Merge branch 'main' of git.venya.tech:mega_venik/fastapi-boilerplate

README.md

@@ -4,7 +4,9 @@ Compact template for FastAPI-based projects. SQLAlchemy ORM and Alembic migratio
 
 ## Alembic
 
-To add new models to migrations you need to import them inside `migrations/env.py`. And then create migration:
+To add new models to migrations you need to import them inside `migrations/env.py`. Just add `from <appname>.models import *` at the head of file and it should be enough
+
+And then create migration:
 
     pipenv run alembic revision --autogenerate -m "<bla-bla>"
 

app/database/db.py

@@ -0,0 +1,21 @@
+from sqlalchemy.ext.asyncio import AsyncSession, create_async_engine
+from sqlalchemy.orm import sessionmaker, declarative_base
+from app.settings import settings
+
+Base = declarative_base()
+
+from sqlalchemy.pool import QueuePool
+
+# Create async engine with connection pooling
+engine = create_async_engine(
+    settings.DATABASE_URL,
+    echo=True,
+    poolclass=QueuePool,
+    pool_size=5,
+    max_overflow=10,
+)
+
+# Create async session factory
+async_session = sessionmaker(
+    engine, class_=AsyncSession, expire_on_commit=False
+)

app/database/models.py

@@ -0,0 +1,80 @@
+from typing import List
+from sqlalchemy import Column, String
+from sqlalchemy import update as sqlalchemy_update, delete as sqlalchemy_delete
+from sqlalchemy.future import select
+
+from app.database.db import Base, async_session
+
+from uuid import uuid4
+from typing_extensions import Self
+
+class BaseCRUD(Base):
+    __abstract__ = True
+    id = Column(String, primary_key=True)
+
+    def __repr__(self):
+        return (
+            f"<{self.__class__.__name__}("
+            f"id={self.id}, "
+            f"name={self.name}, "
+            f")>"
+        )
+
+    @classmethod
+    async def create(cls, **kwargs) -> Self:
+        async with async_session() as db:
+            server = cls(id=str(uuid4()), **kwargs)
+            db.add(server)
+            try:
+                await db.commit()
+                await db.refresh(server)
+            except Exception:
+                await db.rollback()
+                raise
+            return server
+
+    @classmethod
+    async def update(cls, id, **kwargs) -> Self:
+        async with async_session() as db:
+            query = (
+                sqlalchemy_update(cls)
+                .where(cls.id == id)
+                .values(**kwargs)
+                .execution_options(synchronize_session="fetch")
+            )
+            await db.execute(query)
+            try:
+                await db.commit()
+            except Exception:
+                await db.rollback()
+                raise
+            return await cls.get(id)
+
+    @classmethod
+    async def get(cls, id) -> Self:
+        async with async_session() as db:
+            query = select(cls).where(cls.id == id)
+            servers = await db.execute(query)
+            (server,) = servers.first()
+            return server
+
+    @classmethod
+    async def get_all(cls) -> List[Self]:
+        async with async_session() as db:
+            query = select(cls)
+            servers = await db.execute(query)
+            servers = servers.scalars().all()
+            return servers
+
+    @classmethod
+    async def delete(cls, id) -> bool:
+        async with async_session() as db:
+            query = sqlalchemy_delete(cls).where(cls.id == id)
+            await db.execute(query)
+            try:
+                await db.commit()
+            except Exception:
+                await db.rollback()
+                raise
+            return True
+

app/db.py

@@ -1,49 +0,0 @@
-from sqlalchemy import future
-from sqlalchemy.ext.asyncio import AsyncSession, create_async_engine
-from sqlalchemy.orm import sessionmaker, declarative_base
-from app.settings import settings
-
-Base = declarative_base()
-
-# engine = create_async_engine(settings.DATABASE_URL, echo=True, future=True)
-
-# Session = sessionmaker(engine, class_=AsyncSession, expire_on_commit=False)
-
-# def get_session():
-#     with Session() as session:
-#         yield session
-
-class AsyncDatabaseSession:
-    def __init__(self):
-        self._session = None
-        self._engine = None
-        self._engine = create_async_engine(
-            settings.DATABASE_URL,
-            future=True,
-            echo=True,
-        )
-        self._session = sessionmaker(
-            self._engine, expire_on_commit=False, class_=AsyncSession
-        )()
-
-    def __getattr__(self, name):
-        return getattr(self._session, name)
-
-    # def init(self):
-
-db = AsyncDatabaseSession()
-
-# async def get_session() -> AsyncSession:
-#     async_session = sessionmaker(
-#         engine, class_=AsyncSession, expire_on_commit=False
-#     )
-#     async with async_session() as session:
-#         yield session
-# # from sqlalchemy import create_engine
-# # from sqlalchemy.ext.declarative import declarative_base
-# # from sqlalchemy.orm import sessionmaker
-
-# engine = create_engine(settings.DATABASE_URL)
-# SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
-
-

