mearge: feat/user-registration

Author: CaptainAril

.env.example

@@ -28,5 +28,14 @@ JWT_ISSUER=xxx
 # time in minutes
 OTP_LIFETIME=10
 
+GATEWAY_PUBLIC_KEY='XXXXXXXXXXXXXXXXXXX'
+GATEWAY_KEY_TTL=2
+
+GATEWAY_PUBLIC_KEY='XXXXXXXXXXXXXXXXXXX'
+GATEWAY_KEY_TTL=2
+
 # amqp://username:password@host[:port]/
-RABBITMQ_URL=amqp://guest:guest@localhost:5672/
+RABBITMQ_URL=amqp://guest:guest@localhost:5672/
+
+QUEUE_SECRECT_KEY='XXXXXXXXXXXXXXXXX'
+QUEUE_SECRECT_KEY_TTL=0.5

src/api/routes/__init__.py

@@ -1,14 +1,69 @@
-from ninja import NinjaAPI
 from django.http import HttpRequest
+from ninja import NinjaAPI
+from ninja.openapi.schema import OpenAPISchema
 
+from src.api.middlewares.GateWayMiddleware import (add_global_headers,
+                                                   authentication)
 from src.env import app
 
 api: NinjaAPI = NinjaAPI(
     version=app["version"],
     title=app["display_name"],
     description=app["description"],
+    auth=authentication,
 )
 
+
+original_get_openapi_schema = api.get_openapi_schema
+
+
+def custom_openapi_schema(path_params: dict | None = None) -> OpenAPISchema:
+    schema = original_get_openapi_schema()
+
+    schema["components"]["securitySchemes"] = {
+        "Gateway Key": {
+            "type": "apiKey",
+            "in": "header",
+            "name": "X-API-GATEWAY-KEY",
+        },
+        "API Timestamp": {
+            "type": "apiKey",
+            "in": "header",
+            "name": "X-API-GATEWAY-TIMESTAMP",
+        },
+        "API Signature": {
+            "type": "apiKey",
+            "in": "header",
+            "name": "X-API-GATEWAY-SIGNATURE",
+        },
+        # "User ID": {
+        #     "type": "apiKey",
+        #     "in": "header",
+        #     "name": "X-USER-ID",
+        # },
+        # "User Email": {
+        #     "type": "apiKey",
+        #     "in": "header",
+        #     "name": "X-USER-EMAIL",
+        # },
+    }
+
+    schema["security"] = [
+        {
+            "Gateway Key": [],
+            "API Timestamp": [],
+            "API Signature": [],
+            # "User ID": [],
+            # "User Email": [],
+        }
+    ]
+
+    schema = add_global_headers(schema)
+    return schema
+
+
+setattr(api, "get_openapi_schema", custom_openapi_schema)
+
 from src.api.utils import error_handlers  # noqa: E402, F401
 
 

src/api/services/AuthService.py

@@ -1,24 +1,24 @@
 from typing import Annotated
 
-from src.utils.svcs import Service
-from src.config.asgi import broker
-from src.utils.logger import Logger
-from src.api.typing.JWT import JWTSuccess
-from src.api.typing.UserExists import UserExists
-from src.api.constants.messages import MESSAGES, DYNAMIC_MESSAGES
-from src.api.typing.UserSuccess import UserSuccess
 from src.api.constants.activity_types import ACTIVITY_TYPES
+from src.api.constants.messages import DYNAMIC_MESSAGES, MESSAGES
+from src.api.constants.queues import QUEUE_NAMES
+from src.api.models.payload.requests.AuthenticateUserOtp import \
+    AuthenticateUserOtp
+from src.api.models.payload.requests.AuthenticateUserRequest import \
+    AuthenticateUserRequest
+from src.api.models.payload.requests.ChangeUserPasswordRequest import \
+    ChangeUserPasswordRequest
+from src.api.models.payload.requests.CreateUserRequest import CreateUserRequest
 from src.api.models.payload.requests.JWT import JWT
-from src.api.repositories.UserRepository import UserRepository
 from src.api.models.payload.requests.ResendUserOtp import ResendUserOtp
-from src.api.models.payload.requests.CreateUserRequest import CreateUserRequest
-from src.api.models.payload.requests.AuthenticateUserOtp import AuthenticateUserOtp
-from src.api.models.payload.requests.AuthenticateUserRequest import (
-    AuthenticateUserRequest,
-)
-from src.api.models.payload.requests.ChangeUserPasswordRequest import (
-    ChangeUserPasswordRequest,
-)
+from src.api.repositories.UserRepository import UserRepository
+from src.api.typing.JWT import JWTSuccess
+from src.api.typing.UserExists import UserExists
+from src.api.typing.UserSuccess import UserSuccess
+from src.config.asgi import broker
+from src.utils.logger import Logger
+from src.utils.svcs import Service
 
