refactor(core,auth,admin): improve database operations and authentication flow

- Refactor database query operations and model management
- Update authentication dependencies and JWT handling
- Improve admin URLs and user management
- Add new migrations for example project
- Fix createsuperuser command and middleware
- Update example project configuration and views

Author: ForceFledgling

example/apps/home/views.py

@@ -1,6 +1,6 @@
-from raystack.shortcuts import render
+from raystack.shortcuts import render_template
 
 # Create your views here.
 
 def home_view(request):
-    return render(request, "home/home.html", context={"framework": "Raystack"})
+    return render_template(request, "home/home.html", context={"framework": "Raystack"})

example/config/settings.py

@@ -3,14 +3,17 @@
 # Base project directory
 BASE_DIR = pathlib.Path(__file__).resolve().parent.parent
 
+# API settings
+API_V1_STR = "/api/v1"
+
 # Database settings
 DATABASES = {
     'default': {
         'ENGINE': 'raystack.core.database.sqlalchemy',
-        # Synchronous mode (default)
+        # Synchronous mode (for management commands)
         'URL': 'sqlite:///' + str(BASE_DIR / 'db.sqlite3'),
 
-        # Asynchronous mode (uncomment to use)
+        # Asynchronous mode (for web server)
         # 'URL': 'sqlite+aiosqlite:///' + str(BASE_DIR / 'db.sqlite3'),
 
         # Other examples of asynchronous URLs:
@@ -24,9 +27,11 @@
 DEBUG = True
 
 INSTALLED_APPS = [
-    'raystack.contrib.admin',
-    'raystack.contrib.auth',
     'apps.home',
+    'raystack.contrib.admin',
+    'raystack.contrib.auth.users',
+    'raystack.contrib.auth.accounts',
+    'raystack.contrib.auth.groups',
 ]
 
 TEMPLATES = [
@@ -47,8 +52,13 @@
 
 # Static files settings
 STATICFILES_DIRS = [
-    str(BASE_DIR.parent / "src" / "raystack" / "contrib" / "static"),
+    str(BASE_DIR.parent / "raystack" / "src" / "raystack" / "contrib" / "static"),
     str(BASE_DIR / "static"),
 ]
 
-STATIC_ROOT = str(BASE_DIR / "staticfiles")
+STATIC_ROOT = str(BASE_DIR / "staticfiles")
+
+# Middleware settings
+MIDDLEWARE = [
+    'raystack.middlewares.SimpleAuthMiddleware',
+]

example/core/__init__.py

@@ -1,99 +1,4 @@
-from fastapi import FastAPI, Request
 from raystack import Raystack
-from fastapi.responses import JSONResponse, HTMLResponse
-from jose import JWTError, jwt
-from config.settings import SECRET_KEY, ALGORITHM
-from starlette.middleware.authentication import AuthenticationMiddleware
-from starlette.authentication import (
-    AuthenticationBackend, AuthenticationError, SimpleUser, UnauthenticatedUser,
-    AuthCredentials
-)
-from starlette.middleware.sessions import SessionMiddleware
-
-from raystack.shortcuts import render_template
-
-
-from pydantic_settings import BaseSettings
-
-
-class Settings(BaseSettings):
-    database_url: str
-    secret_key: str
-    debug: bool
-    youmoney_client_id: str | None = None  # Add these fields if needed
-    youmoney_redirect_url: str | None = None
-    youmoney_client_secret: str | None = None
-    youmoney_access_token: str | None = None
-    youmoney_wallet_number: str | None = None
-
-    class Config:
-        env_file = ".env"   # Specifies path to .env file
-        extra = 'ignore'    # Ignore extra fields
 
 # Initialize object
-settings = Settings(
-    database_url="postgresql://user:password@localhost/dbname",
-    secret_key="your-secret-key",
-    debug=True
-)
-
-
-app = Raystack()
-
-
-from starlette.responses import JSONResponse, \
-    PlainTextResponse, \
-    RedirectResponse, \
-    StreamingResponse, \
-    FileResponse, \
-    HTMLResponse
-
-@app.exception_handler(403)
-async def not_found(request, exc):
-    return RedirectResponse("/auth/accounts/login", status_code=303)
-    # return render_template(request=request, template_name="401.html", context={"request": request})
-
-# Authentication class
-class userAuthentication(AuthenticationBackend):
-    async def authenticate(self, request):
-        jwt_cookie = request.cookies.get('jwt')
-        if jwt_cookie:  # cookie exists
-            try:
-                payload = jwt.decode(jwt_cookie.encode('utf8'), str(SECRET_KEY), algorithms=[ALGORITHM])
-                return AuthCredentials(["user_auth"]), SimpleUser(payload['user_id'])
-            except:
-                raise AuthenticationError('Invalid auth credentials')
-        else:
-            return  # unauthenticated
-
-# Middleware for tracking history
-@app.middleware("http")
-async def update_session_history(request, call_next):
-    response = await call_next(request)
-    history = request.session.setdefault('history', [])
-    history.append(request.url.path)
-    return response
-
-
-# Middleware for session management
-app.add_middleware(SessionMiddleware, secret_key=SECRET_KEY)
-
-# Middleware for authentication
-app.add_middleware(AuthenticationMiddleware, backend=userAuthentication())
-
-
-from apscheduler.schedulers.background import BackgroundScheduler
-from datetime import datetime
-
-# # Function that will be executed periodically
-# def periodic_task():
-#     print(f"Periodic task completed: {datetime.now()}")
-
-# # Initialize scheduler
-# scheduler = BackgroundScheduler()
-
-# # Add task to execute every 10 seconds
-# scheduler.add_job(periodic_task, 'interval', seconds=10)
-
-# # Start scheduler
-# scheduler.start()
+app = Raystack()