app/main.py

@@ -4,6 +4,21 @@ from users.views import router as users_router
 
 
 app = FastAPI()
+
+# Workaround to debug `422 Unprocessable Entity` error
+import logging
+from fastapi import Request, status
+from fastapi.exceptions import RequestValidationError
+from fastapi.responses import JSONResponse
+
+@app.exception_handler(RequestValidationError)
+async def validation_exception_handler(request: Request, exc: RequestValidationError):
+	exc_str = f'{exc}'.replace('\n', ' ').replace('   ', ' ')
+	logging.error(f"{request}: {exc_str}")
+	content = {'status_code': 10422, 'message': exc_str, 'data': None}
+	return JSONResponse(content=content, status_code=status.HTTP_422_UNPROCESSABLE_ENTITY)
+# workaround end
+
 app.include_router(users_router)
 
 

migrations/env.py

@@ -9,7 +9,9 @@ from sqlalchemy.ext.asyncio import AsyncEngine
 from alembic import context
 
 from app.settings import settings
-import users
+from app.database import db
+
+# your models to import for migrations processing
 from users.models import *
 
 # this is the Alembic Config object, which provides
@@ -27,7 +29,7 @@ config.set_main_option('sqlalchemy.url', settings.DATABASE_URL)
 # for 'autogenerate' support
 # from myapp import mymodel
 # target_metadata = mymodel.Base.metadata
-target_metadata = [users.models.Base.metadata]
+target_metadata = db.Base.metadata
 
 # other values from the config, defined by the needs of env.py,
 # can be acquired:

users/models.py

@@ -1,16 +1,21 @@
-# from sqlmodel import SQLModel, Field
+from sqlalchemy import Column, String, DateTime
-from sqlalchemy import Column, String, DateTime, delete
+from sqlalchemy import update as sqlalchemy_update
-from sqlalchemy import update as sqlalchemy_update, delete as sqlalchemy_delete
 from sqlalchemy.future import select
-from app.db import Base, db
+from app.database.models import BaseCRUD
+from app.database.db import async_session
 from datetime import datetime
 
 from uuid import uuid4
+from passlib.context import CryptContext
 
-class User(Base):
+pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
+
+class User(BaseCRUD):
     __tablename__ = "users"
-    id = Column(String, primary_key=True)
+    username = Column(String, nullable=False, unique=True)
-    username = Column(String)
+    full_name = Column(String)
+    email = Column(String, nullable=False, unique=True)
+    password = Column(String, nullable=False)
     created_at = Column(DateTime, index=True, default=datetime.utcnow)
 
     def __repr__(self):
@@ -21,12 +26,37 @@ class User(Base):
             f")>"
         )
 
+    def verify_password(self, plain_password):
+        return pwd_context.verify(plain_password, self.password)
+
+    @staticmethod
+    def get_password_hash(password):
+        return pwd_context.hash(password)
+
+    @classmethod
+    async def authenticate_user(cls, username: str, password: str):
+        # TODO: add exception when noone found
+        async with async_session() as db:
+            query = select(cls).where(cls.username == username)
+            users = await db.execute(query)
+            (user,) = users.first()
+
+            if user:
+                if not cls.verify_password(user, password):
+                    return False
+
+            return user
+
     @classmethod
     async def create(cls, **kwargs):
+        if 'plain_password' in kwargs:
+            kwargs['password'] = cls.get_password_hash(kwargs.pop('plain_password'))
+        async with async_session() as db:
             user = cls(id=str(uuid4()), **kwargs)
             db.add(user)
             try:
                 await db.commit()
+                await db.refresh()
             except Exception:
                 await db.rollback()
                 raise
@@ -34,6 +64,9 @@ class User(Base):
 
