Working on user module
This commit is contained in:
Scott Idem
@@ -13,7 +13,7 @@ from sqlalchemy.exc import IntegrityError, OperationalError
|
||||
db_uri = settings.SQLALCHEMY_DATABASE_URI
|
||||
|
||||
connection_string = db_uri
|
||||
engine = create_engine(name_or_url=connection_string, pool_size=25, pool_recycle=60, pool_pre_ping=True, echo=False, echo_pool=True, isolation_level='READ COMMITTED')
|
||||
engine = create_engine(url=connection_string, pool_size=25, pool_recycle=60, pool_pre_ping=True, echo=False, echo_pool=True, isolation_level='READ COMMITTED')
|
||||
# NOTE: The default isolation_level is 'REPEATABLE READ'. This can sometimes not show updated data.
|
||||
# NOTE: The "echo" set to True option shows the SQL queries.
|
||||
|
||||
@@ -284,7 +284,7 @@ def sql_select(
|
||||
as_dict=True,
|
||||
as_list=None
|
||||
):
|
||||
log.setLevel(logging.WARNING) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL
|
||||
#log.setLevel(logging.WARNING) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL
|
||||
log.debug(locals())
|
||||
|
||||
if table_name and not (record_id or record_id_random or field_name or field_value or sql or data):
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
from __future__ import annotations
|
||||
import datetime, pytz, redis
|
||||
from passlib.hash import argon2
|
||||
|
||||
#from datetime import datetime, time, timedelta
|
||||
from fastapi import APIRouter, Depends, Header, HTTPException, status
|
||||
@@ -238,3 +239,16 @@ def lookup_id_random_pop(obj_data:dict):
|
||||
|
||||
return obj_data
|
||||
# ### END ### API Lib General ### lookup_id_random_pop() ###
|
||||
|
||||
|
||||
def secure_hash_string(string:str):
|
||||
string_hash = argon2.using(rounds=14, memory_cost=1536, parallelism=2).hash(string)
|
||||
|
||||
return string_hash
|
||||
|
||||
|
||||
def verify_secure_hash_string(string:str, string_hash:str):
|
||||
if argon2.verify(string, string_hash):
|
||||
return True
|
||||
else:
|
||||
return False
|
||||
@@ -254,6 +254,7 @@ origins = [
|
||||
'http://localhost',
|
||||
'http://localhost:5000',
|
||||
'http://fastapi.localhost:5000',
|
||||
'http://demo.localhost:5000',
|
||||
'https://oneskyit.com',
|
||||
]
|
||||
|
||||
|
||||
@@ -48,7 +48,10 @@ def mk_resp(
|
||||
resp_body['meta'] = {}
|
||||
resp_body['meta']['details'] = details
|
||||
resp_body['meta']['status_code'] = status_code
|
||||
resp_body['meta']['status_message'] = settings.HTTP_STATUS_LI[status_code]['message']
|
||||
if status_message:
|
||||
resp_body['meta']['status_message'] = status_message
|
||||
else:
|
||||
resp_body['meta']['status_message'] = settings.HTTP_STATUS_LI[status_code]['message']
|
||||
resp_body['meta']['status_name'] = settings.HTTP_STATUS_LI[status_code]['name']
|
||||
resp_body['meta']['success'] = success
|
||||
|
||||
|
||||
49
app/models/user_methods.py
Normal file
49
app/models/user_methods.py
Normal file
@@ -0,0 +1,49 @@
|
||||
from __future__ import annotations
|
||||
import datetime
|
||||
|
||||
from typing import Dict, List, Optional, Set, Union
|
||||
from pydantic import BaseModel, EmailStr, Field, PrivateAttr, ValidationError, validator
|
||||
|
||||
from ..lib_general import *
|
||||
from ..db_sql import sql_select
|
||||
|
||||
from .user_model import User_Base, User_Out_Base, User_New_Base
|
||||
|
||||
|
||||
# ### BEGIN ### API User Methods ### load_user_obj() ###
|
||||
def load_user_obj(user_id:int|str, inc_contact:bool=False, inc_organization:bool=False, inc_person:bool=False) -> User_Base:
|
||||
log.setLevel(logging.DEBUG) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL
|
||||
