auths.py 7.21 KB
Newer Older
1
from fastapi import Response, Request
2
3
4
5
from fastapi import Depends, FastAPI, HTTPException, status
from datetime import datetime, timedelta
from typing import List, Union

6
from fastapi import APIRouter, status
7
8
9
from pydantic import BaseModel
import time
import uuid
Timothy J. Baek's avatar
Timothy J. Baek committed
10
import re
11
12
13
14

from apps.web.models.auths import (
    SigninForm,
    SignupForm,
15
    UpdateProfileForm,
16
    UpdatePasswordForm,
17
18
19
20
21
22
    UserResponse,
    SigninResponse,
    Auths,
)
from apps.web.models.users import Users

Timothy J. Baek's avatar
Timothy J. Baek committed
23
24
25
26
27
28
from utils.utils import (
    get_password_hash,
    get_current_user,
    get_admin_user,
    create_token,
)
Timothy J. Baek's avatar
Timothy J. Baek committed
29
from utils.misc import parse_duration, validate_email_format
Timothy J. Baek's avatar
Timothy J. Baek committed
30
31
from utils.webhook import post_webhook
from constants import ERROR_MESSAGES, WEBHOOK_MESSAGES
32

Timothy J. Baek's avatar
Timothy J. Baek committed
33
34
router = APIRouter()

35
36
37
38
39
############################
# GetSessionUser
############################


40
@router.get("/", response_model=UserResponse)
41
42
43
44
45
46
47
48
async def get_session_user(user=Depends(get_current_user)):
    return {
        "id": user.id,
        "email": user.email,
        "name": user.name,
        "role": user.role,
        "profile_image_url": user.profile_image_url,
    }
49
50


51
############################
52
# Update Profile
53
54
55
56
############################


@router.post("/update/profile", response_model=UserResponse)
57
58
async def update_profile(
    form_data: UpdateProfileForm, session_user=Depends(get_current_user)
59
60
):
    if session_user:
61
62
63
        user = Users.update_user_by_id(
            session_user.id,
            {"profile_image_url": form_data.profile_image_url, "name": form_data.name},
64
65
66
67
68
69
70
71
72
        )
        if user:
            return user
        else:
            raise HTTPException(400, detail=ERROR_MESSAGES.DEFAULT())
    else:
        raise HTTPException(400, detail=ERROR_MESSAGES.INVALID_CRED)


73
74
75
76
77
############################
# Update Password
############################


78
@router.post("/update/password", response_model=bool)
79
80
81
async def update_password(
    form_data: UpdatePasswordForm, session_user=Depends(get_current_user)
):
82
83
    if session_user:
        user = Auths.authenticate_user(session_user.email, form_data.password)
84

85
86
        if user:
            hashed = get_password_hash(form_data.new_password)
Timothy J. Baek's avatar
Timothy J. Baek committed
87
            return Auths.update_user_password_by_id(user.id, hashed)
88
89
        else:
            raise HTTPException(400, detail=ERROR_MESSAGES.INVALID_PASSWORD)
90
91
92
93
    else:
        raise HTTPException(400, detail=ERROR_MESSAGES.INVALID_CRED)


94
95
96
97
98
99
############################
# SignIn
############################


@router.post("/signin", response_model=SigninResponse)
Timothy J. Baek's avatar
Timothy J. Baek committed
100
async def signin(request: Request, form_data: SigninForm):
101
102
    user = Auths.authenticate_user(form_data.email.lower(), form_data.password)
    if user:
Timothy J. Baek's avatar
Timothy J. Baek committed
103
104
105
106
        token = create_token(
            data={"id": user.id},
            expires_delta=parse_duration(request.app.state.JWT_EXPIRES_IN),
        )
107
108
109
110
111
112
113
114

        return {
            "token": token,
            "token_type": "Bearer",
            "id": user.id,
            "email": user.email,
            "name": user.name,
            "role": user.role,
Timothy J. Baek's avatar
Timothy J. Baek committed
115
            "profile_image_url": user.profile_image_url,
116
117
        }
    else:
Timothy J. Baek's avatar
Timothy J. Baek committed
118
        raise HTTPException(400, detail=ERROR_MESSAGES.INVALID_CRED)
119
120
121
122
123
124
125
126


############################
# SignUp
############################


@router.post("/signup", response_model=SigninResponse)
127
async def signup(request: Request, form_data: SignupForm):
128
    if not request.app.state.ENABLE_SIGNUP:
Timothy J. Baek's avatar
Timothy J. Baek committed
129
130
131
        raise HTTPException(
            status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.ACCESS_PROHIBITED
        )
132

