rest exceptions

Author: pcrespov

services/web/server/src/simcore_service_webserver/login/__init__.py

@@ -1,5 +0,0 @@
-""" webserver's login subsystem
-
-
-    This sub-package is based on aiohttp-login https://github.com/imbolc/aiohttp-login
-"""

services/web/server/src/simcore_service_webserver/login/_registration_service.py

@@ -1,111 +1,2 @@
-from typing import Any
-
-from aiohttp import web
-from models_library.products import ProductName
-from models_library.users import UserID
-from pydantic import PositiveInt
-from servicelib.aiohttp import observer
-from simcore_postgres_database.models.users import UserRole
-
-from ..db.models import ConfirmationAction, UserStatus
-from .constants import (
-    MSG_ACTIVATION_REQUIRED,
-    MSG_USER_BANNED,
-    MSG_USER_DELETED,
-    MSG_USER_EXPIRED,
-)
-
-
-def _to_names(enum_cls, names) -> list[str]:
-    """ensures names are in enum be retrieving each of them"""
-    return [getattr(enum_cls, att).name for att in names.split()]
-
-
-CONFIRMATION_PENDING, ACTIVE, BANNED, EXPIRED, DELETED = (
-    UserStatus.CONFIRMATION_PENDING.name,
-    UserStatus.ACTIVE.name,
-    UserStatus.BANNED.name,
-    UserStatus.EXPIRED.name,
-    UserStatus.DELETED.name,
-)
-_EXPECTED_ENUMS = 5
-assert len(UserStatus) == _EXPECTED_ENUMS  # nosec
-
-
-ANONYMOUS, GUEST, USER, TESTER = _to_names(UserRole, "ANONYMOUS GUEST USER TESTER")
-
-REGISTRATION, RESET_PASSWORD, CHANGE_EMAIL = _to_names(
-    ConfirmationAction, "REGISTRATION RESET_PASSWORD CHANGE_EMAIL"
-)
-
-
-def validate_user_status(*, user: dict, support_email: str):
-    """
-
-    Raises:
-        web.HTTPUnauthorized
-    """
-    assert "role" in user  # nosec
-
-    user_status: str = user["status"]
-
-    if user_status == DELETED:
-        raise web.HTTPUnauthorized(
-            text=MSG_USER_DELETED.format(support_email=support_email),
-        )  # 401
-
-    if user_status == BANNED or user["role"] == ANONYMOUS:
-        raise web.HTTPUnauthorized(
-            text=MSG_USER_BANNED.format(support_email=support_email),
-        )  # 401
-
-    if user_status == EXPIRED:
-        raise web.HTTPUnauthorized(
-            text=MSG_USER_EXPIRED.format(support_email=support_email),
-        )  # 401
-
-    if user_status == CONFIRMATION_PENDING:
-        raise web.HTTPUnauthorized(
-            text=MSG_ACTIVATION_REQUIRED,
-        )  # 401
-
-    assert user_status == ACTIVE  # nosec
-
-
-async def notify_user_confirmation(
-    app: web.Application,
-    user_id: UserID,
-    product_name: ProductName,
-    extra_credits_in_usd: PositiveInt | None,
-):
-    """Broadcast that user with 'user_id' has login for the first-time in 'product_name'"""
-    # NOTE: Follow up in https://github.com/ITISFoundation/osparc-simcore/issues/4822
-    await observer.emit(
-        app,
-        "SIGNAL_ON_USER_CONFIRMATION",
-        user_id=user_id,
-        product_name=product_name,
-        extra_credits_in_usd=extra_credits_in_usd,
-    )
-
-
-async def notify_user_logout(
-    app: web.Application, user_id: UserID, client_session_id: Any | None = None
-):
-    """Broadcasts logout of 'user_id' in 'client_session_id'.
-
-    If 'client_session_id' is None, then all sessions are considered
-
-    Listeners (e.g. sockets) will trigger logout mechanisms
-    """
-    await observer.emit(
-        app,
-        "SIGNAL_USER_LOGOUT",
-        user_id,
-        client_session_id,
-        app,
-    )
-
-
 def get_user_name_from_email(email: str) -> str:
     return email.split("@")[0]

services/web/server/src/simcore_service_webserver/login/plugin.py

@@ -11,6 +11,7 @@
 )
 from settings_library.email import SMTPSettings
 from settings_library.postgres import PostgresSettings
+from simcore_service_webserver.login_account.plugin import setup_login_account
 
 from ..constants import (
     APP_PUBLIC_CONFIG_PER_PRODUCT,
@@ -147,6 +148,7 @@ def setup_login(app: web.Application):
 
     app.router.add_routes(auth.routes)
     setup_login_auth(app)
+    setup_login_account(app)
 
     app.router.add_routes(confirmation.routes)
     app.router.add_routes(registration.routes)

services/web/server/src/simcore_service_webserver/login_account/_controller/rest/_rest_exceptions.py

