async def get_user(conn: AsyncIOMotorClient,
id: Optional[str] = None,
username: Optional[str] = None,
email: Optional[str] = None,
mobile: Optional[str] = None) -> UserInDB:
if id:
row = await conn[database_name][user_collection_name].find_one(
{"id": id})
if row:
return UserInDB(**row)
if username:
row = await conn[database_name][user_collection_name].find_one(
{"username": username})
if row:
return UserInDB(**row)
if email:
row = await conn[database_name][user_collection_name].find_one(
{"email": email})
if row:
return UserInDB(**row)
if mobile:
row = await conn[database_name][user_collection_name].find_one(
{"mobile": mobile})
if row:
return UserInDB(**row)
async def register_new_user(self, *, new_user: UserCreate) -> UserInDB:
# make sure email isn't already taken
if await self.get_user_by_email(email=new_user.email):
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=
"That email is already taken. Login with that email or register with another one."
)
# make sure username isn't already taken
if await self.get_user_by_username(username=new_user.username):
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="That username is already taken. Please try another one."
)
user_password_update = self.auth_service.create_salt_and_hashed_password(
plaintext_password=new_user.password)
new_user_params = new_user.copy(update=user_password_update.dict())
created_user = await self.db.fetch_one(query=REGISTER_NEW_USER_QUERY,
values=new_user_params.dict())
# create profile for new user
profile = await self.profile_repo.create_profile_for_user(
profile_create=ProfileCreate(user_id=created_user["id"]))
return UserInDB(**created_user, profile=profile)
return UserInDB(**created_user)
def insert_or_update_user(user: UserInDB):
if (hasattr(user, "id")):
delattr(user, "id")
finded = db.user.find_one({"username": user.username, "disabled": False})
if finded is None:
user.date_insert = datetime.utcnow()
ret = db.user.insert_one(user.dict(by_alias=True))
else:
if (hasattr(user, "date_insert")):
delattr(user, "date_insert")
user.date_update = datetime.utcnow()
ret = db.user.find_one_and_update({"username": user.username, "disabled": False}, {"$set": user.dict(by_alias=True)}, return_document=ReturnDocument.AFTER )
print (ret)
return ret
async def register_new_user(self, *, new_user: UserCreate) -> UserInDB:
if await self.get_user_by_email(email=new_user.email):
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=
"That email is already taken. Login with email or register with another email"
)
if await self.get_user_by_username(username=new_user.username):
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="That username is already taken. Please try another")
user_password_update = self.auth_service.create_salt_and_hashed_password(
plaintext_password=new_user.password)
new_user_params = new_user.copy(update=user_password_update.dict())
# hashed_password = await auth_service.get_password_hash(new_user.password)
# new_user = new_user.dict().update(password=hashed_password)
# created_user = await self.db.fetch_one(query=REGISTER_NEW_USER_QUERY, values={**new_user, "salt": auth_service.generate_salt()})
created_user = await self.db.fetch_one(query=REGISTER_NEW_USER_QUERY,
values=new_user_params.dict())
# created profile for new user
await self.profiles_repo.create_profile_for_user(
profile_create=ProfileCreate(user_id=created_user["id"]))
return await self.populate_user(user=UserInDB(**created_user))
async def test_users_can_register_successfully(
self,
app: FastAPI,
client: AsyncClient,
db: Database,
) -> None:
user_repo = UsersRepository(db)
new_user = {
"email": "*****@*****.**",
"username": "******",
"password": "******",
}
# make sure user doesn't exist yet
user_in_db = await user_repo.get_user_by_email(email=new_user["email"])
assert user_in_db is None
# send post request to create user and ensure it is successful
res = await client.post(app.url_path_for("users:register-new-user"),
json={"new_user": new_user})
assert res.status_code == HTTP_201_CREATED
# ensure that the user now exists in the db
user_in_db = await user_repo.get_user_by_email(email=new_user["email"])
assert user_in_db is not None
assert user_in_db.email == new_user["email"]
assert user_in_db.username == new_user["username"]
# check that the user returned in the response is equal to the user in the database
created_user = UserInDB(**res.json(), password="******",
salt="123").dict(exclude={"password", "salt"})
assert created_user == user_in_db.dict(exclude={"password", "salt"})
async def register_new_user(self, *, new_user: UserCreate) -> UserInDB:
# make sure email isn't already taken
if await self.get_user_by_email(email=new_user.email):
raise HTTPException(
status_code=HTTP_400_BAD_REQUEST,
detail=
"That email is already taken. Login with that email or register with another one.",
)
# make sure username isn't already taken
if await self.get_user_by_username(username=new_user.username):
raise HTTPException(
status_code=HTTP_400_BAD_REQUEST,
detail="That username is already taken. Please try another one."