     @classmethod
     async def update(cls, id, **kwargs):
+        if 'plain_password' in kwargs:
+            kwargs['password'] = cls.get_password_hash(kwargs.pop('plain_password'))
+        async with async_session() as db:
             query = (
                 sqlalchemy_update(cls)
                 .where(cls.id == id)
@@ -48,31 +81,6 @@ class User(Base):
                 raise
             return await cls.get(id)
 
-    @classmethod
-    async def get(cls, id):
-        query = select(cls).where(cls.id == id)
-        users = await db.execute(query)
-        (user,) = users.first()
-        return user
-
-    @classmethod
-    async def get_all(cls):
-        query = select(cls)
-        users = await db.execute(query)
-        users = users.scalars().all()
-        return users
-
-    @classmethod
-    async def delete(cls, id):
-        query = sqlalchemy_delete(cls).where(cls.id == id)
-        await db.execute(query)
-        try:
-            await db.commit()
-        except Exception:
-            await db.rollback()
-            raise
-        return True
-
 # class UserBase(SQLModel):
 #     username: str
 #     full_name: str

users/views.py

@@ -3,13 +3,8 @@ from fastapi import APIRouter, Depends, HTTPException, status
 from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
 from starlette.status import HTTP_401_UNAUTHORIZED
 
-from sqlalchemy.orm import Session
-from sqlalchemy import select
-
-from passlib.context import CryptContext
 from jose import JWTError, jwt
 
-# from app.db import get_session
 from app.settings import settings
 from pydantic import BaseModel
 from typing import List
@@ -19,97 +14,56 @@ from users.models import User
 ALGORITHM = "HS256"
 ACCESS_TOKEN_EXPIRE_MINUTES = 30
 
-oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
+oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/users/token")
 
-# router = APIRouter()
 
-pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
+def create_access_token(data: dict, expires_delta: timedelta | None = None) -> str:
+    to_encode = data.copy()
+    if expires_delta:
+        expire = datetime.utcnow() + expires_delta
+    else:
+        expire = datetime.utcnow() + timedelta(minutes=15)
+    to_encode.update({"exp": expire})
 
-# def verify_password(plain_password, hashed_password):
+    encoded_jwt = jwt.encode(to_encode, settings.SECRET_KEY, algorithm=ALGORITHM)
-#     return pwd_context.verify(plain_password, hashed_password)
 
-# def get_password_hash(password):
+    return encoded_jwt
-#     return pwd_context.hash(password)
 
-# def authenticate_user(username: str, password: str, db: Session):
+def verify_access_token(token: str) -> bool:
-#     statement = select(User).where(User.username == username)
+    try:
-#     result = db.execute(statement).fetchone()
+        payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[ALGORITHM])
+        user_id: str = payload.get("sub", None)
+        if user_id is None:
+            return False
+    except JWTError:
+        return False
 
-#     if result:
+    return True
-#         print(result.User.__dict__)
-#         if not verify_password(password, result.User.hashed_password):
-#             return False
 