log.debug(locals())
|
||||
|
||||
if user_id := redis_lookup_id_random(record_id_random=user_id, table_name='user'): pass
|
||||
else: return False
|
||||
|
||||
if user_rec := sql_select(table_name='v_user', record_id=user_id):
|
||||
#log.setLevel(logging.WARNING) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL
|
||||
log.debug(user_rec)
|
||||
|
||||
if inc_contact:
|
||||
if contact_rec := sql_select(table_name='v_contact', field_name='contact_id', field_value=user_rec.get('contact_id', None)):
|
||||
user_rec['contact'] = contact_rec
|
||||
|
||||
if inc_organization:
|
||||
if organization_rec := sql_select(table_name='v_organization', field_name='organization_id', field_value=user_rec.get('organization_id', None)):
|
||||
user_rec['organization'] = organization_rec
|
||||
|
||||
if inc_person:
|
||||
if person_rec := sql_select(table_name='v_person', field_name='person_id', field_value=user_rec.get('person_id', None)):
|
||||
user_rec['person'] = person_rec
|
||||
|
||||
log.debug(user_rec)
|
||||
else:
|
||||
return False
|
||||
|
||||
try:
|
||||
user_obj = User_Out_Base(**user_rec)
|
||||
log.debug(user_obj)
|
||||
except ValidationError as e:
|
||||
log.error(e.json())
|
||||
return False
|
||||
|
||||
return user_obj
|
||||
# ### END ### API User Methods ### load_user_obj() ###
|
||||
@@ -13,6 +13,142 @@ from .contact_model import Contact_Base
|
||||
#from .person_model import Person_Base
|
||||
|
||||
|
||||
class User_New_Base(BaseModel):
|
||||
log.setLevel(logging.WARNING) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL
|
||||
log.debug(locals())
|
||||
|
||||
id_random: Optional[str] = Field(
|
||||
**base_fields['user_id_random'],
|
||||
alias='user_id_random',
|
||||
default_factory=lambda:secrets.token_urlsafe(default_num_bytes),
|
||||
)
|
||||
id: Optional[int] = Field(
|
||||
#alias='user_id'
|
||||
)
|
||||
account_id_random: str
|
||||
account_id: Optional[int]
|
||||
|
||||
username: str
|
||||
name: str
|
||||
email: str
|
||||
new_password: str
|
||||
password: Optional[str]
|
||||
|
||||
enable: Optional[bool] = False
|
||||
enable_from: Optional[datetime.datetime]
|
||||
enable_to: Optional[datetime.datetime] = datetime.datetime.now(datetime.timezone.utc) + datetime.timedelta(days=365)
|
||||
|
||||
#super: Optional[bool] = False
|
||||
#manager: Optional[bool] = False
|
||||
administrator: Optional[bool] = False
|
||||
public: Optional[bool] = False
|
||||
verified: Optional[bool] = False
|
||||
|
||||
notes: Optional[str]
|
||||
|
||||
_processed_at: datetime.datetime = PrivateAttr(default_factory=datetime.datetime.now)
|
||||
|
||||
#@validator('user_id_random', always=True)
|
||||
def user_id_random_copy(cls, v, values, **kwargs):
|
||||
log.setLevel(logging.WARNING)
|
||||
log.debug(locals())
|
||||
|
||||
if values['id_random']:
|
||||
return values['id_random']
|
||||
return None
|
||||
|
||||
@validator('id', always=True)
|
||||
def user_id_lookup(cls, v, values, **kwargs):
|
||||
log.setLevel(logging.WARNING)
|
||||
log.debug(locals())
|
||||
|
||||
if values['id_random']:
|
||||
log.debug(values['id_random'])
|
||||
return redis_lookup_id_random(record_id_random=values['id_random'], table_name='user')
|
||||
return None
|
||||
|
||||
@validator('account_id', always=True)
|
||||
def account_id_lookup(cls, v, values, **kwargs):
|
||||
log.setLevel(logging.WARNING)
|
||||
log.debug(locals())
|
||||
|
||||
if values['account_id_random']:
|
||||
return redis_lookup_id_random(record_id_random=values['account_id_random'], table_name='account')
|
||||
return None
|
||||
|
||||
@validator('password', always=True)
|
||||