133
    if not validate_email_format(form_data.email.lower()):
Timothy J. Baek's avatar
Timothy J. Baek committed
134
135
136
        raise HTTPException(
            status.HTTP_400_BAD_REQUEST, detail=ERROR_MESSAGES.INVALID_EMAIL_FORMAT
        )
137

138
139
    if Users.get_user_by_email(form_data.email.lower()):
        raise HTTPException(400, detail=ERROR_MESSAGES.EMAIL_TAKEN)
140

141
    try:
Timothy J. Baek's avatar
Timothy J. Baek committed
142
143
144
145
146
        role = (
            "admin"
            if Users.get_num_users() == 0
            else request.app.state.DEFAULT_USER_ROLE
        )
147
        hashed = get_password_hash(form_data.password)
148
        user = Auths.insert_new_auth(
Danny Liu's avatar
Danny Liu committed
149
150
151
152
153
            form_data.email.lower(),
            hashed,
            form_data.name,
            form_data.profile_image_url,
            role,
154
        )
155

156
        if user:
Timothy J. Baek's avatar
Timothy J. Baek committed
157
158
159
160
            token = create_token(
                data={"id": user.id},
                expires_delta=parse_duration(request.app.state.JWT_EXPIRES_IN),
            )
161
162
            # response.set_cookie(key='token', value=token, httponly=True)

Timothy J. Baek's avatar
Timothy J. Baek committed
163
164
165
            if request.app.state.WEBHOOK_URL:
                post_webhook(
                    request.app.state.WEBHOOK_URL,
Timothy J. Baek's avatar
Timothy J. Baek committed
166
                    WEBHOOK_MESSAGES.USER_SIGNUP(user.name),
Timothy J. Baek's avatar
Timothy J. Baek committed
167
168
169
170
171
172
173
                    {
                        "action": "signup",
                        "message": WEBHOOK_MESSAGES.USER_SIGNUP(user.name),
                        "user": user.model_dump_json(exclude_none=True),
                    },
                )

174
175
176
177
178
179
180
181
182
183
            return {
                "token": token,
                "token_type": "Bearer",
                "id": user.id,
                "email": user.email,
                "name": user.name,
                "role": user.role,
                "profile_image_url": user.profile_image_url,
            }
        else:
184
            raise HTTPException(500, detail=ERROR_MESSAGES.CREATE_USER_ERROR)
185
    except Exception as err:
186
187
        raise HTTPException(500, detail=ERROR_MESSAGES.DEFAULT(err))

188
189
190
191
192
193
194

############################
# ToggleSignUp
############################


@router.get("/signup/enabled", response_model=bool)
195
196
async def get_sign_up_status(request: Request, user=Depends(get_admin_user)):
    return request.app.state.ENABLE_SIGNUP
197
198
199


@router.get("/signup/enabled/toggle", response_model=bool)
200
201
202
async def toggle_sign_up(request: Request, user=Depends(get_admin_user)):
    request.app.state.ENABLE_SIGNUP = not request.app.state.ENABLE_SIGNUP
    return request.app.state.ENABLE_SIGNUP
Timothy J. Baek's avatar
Timothy J. Baek committed
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225


############################
# Default User Role
############################


@router.get("/signup/user/role")
async def get_default_user_role(request: Request, user=Depends(get_admin_user)):
    return request.app.state.DEFAULT_USER_ROLE


class UpdateRoleForm(BaseModel):
    role: str


@router.post("/signup/user/role")
async def update_default_user_role(
    request: Request, form_data: UpdateRoleForm, user=Depends(get_admin_user)
):
    if form_data.role in ["pending", "user", "admin"]:
        request.app.state.DEFAULT_USER_ROLE = form_data.role
    return request.app.state.DEFAULT_USER_ROLE
Timothy J. Baek's avatar
Timothy J. Baek committed
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255


############################
# JWT Expiration
############################


@router.get("/token/expires")
async def get_token_expires_duration(request: Request, user=Depends(get_admin_user)):
    return request.app.state.JWT_EXPIRES_IN


class UpdateJWTExpiresDurationForm(BaseModel):
    duration: str


@router.post("/token/expires/update")
async def update_token_expires_duration(
    request: Request,
    form_data: UpdateJWTExpiresDurationForm,
    user=Depends(get_admin_user),
):
    pattern = r"^(-1|0|(-?\d+(\.\d+)?)(ms|s|m|h|d|w))$"

    # Check if the input string matches the pattern
    if re.match(pattern, form_data.duration):
        request.app.state.JWT_EXPIRES_IN = form_data.duration
        return request.app.state.JWT_EXPIRES_IN
    else:
        return request.app.state.JWT_EXPIRES_IN