-#     return result.User
-
-# def create_access_token(data: dict, expires_delta: timedelta | None = None):
-#     to_encode = data.copy()
-#     if expires_delta:
-#         expire = datetime.utcnow() + expires_delta
-#     else:
-#         expire = datetime.utcnow() + timedelta(minutes=15)
-#     to_encode.update({"exp": expire})
-#     encoded_jwt = jwt.encode(to_encode, settings.SECRET_KEY, algorithm=ALGORITHM)
-
-#     return encoded_jwt
-
-# async def get_current_user(token: str = Depends(oauth2_scheme)):
-#     credentials_exception = HTTPException(
-#             status_code=status.HTTP_401_UNAUTHORIZED,
-#             detail="Could not validate credentials",
-#             headers={"WWW-Authenticate": "Bearer"},
-#             )
-#     try:
-#         payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[ALGORITHM])
-#         username: str = payload.get("sub", None)
-#         if username is None:
-#             raise credentials_exception
-#         token_data = TokenData(username=username)
-#     except JWTError:
-#         raise credentials_exception
-#     user = get_user(username=token_data.username)
-#     if user is None:
-#         raise credentials_exception
-#     return user
-
-# async def get_current_active_user(current_user: User = Depends(get_current_user)):
-#     if current_user.disabled:
-#         raise HTTPException(status_code=400, detail="Inactive user")
-#     return current_user
-
-# @router.post("/register/", tags=["users"])
-# async def register(db: Session = Depends(get_session)):
-#     pass
-
-# @router.get("/login/", tags=["users"])
-# async def login(session: Session = Depends(get_session)):
-#     username = "johndoe"
-#     statement = select(User).where(User.username == username)
-#     result = session.execute(statement).first()
-
-#     print(result)
-
-#     return {"hi": "there"}
-
-# @router.post("/token", tags=["users"])
-# async def login_for_access_token(form_data: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(get_session)):
-#     user = authenticate_user(form_data.username, form_data.password, db)
-#     if not user:
-#         raise HTTPException(
-#                 status_code=HTTP_401_UNAUTHORIZED,
-#                 detail="Incorrect username or password",
-#                 headers={"WWW-Authenticate": "Bearer"},
-#                 )
-#     access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
-#     access_token = create_access_token(
-#             data = {"sub": user.username}, expires_delta=access_token_expires
-#             )
-#     return {"access_token": access_token, "token_type": "bearer"}
 
+async def get_current_user(token: str = Depends(oauth2_scheme)):
+    credentials_exception = HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Could not validate credentials",
+            headers={"WWW-Authenticate": "Bearer"},
+            )
+    try:
+        payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[ALGORITHM])
+        user_id: str = payload.get("sub", None)
+        if user_id is None:
+            raise credentials_exception
+    except JWTError:
+        raise credentials_exception
+    user = await User.get(user_id)
+    if user is None:
+        raise credentials_exception
+    return user
 
 class UserSchema(BaseModel):
     username: str
-
+    full_name: str
+    plain_password: str
+    email: str
 
 class UserSerializer(BaseModel):
     id: str
@@ -118,8 +72,19 @@ class UserSerializer(BaseModel):
     class Config:
             orm_mode = True
 
+class UserPassVerifySchema(BaseModel):
+    id: str
+    plain_password: str
+
+class PasswordSerializer(BaseModel):
+    correct_password: bool
+
+class TokenSchema(BaseModel):
+    token: str
+
 router = APIRouter(
     prefix="/users",
+    tags=["users"],
 )
 
 @router.post("/", response_model=UserSerializer)
@@ -129,6 +94,15 @@ async def create_user(user: UserSchema):
     user = await User.create(**user.dict())
     return user
 
+@router.get("/me", response_model=UserSerializer)
+async def read_users_me(current_user: User = Depends(get_current_user)):
+    return current_user
+
+@router.post("/verify", response_model=PasswordSerializer)
+async def verify_user_password(user: UserPassVerifySchema):
+    us = await User.get(id=user.id)
+    return PasswordSerializer(correct_password=us.verify_password(user.plain_password))
+
 @router.get("/{id}", response_model=UserSerializer)
 async def get_user(id: str):
     user = await User.get(id)
@@ -147,3 +121,23 @@ async def update(id: str, user: UserSchema):
 @router.delete("/{id}", response_model=bool)
 async def delete_user(id: str):
     return await User.delete(id)
+
+@router.post("/check-login", response_model=bool)
+async def check_if_token_still_active(token: TokenSchema):
+    return verify_access_token(token.token)
+
+@router.post("/token")
+async def login_for_access_token(form_data: OAuth2PasswordRequestForm = Depends()):
+    user = await User.authenticate_user(form_data.username, form_data.password)
+    if not user:
+        raise HTTPException(
+                status_code=HTTP_401_UNAUTHORIZED,
+                detail="Incorrect username or password",
+                headers={"WWW-Authenticate": "Bearer"},
+                )
+    access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
+    access_token = create_access_token(
+            data = {"sub": user.id}, expires_delta=access_token_expires
+            )
+    return {"access_token": access_token, "token_type": "bearer"}
+