def hash_new_password(cls, v, values, **kwargs):
|
||||
log.setLevel(logging.WARNING)
|
||||
log.debug(locals())
|
||||
|
||||
if values['new_password']:
|
||||
return secure_hash_string(string=values['new_password'])
|
||||
return None
|
||||
|
||||
class Config:
|
||||
underscore_attrs_are_private = True
|
||||
fields = base_fields
|
||||
|
||||
|
||||
class User_Out_Base(BaseModel):
|
||||
log.setLevel(logging.WARNING) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL
|
||||
log.debug(locals())
|
||||
|
||||
id_random: Optional[str] = Field(
|
||||
**base_fields['user_id_random'],
|
||||
alias='user_id_random',
|
||||
)
|
||||
account_id_random: Optional[str]
|
||||
#account_id: Optional[int]
|
||||
contact_id_random: Optional[str]
|
||||
#contact_id: Optional[int]
|
||||
organization_id_random: Optional[str]
|
||||
#organization_id: Optional[int]
|
||||
person_id_random: Optional[str]
|
||||
#person_id: Optional[int]
|
||||
|
||||
username: Optional[str]
|
||||
name: Optional[str]
|
||||
email: Optional[str]
|
||||
email_verified: Optional[bool]
|
||||
password: Optional[str]
|
||||
auth_key: Optional[str]
|
||||
|
||||
enable: Optional[bool]
|
||||
enable_from: Optional[datetime.datetime]
|
||||
enable_to: Optional[datetime.datetime]
|
||||
|
||||
super: Optional[bool]
|
||||
manager: Optional[bool]
|
||||
administrator: Optional[bool]
|
||||
public: Optional[bool]
|
||||
verified: Optional[bool]
|
||||
status_id: Optional[int]
|
||||
status_name: Optional[str]
|
||||
|
||||
password_set_on: Optional[datetime.datetime]
|
||||
password_reset_token: Optional[str]
|
||||
password_reset_expire_on: Optional[datetime.datetime]
|
||||
logged_in_on: Optional[datetime.datetime]
|
||||
last_activity_on: Optional[datetime.datetime]
|
||||
|
||||
#account: Optional[Account_Base]# = Account_Base()
|
||||
#contact: Optional[Contact_Base]# = Contact_Base()
|
||||
#organization: Optional[Organization_Base]# = Organization_Base()
|
||||
#person: Optional[Person_Base]# = Person_Base()
|
||||
|
||||
notes: Optional[str]
|
||||
created_on: Optional[datetime.datetime]
|
||||
updated_on: Optional[datetime.datetime]
|
||||
|
||||
_processed_at: datetime.datetime = PrivateAttr(default_factory=datetime.datetime.now)
|
||||
|
||||
class Config:
|
||||
underscore_attrs_are_private = True
|
||||
fields = base_fields
|
||||
|
||||
|
||||
|
||||
class User_Base(BaseModel):
|
||||
log.setLevel(logging.WARNING) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL
|
||||
log.debug(locals())
|
||||
|
||||
@@ -11,7 +11,8 @@ from app.db_sql import *
|
||||
|
||||
from .api_crud import delete_obj_template, get_obj_template, get_obj_li_template, patch_obj_template, post_obj_template
|
||||
|
||||
from ..models.user_model import User_Base
|
||||
from ..models.user_model import User_Base, User_New_Base, User_Out_Base
|
||||
from ..models.user_methods import load_user_obj
|
||||
from ..models.response_model import *
|
||||
|
||||
|
||||
@@ -41,6 +42,41 @@ async def post_user_obj(
|
||||
return result
|
||||
|
||||
|
||||
@router.post('/new', response_model=Resp_Body_Base)
|
||||
async def post_user_new_obj(
|
||||
user_obj: User_New_Base,
|
||||
x_account_id: str = Header(...),
|
||||
return_obj: bool = True,
|
||||
by_alias: bool = True,
|
||||
exclude_unset: bool = True,
|
||||
):
|
||||
log.setLevel(logging.WARNING) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL
|
||||
log.debug(locals())
|
||||
|
||||
user_data = user_obj.dict(by_alias=False, exclude_unset=False, exclude={'new_password', 'account_id_random'})
|
||||
|
||||
log.info('Checking if the username is already in use for the account...')
