Новая система авторизации для Max

2026-04-10 12:40:25 +03:00
parent dc952e92c8
commit 0e225d9f35
2 changed files with 61 additions and 1 deletions
--- a/pyproject.toml
+++ b/pyproject.toml
@ -1,6 +1,6 @@
 [project]
 name = "HospitalAssistantBackend"
-version = "1.1.0"
+version = "1.2.0"
 description = "Backend for Hospital Assistant"
 readme = "README.md"
 requires-python = ">=3.13,<3.14"
--- a/src/apps/esia/v1/router.py
+++ b/src/apps/esia/v1/router.py
@ -74,3 +74,63 @@ async def callback(session: AsyncSessionDep, code: str):
    await cache.set(access_token, f'user:{user.id}')

    return s.Token(access_token=access_token)
+
+
+@router.post('/max/callback')
+async def max_callback(session: AsyncSessionDep, code: str):
+    token = None
+    for i in range(3):
+        try:
+            token = await c.esia_api.access_token(code)
+            break
+        except Exception:
+            logger.warning(
+                'Error occurred while accessing ESI API. Retrying...'
+            )
+            if i == 2:
+                raise
+
+    if token is None:
+        raise e.BadRequestException
+
+    esia_user = await c.esia_api.get_user_info(
+        token.access_token, token.id_token
+    )
+
+    try:
+        vita_user = await c.vitacore_api.findBySnils(esia_user.snils)
+        patId = vita_user.patId
+    except e.UnknownException:
+        raise e.BadRequestException(detail='Patient not found') from None
+
+    existing_user_stmt = select(User).where(User.vita_id == patId).limit(1)
+    existing_user = (
+        await session.execute(existing_user_stmt)
+    ).scalar_one_or_none()
+
+    if existing_user is None:
+        user = User(vita_id=patId)
+        session.add(user)
+        await session.commit()
+        await session.refresh(user)
+
+    else:
+        user = existing_user
+
+    verify_token = secrets.token_urlsafe(32)
+    await cache.set(f'verify:{verify_token}', f'user:{user.id}')
+
+    return s.Token(access_token=verify_token)
+
+
+@router.post('/max/verify')
+async def max_verify(token: str):
+    user = await cache.get(f'verify:{token}')
+
+    if user is None:
+        raise e.BadRequestException(detail='Invalid token')
+
+    access_token = secrets.token_urlsafe(32)
+    await cache.set(access_token, user.decode())
+
+    return s.Token(access_token=access_token)