Skip to content

Class tigrbl_auth.orm.device_code.DeviceCode

tigrbl_auth.orm.device_code.DeviceCode

Bases: Base, GUIDPk, Timestamped

device_code class-attribute instance-attribute

device_code = acol(
    storage=S(String(128), nullable=False, unique=True)
)

user_code class-attribute instance-attribute

user_code = acol(
    storage=S(String(32), nullable=False, index=True)
)

client_id class-attribute instance-attribute

client_id = acol(
    storage=S(
        PgUUID(as_uuid=True),
        fk=ForeignKeySpec(target="authn.clients.id"),
        nullable=False,
    )
)

expires_at class-attribute instance-attribute

expires_at = acol(storage=S(TZDateTime, nullable=False))

interval class-attribute instance-attribute

interval = acol(storage=S(Integer, nullable=False))

authorized class-attribute instance-attribute

authorized = acol(
    storage=S(Boolean, nullable=False, default=False)
)

user_id class-attribute instance-attribute

user_id = acol(
    storage=S(
        PgUUID(as_uuid=True),
        fk=ForeignKeySpec(target="authn.users.id"),
        nullable=True,
        index=True,
    )
)

tenant_id class-attribute instance-attribute

tenant_id = acol(
    storage=S(
        PgUUID(as_uuid=True),
        fk=ForeignKeySpec(target="authn.tenants.id"),
        nullable=True,
        index=True,
    )
)

created_at class-attribute instance-attribute

created_at = acol(
    spec=ColumnSpec(
        storage=S(
            type_=TZDateTime,
            default=tzutcnow,
            nullable=False,
        ),
        field=F(py_type=datetime),
        io=RO_IO,
    )
)

updated_at class-attribute instance-attribute

updated_at = acol(
    spec=ColumnSpec(
        storage=S(
            type_=TZDateTime,
            default=tzutcnow,
            onupdate=tzutcnow,
            nullable=False,
        ),
        field=F(py_type=datetime),
        io=RO_IO,
    )
)

id class-attribute instance-attribute

id = acol(
    spec=ColumnSpec(
        storage=S(
            type_=PgUUID(as_uuid=True),
            primary_key=True,
            default=uuid4,
        ),
        field=F(
            py_type=UUID,
            constraints={"examples": [uuid_example]},
        ),
        io=RO_IO,
    )
)

metadata class-attribute instance-attribute

metadata = MetaData(
    naming_convention={
        "pk": "pk_%(table_name)s",
        "fk": "fk_%(table_name)s_%(column_0_name)s_%(referred_table_name)s",
        "ix": "ix_%(table_name)s_%(column_0_name)s",
        "uq": "uq_%(table_name)s_%(column_0_name)s",
        "ck": "ck_%(table_name)s_%(column_0_name)s_%(constraint_type)s",
    }
)

device_authorization async

device_authorization(ctx)
Source code in tigrbl_auth/orm/device_code.py
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
@op_ctx(alias="device_authorization", target="create", arity="collection")
async def device_authorization(cls, ctx):
    from datetime import datetime, timedelta, timezone
    from uuid import uuid4

    if not settings.enable_rfc8628:
        raise HTTPException(
            status.HTTP_404_NOT_FOUND, "device authorization disabled"
        )
    payload = ctx.get("payload") or {}
    client_id = payload.get("client_id")
    if not client_id:
        raise HTTPException(status.HTTP_400_BAD_REQUEST, "client_id required")
    device_code = uuid4().hex
    user_code = uuid4().hex[:8]
    verification_uri = DEVICE_VERIFICATION_URI
    verification_uri_complete = f"{verification_uri}?user_code={user_code}"
    expires_at = datetime.now(timezone.utc) + timedelta(
        seconds=DEVICE_CODE_EXPIRES_IN
    )
    await cls.handlers.create.core(
        {
            "payload": {
                "device_code": device_code,
                "user_code": user_code,
                "client_id": client_id,
                "expires_at": expires_at,
                "interval": DEVICE_CODE_INTERVAL,
            },
        }
    )
    return {
        "device_code": device_code,
        "user_code": user_code,
        "verification_uri": verification_uri,
        "verification_uri_complete": verification_uri_complete,
        "expires_in": DEVICE_CODE_EXPIRES_IN,
        "interval": DEVICE_CODE_INTERVAL,
    }