example/manage.py

@@ -2,6 +2,9 @@
 """Raystack's command-line utility for administrative tasks."""
 import os
 import sys
+sys.path.insert(0, os.path.abspath('..'))
+sys.path.insert(0, os.path.abspath('../src'))
+sys.path.insert(0, os.path.abspath('.'))
 
 
 def main():

example/migrations/env.py

@@ -2,14 +2,14 @@
 from sqlalchemy import engine_from_config
 from sqlalchemy import pool
 from alembic import context
-from raystack.core.database.sqlalchemy import Base
+from raystack.core.database.sqlalchemy import Base, db
 
 config = context.config
 
 if config.config_file_name is not None:
     fileConfig(config.config_file_name)
 
-target_metadata = Base.metadata
+target_metadata = db.metadata
 
 def run_migrations_offline():
     """Run migrations in 'offline' mode."""

example/migrations/versions/3f6f1a9e861a_.py

@@ -0,0 +1,32 @@
+"""Migration: None
+
+Revision ID: 3f6f1a9e861a
+Revises: 
+Create Date: 2025-08-31 07:22:15
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = '3f6f1a9e861a'
+down_revision = None
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    """Apply migration."""
+    # ### commands auto generated by Raystack ###
+    op.execute('''CREATE TABLE IF NOT EXISTS groups_groupmodel ("id" TEXT PRIMARY KEY, "name" TEXT UNIQUE NOT NULL, "description" TEXT NOT NULL)''')
+    op.execute('''CREATE TABLE IF NOT EXISTS users_usermodel ("id" TEXT PRIMARY KEY, "name" TEXT NOT NULL, "age" TEXT NOT NULL, "email" TEXT NOT NULL, "password_hash" TEXT NOT NULL, "group" TEXT NOT NULL, "organization" TEXT NOT NULL, "is_active" TEXT NOT NULL, "is_superuser" TEXT NOT NULL)''')
+    # ### end Raystack commands ###
+
+
+def downgrade():
+    """Revert migration."""
+    # ### commands auto generated by Raystack ###
+    op.execute('DROP TABLE IF EXISTS groups_groupmodel')
+    op.execute('DROP TABLE IF EXISTS users_usermodel')
+    # ### end Raystack commands ###

example/migrations/versions/d692853a9509_.py

@@ -0,0 +1,32 @@
+"""Migration: None
+
+Revision ID: d692853a9509
+Revises: 
+Create Date: 2025-08-31 07:24:16
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = 'd692853a9509'
+down_revision = None
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    """Apply migration."""
+    # ### commands auto generated by Raystack ###
+    op.execute('''CREATE TABLE IF NOT EXISTS groups_groupmodel ("id" TEXT PRIMARY KEY, "name" TEXT UNIQUE NOT NULL, "description" TEXT NOT NULL)''')
+    op.execute('''CREATE TABLE IF NOT EXISTS users_usermodel ("id" TEXT PRIMARY KEY, "name" TEXT NOT NULL, "age" TEXT NOT NULL, "email" TEXT NOT NULL, "password_hash" TEXT NOT NULL, "group" TEXT NOT NULL, "organization" TEXT NOT NULL, "is_active" TEXT NOT NULL, "is_superuser" TEXT NOT NULL)''')
+    # ### end Raystack commands ###
+
+
+def downgrade():
+    """Revert migration."""
+    # ### commands auto generated by Raystack ###
+    op.execute('DROP TABLE IF EXISTS groups_groupmodel')
+    op.execute('DROP TABLE IF EXISTS users_usermodel')
+    # ### end Raystack commands ###

