feat: deals viewer mode and links for viewers

services/auth.py

@@ -11,6 +11,7 @@ from starlette import status
 import backend.config
 import constants
 from backend.session import get_session
+from constants import DEALS_VIEWER, DEAL_EDITOR
 from enums.user import UserRole
 from models import User, InviteCode
 from schemas.auth import *
@@ -23,7 +24,7 @@ algorithm = 'HS256'
 async def get_current_user(
         session: Annotated[AsyncSession, Depends(get_session)],
         token: Annotated[HTTPAuthorizationCredentials, Depends(oauth2_schema)]
-) -> Union[User, None, dict]:
+) -> Optional[UserUnion]:
     if not token.credentials:
         raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail='Invalid token')
     try:
@@ -31,11 +32,11 @@ async def get_current_user(
         user_id = payload.get('sub')
         if not user_id:
             raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail='Invalid credentials')
-        if user_id == 'guest':
+        if user_id == DEAL_EDITOR or user_id == DEALS_VIEWER:
             return payload
         user_id = int(user_id)
 
-        user = await session.get(User, user_id)
+        user: Optional[User] = await session.get(User, user_id)
         if not user:
             raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail='Invalid credentials')
         if user.is_deleted or user.is_blocked:
@@ -53,12 +54,24 @@ async def authorized_user(
     raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail='Invalid token')
 
 
-async def guest_user(user: Annotated[User, Depends(get_current_user)]):
+async def guest_user(user: Annotated[UserUnion, Depends(get_current_user)]):
     if (type(user) is User) or (type(user) is dict):
         return user
     raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail='Invalid token')
 
 
+async def user_deals_viewer(user: Annotated[UserUnion, Depends(get_current_user)]):
+    if (type(user) is User) or (type(user) is dict and user['sub'] == DEALS_VIEWER):
+        return user
+    raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail='Invalid token')
+
+
+async def user_deal_editor(user: Annotated[UserUnion, Depends(get_current_user)]):
+    if (type(user) is User) or (type(user) is dict and user['sub'] == DEAL_EDITOR):
+        return user
+    raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail='Invalid token')
+
+
 class AuthService(BaseService):
     @staticmethod
     def _generate_jwt_token(payload: dict) -> str:
@@ -101,9 +114,17 @@ class AuthService(BaseService):
         return AuthLoginResponse(access_token=access_token)
 
     def create_deal_guest_token(self, deal_id: int):
-        payload = {
-            'sub': 'guest',
+        payload: UserDealEditor = {
+            'sub': constants.DEAL_EDITOR,
             'deal_id': deal_id
         }
 
         return self._generate_jwt_token(payload)
+
+    def create_client_guest_token(self, client_id: int):
+        payload: UserViewer = {
+            'sub': constants.DEALS_VIEWER,
+            'client_id': client_id
+        }
+
+        return self._generate_jwt_token(payload)