@@ -0,0 +1,15 @@
+from ....exception_handling import (
+    ExceptionToHttpErrorMap,
+    exception_handling_decorator,
+    to_exceptions_handlers_map,
+)
+from ....login._controller.rest._rest_exceptions import (
+    _TO_HTTP_ERROR_MAP as LOGIN_TO_HTTP_ERROR_MAP,
+)
+
+_TO_HTTP_ERROR_MAP: ExceptionToHttpErrorMap = {**LOGIN_TO_HTTP_ERROR_MAP}
+
+
+handle_rest_requests_exceptions = exception_handling_decorator(
+    to_exceptions_handlers_map(_TO_HTTP_ERROR_MAP)
+)

services/web/server/src/simcore_service_webserver/login_account/_controller/rest/preregistration.py

@@ -13,14 +13,13 @@
 from servicelib.utils import fire_and_forget_task
 
 from ...._meta import API_VTAG
-from ....login._controller.rest._rest_exceptions import handle_rest_requests_exceptions
-from ....login._login_service import notify_user_logout
+from ....login import login_service
 from ....login.constants import (
     CAPTCHA_SESSION_KEY,
     MSG_LOGGED_OUT,
     MSG_WRONG_CAPTCHA__INVALID,
 )
-from ....login.settings import LoginSettingsForProduct, get_plugin_settings
+from ....login.settings import get_plugin_settings
 from ....login.web_utils import flash_response
 from ....login_auth.decorators import login_required
 from ....models import AuthenticatedRequestContext
@@ -34,13 +33,11 @@
 from ....utils import MINUTE
 from ....utils_rate_limiting import global_rate_limit_route
 from ... import _preregistration_service
+from ._rest_exceptions import handle_rest_requests_exceptions
 
 _logger = logging.getLogger(__name__)
 
 
-routes = web.RouteTableDef()
-
-
 def _get_ipinfo(request: web.Request) -> dict[str, Any]:
     # NOTE:  Traefik is also configured to transmit the original IP.
     x_real_ip = request.headers.get("X-Real-IP", None)
@@ -56,6 +53,9 @@ def _get_ipinfo(request: web.Request) -> dict[str, Any]:
     }
 
 
+routes = web.RouteTableDef()
+
+
 @routes.post(
     f"/{API_VTAG}/auth/request-account",
     name="request_product_account",
@@ -104,9 +104,7 @@ async def unregister_account(request: web.Request):
     body = await parse_request_body_as(UnregisterCheck, request)
 
     product: Product = products_web.get_current_product(request)
-    settings: LoginSettingsForProduct = get_plugin_settings(
-        request.app, product_name=product.name
-    )
+    settings = get_plugin_settings(request.app, product_name=product.name)
 
     # checks before deleting
     credentials = await users_service.get_user_credentials(
@@ -130,7 +128,7 @@ async def unregister_account(request: web.Request):
         await users_service.set_user_as_deleted(request.app, user_id=req_ctx.user_id)
 
         # logout
-        await notify_user_logout(
+        await login_service.notify_user_logout(
             request.app, user_id=req_ctx.user_id, client_session_id=None
         )
         response = flash_response(MSG_LOGGED_OUT, "INFO")

services/web/server/src/simcore_service_webserver/login_account/_preregistration_service.py

@@ -128,7 +128,7 @@ async def create_captcha() -> tuple[str, bytes]:
 
 
 async def create_pre_registration(
-    app: web.Application, profile: PreRegisteredUserGet, product_name: ProductName
+    app: web.Application, *, profile: PreRegisteredUserGet, product_name: ProductName
 ):
 
     await _users_service.pre_register_user(

services/web/server/src/simcore_service_webserver/login_account/plugin.py

@@ -0,0 +1,13 @@
+import logging
+
+from aiohttp import web
+from servicelib.aiohttp.application_setup import ensure_single_setup
+
+from ._controller.rest import preregistration as _controller_rest_preregistration
+
+_logger = logging.getLogger(__name__)
+
+
+@ensure_single_setup(__name__, logger=_logger)
+def setup_login_account(app: web.Application):
+    app.add_routes(_controller_rest_preregistration.routes)