)
user_password_update = self.auth_service.create_salt_and_hashed_password(
plaintext_password=new_user.password)
new_user_params = new_user.copy(update=user_password_update.dict())
created_user = await self.db.fetch_one(query=REGISTER_NEW_USER_QUERY,
values=new_user_params.dict())
# This is a useful pattern that we'll take advantage of regularly. By adding the
# ProfilesRepository as a sub-repo of the UsersRepository, we can insert any
# profile-related logic directly into our user-related logic.
# Create profile for new user (UserPublic.profile model)
await self.profiles_repo.create_profile_for_user(
profile_create=ProfileCreate(user_id=created_user["id"]))
return await self.populate_user(user=UserInDB(**created_user))
async def get_user_by_email(self, *, email: EmailStr) -> UserInDB:
user_record = await self.db.fetch_one(query=GET_USER_BY_EMAIL_QUERY, values={'email': email})
if not user_record:
return None
return await self.populate_user(user=UserInDB(**user_record))
async def get_user_by_username(self, *, username: str) -> UserInDB:
user_record = await self.db.fetch_one(query=GET_USER_BY_USERNAME_QUERY, values={'username': username})
if not user_record:
return None
return await self.populate_user(user=UserInDB(**user_record))
async def test_user_with_wrong_creds_doesnt_receive_token(
self,
app: FastAPI,
client: AsyncClient,
test_user: UserInDB,
credential: str,
wrong_value: str,
status_code: int,
) -> None:
client.headers["content-type"] = "application/x-www-form-urlencoded"
user_data = test_user.dict()
user_data[
"password"] = "******" # insert user's plaintext password
user_data[credential] = wrong_value
login_data = {
"username": user_data["email"],
"password":
user_data["password"], # insert password from parameters
}
res = await client.post(
app.url_path_for("users:login-email-and-password"),
data=login_data)
assert res.status_code == status_code
assert "access_token" not in res.json()
def authenticate_user(username: str, password: str):
user = get_user(UserInDB(username=username))
if user is None:
return False
if not verify_password(password, user.hashed_password):
return False
return user
async def auth_client_side(request: Request):
try:
body_bytes = await request.body()
auth_code = jsonable_encoder(body_bytes)
idInfo = id_token.verify_oauth2_token(auth_code, requests.Request(),
configuration.GOOGLE_CLIENT_ID)
if idInfo["iss"] not in [
"accounts.google.com", "https://accounts.google.com"
]:
raise ValueError("Wrong issuer.")
