diff --git a/selfprivacy_api/actions/api_tokens.py b/selfprivacy_api/actions/api_tokens.py index 33ab286..38cd208 100644 --- a/selfprivacy_api/actions/api_tokens.py +++ b/selfprivacy_api/actions/api_tokens.py @@ -13,13 +13,13 @@ from selfprivacy_api.utils.auth import ( is_recovery_token_valid, is_token_name_exists, is_token_name_pair_valid, - refresh_token, get_token_name, ) from selfprivacy_api.repositories.tokens.json_tokens_repository import ( JsonTokensRepository, ) +from selfprivacy_api.repositories.tokens.exceptions import TokenNotFound TOKEN_REPO = JsonTokensRepository() @@ -65,10 +65,12 @@ def delete_api_token(caller_token: str, token_name: str) -> None: def refresh_api_token(caller_token: str) -> str: """Refresh the token""" - new_token = refresh_token(caller_token) - if new_token is None: + try: + old_token = TOKEN_REPO.get_token_by_token_string(caller_token) + new_token = TOKEN_REPO.refresh_token(old_token) + except TokenNotFound: raise NotFoundException("Token not found") - return new_token + return new_token.token class RecoveryTokenStatus(BaseModel): diff --git a/selfprivacy_api/graphql/mutations/api_mutations.py b/selfprivacy_api/graphql/mutations/api_mutations.py index 3626d83..9f04317 100644 --- a/selfprivacy_api/graphql/mutations/api_mutations.py +++ b/selfprivacy_api/graphql/mutations/api_mutations.py @@ -11,6 +11,7 @@ from selfprivacy_api.actions.api_tokens import ( NotFoundException, delete_api_token, get_new_api_recovery_key, + refresh_api_token, ) from selfprivacy_api.graphql import IsAuthenticated from selfprivacy_api.graphql.mutations.mutation_interface import ( @@ -139,15 +140,14 @@ class ApiMutations: ) try: - old_token = TOKEN_REPO.get_token_by_token_string(token_string) - new_token = TOKEN_REPO.refresh_token(old_token) + new_token = refresh_api_token(token_string) return DeviceApiTokenMutationReturn( success=True, message="Token refreshed", code=200, - token=new_token.token, + token=new_token, ) - except: + except NotFoundException: return DeviceApiTokenMutationReturn( success=False, message="Token not found", diff --git a/selfprivacy_api/utils/auth.py b/selfprivacy_api/utils/auth.py index ecaf9af..1788f8f 100644 --- a/selfprivacy_api/utils/auth.py +++ b/selfprivacy_api/utils/auth.py @@ -145,17 +145,6 @@ def delete_token(token_name): tokens["tokens"] = [t for t in tokens["tokens"] if t["name"] != token_name] -def refresh_token(token: str) -> typing.Optional[str]: - """Change the token field of the existing token""" - new_token = _generate_token() - with WriteUserData(UserDataFiles.TOKENS) as tokens: - for t in tokens["tokens"]: - if t["token"] == token: - t["token"] = new_token - return new_token - return None - - def is_recovery_token_exists(): """Check if recovery token exists""" with ReadUserData(UserDataFiles.TOKENS) as tokens: diff --git a/tests/test_rest_endpoints/test_auth.py b/tests/test_rest_endpoints/test_auth.py index 1083be5..12de0cf 100644 --- a/tests/test_rest_endpoints/test_auth.py +++ b/tests/test_rest_endpoints/test_auth.py @@ -5,6 +5,12 @@ import datetime import pytest from mnemonic import Mnemonic +from selfprivacy_api.repositories.tokens.json_tokens_repository import ( + JsonTokensRepository, +) + +TOKEN_REPO = JsonTokensRepository() + from tests.common import read_json, write_json @@ -97,7 +103,7 @@ def test_refresh_token(authorized_client, tokens_file): response = authorized_client.post("/auth/tokens") assert response.status_code == 200 new_token = response.json()["token"] - assert read_json(tokens_file)["tokens"][0]["token"] == new_token + assert TOKEN_REPO.get_token_by_token_string(new_token) is not None # new device