|
||||
sql_select_user = f"""
|
||||
SELECT *
|
||||
FROM `user` AS user
|
||||
WHERE user.account_id = :account_id and user.username = :username
|
||||
"""
|
||||
|
||||
if sql_select_result := sql_select(sql=sql_select_user, data=user_data):
|
||||
return mk_resp(data=False, status_message='The user account was not created. This is likely because of a duplicate username.')
|
||||
|
||||
log.info('Adding new user account...')
|
||||
if sql_insert_result := sql_insert(table_name='user', data=user_data):
|
||||
log.info('Selecting new user account to return as an object...')
|
||||
sql_select_user_result = sql_select(table_name='v_user', record_id=sql_insert_result)
|
||||
|
||||
user_obj_new = User_Out_Base(**sql_select_user_result)
|
||||
|
||||
return mk_resp(data=user_obj_new.dict(by_alias=True, exclude_unset=True))
|
||||
else:
|
||||
return mk_resp(data=False, status_message='The user account was not created. Something seems to have gone wrong on insert.')
|
||||
|
||||
|
||||
@router.patch('/{obj_id}', response_model=Resp_Body_Base)
|
||||
async def patch_user_obj(
|
||||
obj_id: str = Query(..., min_length=1, max_length=22),
|
||||
@@ -158,6 +194,139 @@ async def get_user_obj_li(
|
||||
return result
|
||||
|
||||
|
||||
# Look up is only for account or person records
|
||||
@router.get('/lookup', response_model=Resp_Body_Base)
|
||||
async def lookup_user_obj(
|
||||
for_obj_id: Union[int,str],
|
||||
for_obj_type: str = Query(..., min_length=2, max_length=50),
|
||||
x_account_id: str = Header(...),
|
||||
inc_contact: bool = False,
|
||||
inc_organization: bool = False,
|
||||
inc_person: bool = False,
|
||||
by_alias: bool = True,
|
||||
exclude_unset: bool = True,
|
||||
):
|
||||
log.setLevel(logging.DEBUG) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL
|
||||
log.debug(locals())
|
||||
|
||||
obj_type = 'user'
|
||||
base_name = User_Out_Base
|
||||
|
||||
if for_obj_id := redis_lookup_id_random(record_id_random=for_obj_id, table_name=for_obj_type): pass
|
||||
else: return mk_resp(data=False, status_code=404) # Not Found
|
||||
log.setLevel(logging.DEBUG) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL
|
||||
|
||||
data = {}
|
||||
as_list = False
|
||||
if for_obj_type == 'account' and for_obj_id:
|
||||
data['account_id'] = for_obj_id
|
||||
sql_where_for_obj_type = """`user`.account_id = :account_id"""
|
||||
sql_limit = ''
|
||||
as_list = True
|
||||
elif for_obj_type == 'person' and for_obj_id:
|
||||
data['person_id'] = for_obj_id
|
||||
sql_where_for_obj_type = """`user`.person_id = :person_id"""
|
||||
sql_limit = 'LIMIT 1'
|
||||
else:
|
||||
log.debug(f'Object type={for_obj_type}; Object ID={for_obj_id}')
|
||||
return mk_resp(data=False, status_code=400) # Bad Request
|
||||
|
||||
sql = f"""
|
||||
SELECT id AS 'user_id', id_random AS 'user_id_random'
|
||||
FROM `user` AS `user`
|
||||
WHERE {sql_where_for_obj_type}
|
||||
{sql_limit}
|
||||
"""
|
||||
|
||||
# This will return a list if selecting by account ID
|
||||
user_obj_result = sql_select(data=data, sql=sql, as_list=as_list)
|
||||
if isinstance(user_obj_result, dict):
|
||||
user_id = user_obj_result.get('user_id', None)
|
||||
user_obj = load_user_obj(
|
||||