accessTokenExpires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
dateExpires = datetime.utcnow() + accessTokenExpires
print(idInfo)
user = UserInDB(
username=idInfo.get("email"),
email=idInfo.get("email"),
picture=idInfo.get("picture"),
given_name=idInfo.get("given_name"),
family_name=idInfo.get("family_name"),
disabled=False,
)
ret = insert_or_update_user(user)
accessToken = create_access_token(data={"username": user.username},
expires_delta=accessTokenExpires,
expires_date=dateExpires)
return Token(
access_token=accessToken,
token_type="bearer",
expires=accessTokenExpires,
date_expires=dateExpires,
)
except:
return HTTPException(status.HTTP_400_BAD_REQUEST,
"Unable to validate Google Login")
async def populate_user(self, *, user: UserInDB) -> UserInDB:
return UserPublic(
# unpack the user in db instance,
**user.dict(),
# fetch the user's profile from the profiles_repo
profile=await
self.profiles_repo.get_profile_by_user_id(user_id=user.id),
)
async def populate_user(self, *, user: UserInDB) -> UserInDB:
return UserPublic(
# unpack the user in db dict into the UserPublic model
# which will remove "password" and "salt"
**user.dict(),
# fetch the user's profile from the profiles repo
profile=await
self.profiles_repo.get_profile_by_user_id(user_id=user.id))
def upsert_in_db(bucket: Bucket, *, user_in: UserCreate, persist_to=0):
user_doc_id = get_doc_id(user_in.username)
passwordhash = get_password_hash(user_in.password)
user = UserInDB(**user_in.dict(), hashed_password=passwordhash)
doc_data = jsonable_encoder(user)
with bucket.durability(persist_to=persist_to,
timeout=config.COUCHBASE_DURABILITY_TIMEOUT_SECS):
bucket.upsert(user_doc_id, doc_data)
return user
async def create_user(self, *, new_user: UserCreate) -> UserInDB:
query_values = new_user.dict()
query_values["id"] = uuid4()
query_values["created_at"] = datetime.utcnow()
query_values["hashed_password"] = query_values["password"]
del query_values["password"]
query = users_table.insert().values(**query_values)
id = await self.db.execute(query)
return UserInDB(**query_values)
async def populate_user(self, *, user: UserInDB) -> UserPublic:
"""
Unpacks the user in db dict into the UserPublic model
which will remove "password" and "salt".
It also fetches the user's profile from the profiles repo and attaches it to the user.
"""
return UserPublic(**user.dict(),
profile=await
self.profiles_repo.get_profile_by_user_id(
user_id=user.id))
async def get_user_by_id(self,
*,
user_id: int,
populate: bool = True) -> UserPublic:
user_record = await self.db.fetch_one(query=GET_USER_BY_ID_QUERY,
values={"id": user_id})
if user_record:
user = UserInDB(**user_record)
if populate:
return await self.populate_user(user=user)
return user
async def get_user(conn: Connection, username: str) -> UserInDB:
row = await conn.fetchrow(
"""
SELECT id, username, email, salt, hashed_password, bio, image, created_at, updated_at
FROM users
WHERE username = $1
""",
username,
)
if row:
return UserInDB(**row)
async def get_user_by_username(self,
*,
username: str,
populate: bool = True) -> UserInDB:
user_record = await self.db.fetch_one(query=GET_USER_BY_USERNAME_QUERY,
values={"username": username})
if user_record:
user = UserInDB(**user_record)
if populate:
return await self.populate_user(user=user)
return user
async def get_user_by_email(self,
*,
email: EmailStr,
populate: bool = True) -> UserInDB:
user_record = await self.db.fetch_one(query=GET_USER_BY_EMAIL_QUERY,
values={"email": email})
if user_record:
user = UserInDB(**user_record)
if populate:
return await self.populate_user(user=user)
return user
async def create_user(conn: AsyncIOMotorClient,
user: UserInCreate) -> UserInDB:
salt = generate_salt()
hashed_password = get_password_hash(salt + user.password)
db_user = user.dict()
db_user['salt'] = salt
db_user['hashed_password'] = hashed_password
del db_user['password']
row = await conn[database_name][user_collection_name].insert_one(db_user)
return UserInDB(**user.dict())
async def get_user_by_email(self,
*,
email: EmailStr,
populate: bool = True) -> UserInDB:
user_record = await self.db.fetch_one(query=GET_USER_BY_EMAIL_QUERY,
values={"email": email})
if user_record:
user = UserInDB(**user_record)
# when we don't need the user's profile or actually want to access
# the user's password and salt - like in our authenticate_user method -
# we can set populate=False and only get the UserInDB model back.
if populate:
return await self.populate_user(user=user)
return user
async def get_current_user(token: str = Depends(oauth2_scheme)):
try:
payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
print (payload)
token_data = TokenDataInDB(**payload)
if token_data.username is None:
raise credentials_exception
# Verify if token not is revoked
if token_revoke(token_data):
raise credentials_exception
except JWTError:
raise credentials_exception
user = get_user(UserInDB(username=token_data.username))
if user is None:
raise credentials_exception
return user
def update_user_me(
*,
password: str = Body(None),
full_name: str = Body(None),
email: EmailStr = Body(None),
current_user: UserInDB = Depends(get_current_active_user),
):
"""
Update own user.