 from .OtpService import OtpService
 from .UtilityService import UtilityService
@@ -62,7 +62,7 @@ async def register(self, req: CreateUserRequest) -> UserExists:
         created_user = await UserRepository.add(req)
 
         user_data = {"id": created_user.id, "email": created_user.email}
-        queue = "create-user"
+        queue = QUEUE_NAMES["USER_REGISTRATION"]
 
         await broker.publish(message=user_data, queue=queue, persist=True)
 
@@ -126,8 +126,9 @@ async def validate_email(self, req: AuthenticateUserOtp) -> bool:
         await UserRepository.update_by_user(
             user, {"is_active": True, "is_enabled": True, "is_validated": True}
         )
+
         user_data = {"id": user.id, "email": user.email}
-        queue = "validate-user"
+        queue = QUEUE_NAMES["EMAIL_VALIDATION"]
         await broker.publish(message=user_data, queue=queue, persist=True)
 
         return True

src/api/services/UtilityService.py

@@ -1,21 +1,32 @@
+import hashlib
+import hmac
+from datetime import datetime, timedelta
+from typing import TypedDict
 from uuid import uuid4
-from datetime import timedelta
 
-import jwt
 import bcrypt
-from faker import Faker
+import jwt
 from django.utils import timezone
+from faker import Faker
+from ninja.errors import AuthenticationError
 
-from src.env import jwt_config
-from src.utils.svcs import Service
-from src.api.typing.JWT import JWTData
+from src.api.enums.CharacterCasing import CharacterCasing
 from src.api.models.postgres import User
 from src.api.typing.ExpireUUID import ExpireUUID
-from src.api.enums.CharacterCasing import CharacterCasing
+from src.api.typing.JWT import JWTData
+from src.env import jwt_config
+from src.utils.logger import Logger
+from src.utils.svcs import Service
 
 DEFAULT_CHARACTER_LENGTH = 12
 fake = Faker()
 
+class SignatureData(TypedDict):
+    title: str
+    signature: str
+    timestamp: str
+    key: str
+    ttl: int | float
 
 @Service()
 class UtilityService:
@@ -95,3 +106,55 @@ def generate_uuid() -> ExpireUUID:
         lifespan = timedelta(hours=24)
         expires_at = current_time + lifespan
         return {"uuid": uuid4(), "expires_at": expires_at}
+
+    @staticmethod
+    def generate_signature(key: str, timestamp: str) -> str:
+        signature = hmac.new(
+            key=key.encode(), msg=timestamp.encode(), digestmod=hashlib.sha256
+        ).hexdigest()
+        return signature
+
+
+    @staticmethod
+    def verify_signature(signature_data: SignatureData, logger: Logger) -> bool:
+        
+        signature = signature_data["signature"]
+        timestamp = signature_data["timestamp"]
+        key = signature_data["key"]
+        ttl = signature_data["ttl"]
+        title = signature_data["title"]
+
+
+        valid_signature = UtilityService.generate_signature(key, timestamp)
+        is_valid = hmac.compare_digest(valid_signature, signature)
+
+        if not is_valid:
+            message = "Invalid signature!"
+            logger.error(
+                {
+                    "activity_type": f"Authenticate {title} Request",
+                    "message": message,
+                    "metadata": {"signature": signature},
+                }
+            )
+            raise AuthenticationError(message=message)
+
+        initial_time = datetime.fromtimestamp(float(timestamp) / 1000)
+        valid_window = initial_time + timedelta(minutes=ttl)
+        if valid_window < datetime.now():
+            message = "Signature expired!"
+            logger.error(
+                {
+                    "activity_type": f"Authenticate {title} Request",
+                    "message": message,
+                    "metadata": {"timestamp": timestamp},
+                }
+            )
+            raise AuthenticationError(message=message)
+
+        return True
+
+    @staticmethod
+    def get_timestamp() -> str:
+        current_time = datetime.now().timestamp() * 1000
+        return str(current_time)

src/config/asgi.py

@@ -11,8 +11,8 @@
 
 from django.core.asgi import get_asgi_application
 from faststream.rabbit import RabbitBroker
-from starlette.routing import Mount
 from starlette.applications import Starlette
+from starlette.routing import Mount
 
 from src.env import rabbitmq_config
 
@@ -21,11 +21,21 @@
 
 os.environ.setdefault("DJANGO_SETTINGS_MODULE", "src.config.settings")
 