user_id=user_id,
|
||||
inc_contact=inc_contact,
|
||||
inc_organization=inc_organization,
|
||||
inc_person=inc_person
|
||||
).dict(by_alias=by_alias, exclude_unset=exclude_unset)
|
||||
data = user_obj
|
||||
elif isinstance(user_obj_result, list):
|
||||
user_obj_li = []
|
||||
for user_obj in user_obj_result:
|
||||
user_id = user_obj.get('user_id', None)
|
||||
user_obj_li.append(
|
||||
load_user_obj(
|
||||
user_id=user_id,
|
||||
inc_contact=inc_contact,
|
||||
inc_organization=inc_organization,
|
||||
inc_person=inc_person,
|
||||
).dict(by_alias=by_alias, exclude_unset=exclude_unset)
|
||||
)
|
||||
data = user_obj_li
|
||||
else:
|
||||
log.debug(user_obj_result)
|
||||
return mk_resp(data=None, status_code=404) # Not Found
|
||||
return mk_resp(data=data)
|
||||
|
||||
|
||||
# Look up is only for account or person records
|
||||
@router.get('/lookup_username', response_model=Resp_Body_Base)
|
||||
async def lookup_username_obj(
|
||||
account_id: Union[int,str],
|
||||
username: str = Query(..., min_length=2, max_length=50),
|
||||
x_account_id: str = Header(...),
|
||||
inc_contact: bool = False,
|
||||
inc_organization: bool = False,
|
||||
inc_person: bool = False,
|
||||
by_alias: bool = True,
|
||||
exclude_unset: bool = True,
|
||||
):
|
||||
log.setLevel(logging.DEBUG) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL
|
||||
log.debug(locals())
|
||||
|
||||
if account_id := redis_lookup_id_random(record_id_random=account_id, table_name='account'): pass
|
||||
else: return mk_resp(data=False, status_code=404) # Not Found
|
||||
log.setLevel(logging.DEBUG) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL
|
||||
|
||||
data = {}
|
||||
data['account_id'] = account_id
|
||||
data['username'] = username
|
||||
|
||||
sql = f"""
|
||||
SELECT id AS 'user_id', id_random AS 'user_id_random'
|
||||
FROM `user` AS `user`
|
||||
WHERE `user`.account_id = :account_id AND `user`.username = :username
|
||||
"""
|
||||
|
||||
# This will return a list if selecting by account ID
|
||||
user_obj_result = sql_select(data=data, sql=sql)
|
||||
if isinstance(user_obj_result, dict):
|
||||
user_id = user_obj_result.get('user_id', None)
|
||||
user_obj = load_user_obj(
|
||||
user_id=user_id,
|
||||
inc_contact=inc_contact,
|
||||
inc_organization=inc_organization,
|
||||
inc_person=inc_person
|
||||
).dict(by_alias=by_alias, exclude_unset=exclude_unset)
|
||||
data = user_obj
|
||||
elif isinstance(user_obj_result, list):
|
||||
user_obj_li = []
|
||||
for user_obj in user_obj_result:
|
||||
user_id = user_obj.get('user_id', None)
|
||||
user_obj_li.append(
|
||||
load_user_obj(
|
||||
user_id=user_id,
|
||||
inc_contact=inc_contact,
|
||||
inc_organization=inc_organization,
|
||||
inc_person=inc_person,
|
||||
).dict(by_alias=by_alias, exclude_unset=exclude_unset)
|
||||
)
|
||||
data = user_obj_li
|
||||
else:
|
||||
log.debug(user_obj_result)
|
||||
return mk_resp(data=None, status_code=404) # Not Found
|
||||
return mk_resp(data=data)
|
||||
|
||||
|
||||
@router.get('/{obj_id}', response_model=Resp_Body_Base)
|
||||
async def get_user_obj(
|
||||
obj_id: str = Query(..., min_length=1, max_length=22),
|
||||
|
||||
Reference in New Issue
Block a user