src/raystack/contrib/admin/urls.py

@@ -110,8 +110,8 @@ async def profile_view(request: Request):
 @router.get("/users/edit/{user_id}", response_model=None)
 @login_required(["user_auth"])
 async def user_edit_view(request: Request, user_id: int):
-    user = UserModel.objects.filter(id=user_id).first()
-    groups = GroupModel.objects.all()
+    user = await UserModel.objects.filter(id=user_id).first()
+    groups = await GroupModel.objects.all().execute()
     return render_template(request=request, template_name="admin/user_edit.html", context={
         "user": user,
         "groups": groups,
@@ -123,18 +123,18 @@ async def user_edit_view(request: Request, user_id: int):
 @login_required(["user_auth"])
 async def user_edit_post(request: Request, user_id: int):
     form = await request.form()
-    user = UserModel.objects.filter(id=user_id).first()
+    user = await UserModel.objects.filter(id=user_id).first()
     if user:
         user.name = form.get("name")
         user.age = int(form.get("age"))
         user.email = form.get("email")
         user.organization = form.get("organization")
         group_id = int(form.get("group_id"))
         user.group = group_id
-        user.save()
+        await user.save()
     return render_template(request=request, template_name="admin/user_edit.html", context={
         "user": user,
-        "groups": GroupModel.objects.all(),
+        "groups": await GroupModel.objects.all().execute(),
         "url_for": url_for,
         "config": request.app.settings,
         "success": True
@@ -143,7 +143,7 @@ async def user_edit_post(request: Request, user_id: int):
 @router.get("/groups/edit/{group_id}", response_model=None)
 @login_required(["user_auth"])
 async def group_edit_view(request: Request, group_id: int):
-    group = GroupModel.objects.filter(id=group_id).first()
+    group = await GroupModel.objects.filter(id=group_id).first()
     return render_template(request=request, template_name="admin/group_edit.html", context={
         "group": group,
         "url_for": url_for,
@@ -154,11 +154,11 @@ async def group_edit_view(request: Request, group_id: int):
 @login_required(["user_auth"])
 async def group_edit_post(request: Request, group_id: int):
     form = await request.form()
-    group = GroupModel.objects.filter(id=group_id).first()
+    group = await GroupModel.objects.filter(id=group_id).first()
     if group:
         group.name = form.get("name")
         group.description = form.get("description")
-        group.save()
+        await group.save()
     return render_template(request=request, template_name="admin/group_edit.html", context={
         "group": group,
         "url_for": url_for,
@@ -170,7 +170,7 @@ async def group_edit_post(request: Request, group_id: int):
 @router.get("/users/create", response_model=None)
 @login_required(["user_auth"])
 async def user_create_view(request: Request):
-    groups = GroupModel.objects.all()
+    groups = await GroupModel.objects.all().execute()
     return render_template(request=request, template_name="admin/user_create.html", context={
         "groups": groups,
         "url_for": url_for,
@@ -189,9 +189,9 @@ async def user_create_post(request: Request):
         group=int(form.get("group_id")),
         organization=form.get("organization")
     )
-    user.save()
+    await user.save()
     return render_template(request=request, template_name="admin/user_create.html", context={
-        "groups": GroupModel.objects.all(),
+        "groups": await GroupModel.objects.all().execute(),
         "url_for": url_for,
         "config": request.app.settings,
         "success": True
@@ -201,7 +201,7 @@ async def user_create_post(request: Request):
 @router.get("/users/delete/{user_id}", response_model=None)
 @login_required(["user_auth"])
 async def user_delete_confirm(request: Request, user_id: int):
-    user = UserModel.objects.filter(id=user_id).first()
+    user = await UserModel.objects.filter(id=user_id).first()
     return render_template(request=request, template_name="admin/user_delete.html", context={
         "user": user,
         "url_for": url_for,
@@ -211,9 +211,9 @@ async def user_delete_confirm(request: Request, user_id: int):
 @router.post("/users/delete/{user_id}", response_model=None)
 @login_required(["user_auth"])
 async def user_delete_post(request: Request, user_id: int):
-    user = UserModel.objects.filter(id=user_id).first()
+    user = await UserModel.objects.filter(id=user_id).first()
     if user:
-        user.delete()
+        await user.delete()
     # Redirect to users list after deletion
     return render_template(request=request, template_name="admin/user_delete.html", context={
         "deleted": True,
@@ -242,7 +242,7 @@ async def group_create_post(request: Request):
             name=form.cleaned_data["name"],
             description=form.cleaned_data["description"]
         )
-        group.save()
+        await group.save()
         return render_template(request=request, template_name="admin/group_create.html", context={
             "form": GroupCreateForm(),
             "url_for": url_for,
@@ -260,7 +260,7 @@ async def group_create_post(request: Request):
 @router.get("/groups/delete/{group_id}", response_model=None)
 @login_required(["user_auth"])
 async def group_delete_confirm(request: Request, group_id: int):
-    group = GroupModel.objects.filter(id=group_id).first()
+    group = await GroupModel.objects.filter(id=group_id).first()
     return render_template(request=request, template_name="admin/group_delete.html", context={
         "group": group,
         "url_for": url_for,
@@ -270,9 +270,9 @@ async def group_delete_confirm(request: Request, group_id: int):
 @router.post("/groups/delete/{group_id}", response_model=None)
 @login_required(["user_auth"])
 async def group_delete_post(request: Request, group_id: int):
-    group = GroupModel.objects.filter(id=group_id).first()
+    group = await GroupModel.objects.filter(id=group_id).first()
     if group:
-        group.delete()
+        await group.delete()
     return render_template(request=request, template_name="admin/group_delete.html", context={
         "deleted": True,
         "url_for": url_for,