+
+def setup_broker_middlewares():
+    from src.api.middlewares.BrokerMiddleware import (PublishMiddleware,
+                                                      SubscribeMiddleware)
+
+    broker.add_middleware(SubscribeMiddleware)
+    broker.add_middleware(PublishMiddleware)
+
+
 application = Starlette(
     routes=[Mount("/", get_asgi_application())],  # type: ignore
-    on_startup=[broker.start],
+    on_startup=[setup_broker_middlewares, broker.start],
     on_shutdown=[broker.close],
 )
 
 
-from src.api.services.external import RabbitMQRoutes as RabbitMQRoutes  # noqa: E402
+from src.api.services.external import \
+    RabbitMQRoutes as RabbitMQRoutes  # noqa: E402

src/config/settings.py

@@ -2,11 +2,11 @@
 
 from .apps import INSTALLED_APPS as INSTALLED_APPS
 from .caches import CACHES as CACHES
-from .logger import LOGGING as LOGGING
-from .databases import DATABASES as DATABASES
 from .databases import DATABASE_ROUTERS as DATABASE_ROUTERS
-from .templates import TEMPLATES as TEMPLATES
+from .databases import DATABASES as DATABASES
+from .logger import LOGGING as LOGGING
 from .middleware import MIDDLEWARE as MIDDLEWARE
+from .templates import TEMPLATES as TEMPLATES
 
 SECRET_KEY = app["secret_key"]
 DEBUG = app["debug"]
@@ -18,3 +18,11 @@
 
 STATIC_URL = "static/"
 MEDIA_URL = "media/"
+
+LANGUAGE_CODE = 'en-us'
+
+TIME_ZONE = 'UTC'
+
+USE_I18N = True
+
+USE_TZ = True

src/env.py

@@ -1,7 +1,7 @@
 from typing import TypedDict
 
-from src import __name__, __version__, __description__, __display_name__
-from src.utils.env import get_env_int, get_env_str, get_env_list
+from src import __description__, __display_name__, __name__, __version__
+from src.utils.env import get_env_float, get_env_int, get_env_list, get_env_str
 
 
 class Env:
@@ -54,6 +54,14 @@ class RabbitMQ(TypedDict):
     url: str
 
 
+class Gateway(TypedDict):
+    key: str
+    ttl: int
+
+class Queue(TypedDict):
+    key: str
+    ttl: float
+
 env = Env()
 
 app: App = {
@@ -102,8 +110,18 @@ class RabbitMQ(TypedDict):
     "issuer": get_env_str("JWT_ISSUER"),
 }
 
+api_gateway: Gateway = {
+    "key": get_env_str("GATEWAY_PUBLIC_KEY"),
+    "ttl": get_env_int("GATEWAY_KEY_TTL"),
+}
+
+queue: Queue = {
+    "key": get_env_str("QUEUE_SECRECT_KEY"),
+    "ttl": get_env_float("QUEUE_SECRECT_KEY_TTL"),
+}
+
 otp: OTP = {"lifetime": get_env_int("OTP_LIFETIME")}
 
 rabbitmq_config: RabbitMQ = {"url": get_env_str("RABBITMQ_URL")}
 
-__all__ = ["app", "cache", "db", "env", "jwt_config", "log", "otp", "rabbitmq_config"]
+__all__ = ["app", "cache", "db", "env", "jwt_config", "log", "otp", "rabbitmq_config", "queue", "api_gateway"]

src/utils/env/__init__.py

@@ -1,7 +1,8 @@
-from .env import get_env_int, get_env_str, get_env_list
+from .env import get_env_float, get_env_int, get_env_list, get_env_str
 
 __all__ = [
     "get_env_int",
     "get_env_list",
     "get_env_str",
+    "get_env_float",
 ]

src/utils/env/env.py

@@ -1,7 +1,7 @@
-from pathlib import Path
 from functools import cache
+from pathlib import Path
 
-from decouple import Config, AutoConfig, RepositoryEnv
+from decouple import AutoConfig, Config, RepositoryEnv
 from decouple import config as decouple_config
 
 BASE_DIR = Path(__file__).resolve().parent.parent.parent
@@ -25,6 +25,8 @@ def get_env_str(name: str, default: str | None = None) -> str:
 def get_env_int(name: str, default: str | None = None) -> int:
     return int(get_env_variable(name, default=default, cast=int))
 
+def get_env_float(name: str, default: str | None = None) -> float:
+    return float(get_env_variable(name, default=default, cast=float))
 
 def get_env_list(name: str, sep: str = ",", default: str | None = None) -> list[str]:
     return list(