✨ Refactor invitation service: integrate confirmation service and remove legacy database dependencies

pcrespov · pcrespov · commit e5fd903b6db1 · 2025-07-23T23:31:39.000+02:00
diff --git a/services/web/server/src/simcore_service_webserver/login/_controller/rest/registration.py b/services/web/server/src/simcore_service_webserver/login/_controller/rest/registration.py
@@ -39,10 +39,6 @@
     check_other_registrations,
     extract_email_from_invitation,
 )
-from ..._login_repository_legacy import (
-    AsyncpgStorage,
-    get_plugin_storage,
-)
 from ..._login_service import (
     notify_user_confirmation,
 )
@@ -57,7 +53,6 @@
     MSG_WEAK_PASSWORD,
 )
 from ...settings import (
-    LoginOptions,
     LoginSettingsForProduct,
     get_plugin_options,
     get_plugin_settings,
@@ -129,13 +124,11 @@ async def register(request: web.Request):
     settings: LoginSettingsForProduct = get_plugin_settings(
         request.app, product_name=product.name
     )
-    db: AsyncpgStorage = get_plugin_storage(request.app)
-    cfg: LoginOptions = get_plugin_options(request.app)
 
     registration = await parse_request_body_as(RegisterBody, request)
 
     await check_other_registrations(
-        request.app, email=registration.email, current_product=product, db=db, cfg=cfg
+        request.app, email=registration.email, current_product=product
     )
 
     # Check for weak passwords
@@ -184,8 +177,6 @@ async def register(request: web.Request):
             invitation_code,
             product=product,
             guest_email=registration.email,
-            db=db,
-            cfg=cfg,
             app=request.app,
         )
         if invitation.trial_account_days:
diff --git a/services/web/server/src/simcore_service_webserver/login/_invitations_service.py b/services/web/server/src/simcore_service_webserver/login/_invitations_service.py
@@ -41,9 +41,10 @@
 )
 from ..products.models import Product
 from ..users import users_service
-from . import _auth_service, _confirmation_service
+from . import _auth_service
+from ._confirmation_repository import ConfirmationRepository
+from ._confirmation_service import ConfirmationService
 from ._login_repository_legacy import (
-    AsyncpgStorage,
     BaseConfirmationTokenDict,
     ConfirmationTokenDict,
 )
@@ -52,11 +53,19 @@
     MSG_INVITATIONS_CONTACT_SUFFIX,
     MSG_USER_DISABLED,
 )
-from .settings import LoginOptions
+from .settings import get_plugin_options
 
 _logger = logging.getLogger(__name__)
 
 
+def _get_confirmation_service(app: web.Application) -> ConfirmationService:
+    """Get confirmation service instance from app."""
+    engine = app["postgres_db_engine"]
+    repository = ConfirmationRepository(engine)
+    options = get_plugin_options(app)
+    return ConfirmationService(repository, options)
+
+
 class ConfirmationTokenInfoDict(ConfirmationTokenDict):
     expires: datetime
     url: str
@@ -112,8 +121,6 @@ async def check_other_registrations(
     app: web.Application,
     email: str,
     current_product: Product,
-    db: AsyncpgStorage,
-    cfg: LoginOptions,
 ) -> None:
 
     # An account is already registered with this email
@@ -133,23 +140,24 @@ async def check_other_registrations(
                 #  w/ an expired confirmation will get deleted and its account (i.e. email)
                 #  can be overtaken by this new registration
                 #
-                _confirmation = await db.get_confirmation(
+                confirmation_service = _get_confirmation_service(app)
+                _confirmation = await confirmation_service.get_confirmation(
                     filter_dict={
-                        "user": user,
+                        "user_id": user["id"],
                         "action": ConfirmationAction.REGISTRATION.value,
                     }
                 )
                 drop_previous_registration = (
                     not _confirmation
-                    or _confirmation_service.is_confirmation_expired(cfg, _confirmation)
+                    or confirmation_service.is_confirmation_expired(_confirmation)
                 )
                 if drop_previous_registration:
                     if not _confirmation:
                         await users_service.delete_user_without_projects(
                             app, user_id=user["id"], clean_cache=False
                         )
                     else:
-                        await db.delete_confirmation_and_user(
+                        await confirmation_service.delete_confirmation_and_user(
                             user_id=user["id"], confirmation=_confirmation
                         )
 
@@ -175,7 +183,7 @@ async def check_other_registrations(
 
 
 async def create_invitation_token(
-    db: AsyncpgStorage,
+    app: web.Application,
     *,
     user_id: IdInt,
     user_email: LowerCaseEmailStr | None = None,
@@ -198,11 +206,19 @@ async def create_invitation_token(
         trial_account_days=trial_days,
         extra_credits_in_usd=extra_credits_in_usd,
     )
-    return await db.create_confirmation(
+    confirmation_service = _get_confirmation_service(app)
+    confirmation = await confirmation_service.create_confirmation(
         user_id=user_id,
         action=ConfirmationAction.INVITATION.name,
         data=data_model.model_dump_json(),
     )
+    return {
+        "code": confirmation.code,
+        "user_id": confirmation.user_id,
+        "action": confirmation.action,
+        "data": confirmation.data,
+        "created_at": confirmation.created_at,
+    }
 
 
 @contextmanager
@@ -270,8 +286,6 @@ async def check_and_consume_invitation(
     invitation_code: str,
     guest_email: str,
     product: Product,
-    db: AsyncpgStorage,
-    cfg: LoginOptions,
     app: web.Application,
 ) -> ConfirmedInvitationData:
     """Consumes invitation: the code is validated, the invitation retrieives and then deleted
@@ -305,26 +319,34 @@ async def check_and_consume_invitation(
             )
 
     # database-type invitations
-    if confirmation_token := await _confirmation_service.validate_confirmation_code(
-        invitation_code, db, cfg
+    confirmation_service = _get_confirmation_service(app)
+    if confirmation := await confirmation_service.validate_confirmation_code(
+        invitation_code
     ):
         try:
+            confirmation_token_dict = {
+                "code": confirmation.code,
+                "user_id": confirmation.user_id,
+                "action": confirmation.action,
+                "data": confirmation.data,
+                "created_at": confirmation.created_at,
+            }
             invitation_data: ConfirmedInvitationData = (
-                _InvitationValidator.model_validate(confirmation_token).data
+                _InvitationValidator.model_validate(confirmation_token_dict).data
             )
             return invitation_data
 
         except ValidationError as err:
             _logger.warning(
                 "%s is associated with an invalid %s.\nDetails: %s",
                 f"{invitation_code=}",
-                f"{confirmation_token=}",
+                f"{confirmation=}",
                 f"{err=}",
             )
 
         finally:
-            await db.delete_confirmation(confirmation_token)
-            _logger.info("Invitation with %s was consumed", f"{confirmation_token=}")
+            await confirmation_service.delete_confirmation(confirmation)
+            _logger.info("Invitation with %s was consumed", f"{confirmation=}")
 
     raise web.HTTPForbidden(
         text=(