"""
user_in = UserUpdate(**current_user.dict())
if password is not None:
user_in.password = password
if full_name is not None:
user_in.full_name = full_name
if email is not None:
user_in.email = email
bucket = get_default_bucket()
user = crud.user.update(bucket, username=current_user.username, user_in=user_in)
return user
def route_users_me_put(
*,
password: str = Body(None),
full_name: str = Body(None),
email: EmailStr = Body(None),
current_user: UserInDB = Depends(get_current_user),
):
"""
Update own user
"""
if not check_if_user_is_active(current_user):
raise HTTPException(status_code=400, detail="Inactive user")
user_in = UserInUpdate(**current_user.dict())
if password is not None:
user_in.password = password
if full_name is not None:
user_in.full_name = full_name
if email is not None:
user_in.email = email
bucket = get_default_bucket()
user = update_user(bucket, user_in)
return user
async def test_user_with_wrong_creds_doesnt_receive_token(
self,
app: FastAPI,
client: AsyncClient,
test_user: UserInDB,
credential: str,
wrong_value: str,
status_code: int,
) -> None:
client.headers['content-type'] = 'application/x-www-form-urlencoded'
user_data = test_user.dict()
user_data[
'password'] = '******' # insert user's plaintext password
user_data[credential] = wrong_value
login_data = {
'username': user_data['email'],
'password':
user_data['password'], # insert password from parameters
}
res = await client.post(
app.url_path_for('users:login-email-and-password'),
data=login_data)
assert res.status_code == status_code
assert 'access_token' not in res.json()
async def auth_server_side(request: Request):
token = await oauth.google.authorize_access_token(request)
user = await oauth.google.parse_id_token(request, token)
accessTokenExpires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
dateExpires = datetime.utcnow() + accessTokenExpires
print(user)
userDB = UserInDB(
username=user.get("email"),
email=user.get("email"),
picture=user.get("picture"),
given_name=user.get("given_name"),
family_name=user.get("family_name"),
disabled=False,
)
ret = insert_or_update_user(userDB)
accessToken = create_access_token(data={"username": user.get("email")},
expires_delta=accessTokenExpires,
expires_date=dateExpires)
return Token(
access_token=accessToken,
token_type="bearer",
expires=accessTokenExpires,
date_expires=dateExpires,
)
async def create_user(conn: Connection, user: UserInCreate) -> UserInDB:
dbuser = UserInDB(**user.dict())
dbuser.change_password(user.password)
row = await conn.fetchrow(
"""
INSERT INTO users (username, email, salt, hashed_password, bio, image)
VALUES ($1, $2, $3, $4, $5, $6)
RETURNING id, created_at, updated_at
""",
dbuser.username,
dbuser.email,
dbuser.salt,
dbuser.hashed_password,
dbuser.bio,
dbuser.image,
)
dbuser.id = row["id"]
dbuser.created_at = row["created_at"]
dbuser.updated_at = row["updated_at"]
return dbuser
async def create(db: DBClient, data: UserCreate):
logging.info(">>> " + __name__ + ":" + create.__name__)
collection = utils.get_collection(db, config.DOCTYPE_USER)
passwordhash = get_password_hash(data.password)
user = UserInDB(**data.dict(), hashed_password=passwordhash)
return await utils.create(collection, user)
async def populate_user(self, *, user: UserInDB) -> UserInDB:
user_profile = await self.profile_repo.get_profile_by_user_id(user_id=user.id)
user.profile = ProfilePublic(**user_profile.dict())
return user
