src/Gargantext/API/GraphQL/Utils.hs

   1 {-|
   2 Module      : Gargantext.API.GraphQL.Utils
   3 Description : Utils for GraphQL API
   4 Copyright   : (c) CNRS, 2017-Present
   5 License     : AGPL + CECILL v3
   6 Maintainer  : team@gargantext.org
   7 Stability   : experimental
   8 Portability : POSIX
   9 -}
  10
  11 module Gargantext.API.GraphQL.Utils where
  12
  13 import Data.Morpheus.Types (GQLTypeOptions, fieldLabelModifier)
  14 import qualified Data.Text as T
  15 import Gargantext.Core.Utils.Prefix (unCapitalize, dropPrefix)
  16 import Gargantext.Prelude
  17 import Data.Text (Text)
  18 import Data.Text.Encoding (encodeUtf8)
  19 import Gargantext.API.Admin.Types (jwtSettings, HasSettings (settings))
  20 import Servant.Auth.Server (verifyJWT, JWTSettings)
  21 import Control.Lens.Getter (view)
  22 import Gargantext.Database.Prelude (Cmd')
  23 import Gargantext.API.Admin.Auth.Types (AuthenticatedUser (AuthenticatedUser, _authUser_id))
  24 import Data.ByteString (ByteString)
  25 import Gargantext.Database.Admin.Types.Node (NodeId)
  26
  27 unPrefix :: T.Text -> GQLTypeOptions -> GQLTypeOptions
  28 unPrefix prefix options = options { fieldLabelModifier = nflm }
  29   where
  30     nflm label = unCapitalize $ dropPrefix (T.unpack prefix) $ ( fieldLabelModifier options ) label
  31
  32 data AuthStatus = Valid | Invalid
  33
  34 authUser :: (HasSettings env) => NodeId -> Text -> Cmd' env err AuthStatus
  35 authUser ui_id token = do
  36   let token' = encodeUtf8 token
  37   jwtS <- view $ settings . jwtSettings
  38   u <- liftBase $ getUserFromToken jwtS token'
  39   case u of
  40     Nothing -> pure Invalid
  41     Just au ->
  42       if nId au == ui_id
  43         then pure Valid
  44         else pure Invalid
  45         where
  46           nId AuthenticatedUser {_authUser_id} = _authUser_id
  47
  48 getUserFromToken :: JWTSettings -> ByteString -> IO (Maybe AuthenticatedUser)
  49 getUserFromToken = verifyJWT