You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@@ -84,34 +84,31 @@ We also create POST endpoints, which accept form submissions so the user can cre
84
84
- Helper functions: `utils/`
85
85
- Auth helpers: `auth.py`
86
86
- Database helpers: `db.py`
87
+
- FastAPI dependencies: `dependencies.py`
88
+
- Enums: `enums.py`
87
89
- Database models: `models.py`
88
90
- Image helpers: `images.py`
91
+
- Exceptions: `exceptions/`
92
+
- HTTP exceptions: `http_exceptions.py`
93
+
- Other custom exceptions: `exceptions.py`
89
94
- Environment variables: `.env.example`
90
95
- CI/CD configuration: `.github/`
91
96
- Project configuration: `pyproject.toml`
92
97
- Quarto documentation:
93
-
- Source: `index.qmd` + `docs/`
98
+
- README source: `index.qmd`
99
+
- Website source: `index.qmd` + `docs/`
94
100
- Configuration: `_quarto.yml`
95
101
102
+
96
103
Most everything else is auto-generated and should not be manually modified.
97
104
98
105
## Backend
99
106
100
107
### Code conventions
101
108
102
-
GET routes are defined in the main entry point for the application, `main.py`. POST routes are organized into separate modules within the `routers/` directory.
103
-
104
-
We name our GET routes using the convention `read_<name>`, where `<name>` is the name of the page, to indicate that they are read-only endpoints that do not modify the database.
105
-
106
-
We divide our GET routes into authenticated and unauthenticated routes, using commented section headers in our code that look like this:
107
-
108
-
```python
109
-
# --- Authenticated Routes ---
110
-
```
111
-
112
-
Some of our routes take request parameters, which we pass as keyword arguments to the route handler. These parameters should be type annotated for validation purposes.
109
+
We name our GET routes using the convention `read_<name>`, where `<name>` is the name of the page, to indicate that they are read-only endpoints that do not modify the database. In POST routes that modify the database, you can use the `get_session` dependency as an argument to get a database session.
113
110
114
-
Some parameters are shared across all authenticated or unauthenticated routes, so we define them in the `common_authenticated_parameters` and `common_unauthenticated_parameters` dependencies defined in `main.py`.
111
+
Routes that require authentication generally take the `get_authenticated_account` dependency as an argument. Unauthenticated GET routes generally take the `get_optional_user` dependency as an argument. If a route should *only* be seen by authenticated users (i.e., a login page), you can redirect to the dashboard if `get_optional_user` returns a `User` object.
115
112
116
113
### Context variables
117
114
@@ -244,12 +241,12 @@ SQLModel is an Object-Relational Mapping (ORM) library that allows us to interac
244
241
245
242
Our database models are defined in `utils/models.py`. Each model is a Python class that inherits from `SQLModel` and represents a database table. The key models are:
246
243
244
+
-`Account`: Represents a user account with email and password hash
245
+
-`User`: Represents a user profile with name, email, and avatar
247
246
-`Organization`: Represents a company or team
248
-
-`User`: Represents a user account with name, email, and avatar
249
247
-`Role`: Represents a set of permissions within an organization
250
248
-`Permission`: Represents specific actions a user can perform (defined by ValidPermissions enum)
251
249
-`PasswordResetToken`: Manages password reset functionality with expiration
252
-
-`UserPassword`: Stores hashed user passwords separately from user data
253
250
254
251
Two additional models are used by SQLModel to manage many-to-many relationships; you generally will not need to interact with them directly:
0 commit comments