": {"S": "apikey"}, "sk": {"S": "32504457-f133-4c00-936b-6aa712ca9f40"}}
+{"id": {"S": "apikey"}, "sk": {"S": "MzI1MDQ0NTctZjEzMy00YzAwLTkzNmItNmFhNzEyY2E5ZjQw"}, "tenant": {"M": {"id": {"S": "*"}, "name": {"S": "default"}}}, "user": {"M": {"id": {"S": "5OxmMjL-ujoR5IMGegQz"}, "name": {"S": "Sérgio R Siqueira"}, "email": {"S": "sergio@somosbeta.com.br"}}}}
 {"updateDate": {"S": "2024-02-08T16:42:33.776409-03:00"}, "createDate": {"S": "2019-03-25T00:00:00-03:00"}, "email_verified": {"BOOL": true}, "cognito:sub": {"S": "58efed8d-d276-41a8-8502-4ab8b5a6415e"}, "cpf": {"S": "07879819908"}, "sk": {"S": "0"}, "email": {"S": "sergio@somosbeta.com.br"}, "id": {"S": "5OxmMjL-ujoR5IMGegQz"}, "name": {"S": "S\u00e9rgio Rafael de Siqueira"}, "lastLogin": {"S": "2024-02-08T20:53:45.818126-03:00"}, "orgs": {"L": [{"S": "cJtK9SsnJhKPyxESe7g3DG"}, {"S": "edp8njvgQuzNkLx2ySNfAD"}, {"S": "8TVSi5oACLxTiT8ycKPmaQ"}]}}
 {"sk": {"S": "acl#admin"}, "id": {"S": "5OxmMjL-ujoR5IMGegQz"}, "create_date": {"S": "2022-06-13T15:00:24.309410-03:00"}}
 {"emailVerified": {"BOOL": true}, "updateDate": {"S": "2024-02-08T16:42:33.776409-03:00"}, "createDate": {"S": "2024-01-19T22:53:43.135080-03:00"}, "deliverability": {"S": "DELIVERABLE"}, "sk": {"S": "emails#osergiosiqueira@gmail.com"}, "id": {"S": "5OxmMjL-ujoR5IMGegQz"}, "primaryEmail": {"BOOL": false}, "emailDeliverable": {"BOOL": true}}
--- a/http-api/models.py
+++ b/http-api/models.py
@@ -33,7 +33,7 @@ class Cert(BaseModel):


 class Course(BaseModel):
-    id: UUID4 | str = Field(default_factory=uuid4)
+    id: UUID4 = Field(default_factory=uuid4)
    name: str
    cert: Cert | None = None
-    access_period: int | None = None
+    access_period: int = 90  # 3 months
--- a/http-api/settings.py
+++ b/http-api/settings.py
@@ -8,16 +8,14 @@ COURSE_TABLE: str = os.getenv('COURSE_TABLE')  # type: ignore
 KONVIVA_API_URL: str = os.getenv('KONVIVA_API_URL')  # type: ignore
 KONVIVA_SECRET_KEY: str = os.getenv('KONVIVA_SECRET_KEY')  # type: ignore

-match os.getenv('AWS_SAM_LOCAL'), os.getenv('ELASTIC_HOSTS'):
-    case str() as AWS_SAM_LOCAL, _ if (
-        AWS_SAM_LOCAL
-    ):  # Only when running `sam local start-api`
+match os.getenv('AWS_SAM_LOCAL'), os.getenv('PYTEST_VERSION'):
+    case str() as SAM_LOCAL, _ if SAM_LOCAL:  # Only when running `sam local start-api`
        ELASTIC_CONN = {
            'hosts': 'http://host.docker.internal:9200',
        }
-    case _, str() as ELASTIC_HOSTS if ELASTIC_HOSTS:
+    case _, str() as PYTEST if PYTEST:  # Only when running `pytest`
        ELASTIC_CONN = {
-            'hosts': ELASTIC_HOSTS,
+            'hosts': 'http://127.0.0.1:9200',
        }
    case _:
        ELASTIC_CLOUD_ID = os.getenv('ELASTIC_CLOUD_ID')
--- a/http-api/template.yaml
+++ b/http-api/template.yaml
@@ -97,3 +97,6 @@ Resources:
      Handler: auth.lambda_handler
      LoggingConfig:
        LogGroup: !Ref HttpLog
+      Policies:
+        - DynamoDBCrudPolicy:
+            TableName: !Ref UserTable
--- a/http-api/tests/seeds.jsonl
+++ b/http-api/tests/seeds.jsonl
@@ -1,4 +1,4 @@
-{"id": {"S": "apikey"}, "sk": {"S": "MzI1MDQ0NTctZjEzMy00YzAwLTkzNmItNmFhNzEyY2E5ZjQw"}, "tenant": {"M": {"id": {"S": "*"}, "name": {"S": "default"}}}}
+{"id": {"S": "apikey"}, "sk": {"S": "MzI1MDQ0NTctZjEzMy00YzAwLTkzNmItNmFhNzEyY2E5ZjQw"}, "tenant": {"M": {"id": {"S": "*"}, "name": {"S": "default"}}}, "user": {"M": {"id": {"S": "5OxmMjL-ujoR5IMGegQz"}, "name": {"S": "Sérgio R Siqueira"}, "email": {"S": "sergio@somosbeta.com.br"}}}}
 {"id": {"S": "5OxmMjL-ujoR5IMGegQz"}, "sk": {"S": "0"}, "update_date": {"S": "2024-02-08T16:42:33.776409-03:00"}, "create_date": {"S": "2019-03-25T00:00:00-03:00"}, "email_verified": {"BOOL": true}, "cognito:sub": {"S": "58efed8d-d276-41a8-8502-4ab8b5a6415e"}, "cpf": {"S": "07879819908"}, "email": {"S": "sergio@somosbeta.com.br"}, "name": {"S": "S\u00e9rgio Rafael de Siqueira"}, "last_login": {"S": "2024-02-08T20:53:45.818126-03:00"}, "tenant:org_id": {"L": [{"S": "cJtK9SsnJhKPyxESe7g3DG"}]}}
 {"id": {"S": "5OxmMjL-ujoR5IMGegQz"}, "sk": {"S": "cognito"}, "create_date": {"S": "2025-03-03T17:12:26.443507-03:00"}, "sub": {"S": "58efed8d-d276-41a8-8502-4ab8b5a6415e"}}
 {"id": {"S": "5OxmMjL-ujoR5IMGegQz"}, "sk": {"S": "emails#sergio@somosbeta.com.br"}, "email_verified": {"BOOL": true}, "update_date": {"S": "2024-02-08T16:42:33.776409-03:00"}, "create_date": {"S": "2019-03-25T00:00:00-03:00"}, "email_primary": {"BOOL": true}, "mx_record_exists": {"BOOL": true}, "update_date": {"S": "2023-11-09T12:13:04.308986-03:00"}}
--- a/http-api/tests/test_auth.py
+++ b/http-api/tests/test_auth.py
@@ -49,7 +49,12 @@ def test_bearer_apikey(
            'tenant': {
                'name': 'default',
                'id': '*',
-            }
+            },
+            'user': {
+                'id': '5OxmMjL-ujoR5IMGegQz',
+                'name': 'Sérgio R Siqueira',
+                'email': 'sergio@somosbeta.com.br',
+            },
        },
    }