Merge branch 'main' into feature/#29

Author: Gildofj

app/routers/authentication.py

@@ -1,9 +1,12 @@
+from typing import Annotated
+
+import jwt
 from fastapi import APIRouter, Depends, HTTPException, Request, status
 from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
-from services.database.orm.community import get_community_by_username
+from jwt.exceptions import InvalidTokenError
 from sqlmodel.ext.asyncio.session import AsyncSession
 
-from app.schemas import Token, TokenPayload
+from app.schemas import Community, Token, TokenPayload
 from app.services import auth
 from app.services.database.models import Community as DBCommunity
 from app.services.database.orm.community import get_community_by_username
@@ -12,17 +15,58 @@
 
 
 def setup():
-    router = APIRouter(prefix='/authentication', tags=['authentication'])
-    async def authenticate_community( request: Request , username: str, password: str):
-       # Valida se o usuário existe e se a senha está correta
-       session: AsyncSession = request.app.db_session_factory
-       found_community = await get_community_by_username(
-                                    username=username,
-                                    session= session
-                                    )
-       if not found_community or not auth.verify_password(password, found_community.password):
+    router = APIRouter(prefix="/authentication", tags=["authentication"])
+
+    async def authenticate_community(
+        request: Request, username: str, password: str
+    ):
+        # Valida se o usuário existe e se a senha está correta
+        session: AsyncSession = request.app.db_session_factory
+        found_community = await get_community_by_username(
+            username=username, session=session
+        )
+        if not found_community or not auth.verify_password(
+            password, found_community.password
+        ):
             return None
-       return found_community
+        return found_community
+
+    # Teste
+    async def get_current_community(
+        request: Request,
+        token: Annotated[str, Depends(oauth2_scheme)],
+    ) -> DBCommunity:
+        credentials_exception = HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Could not validate credentials",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+
+        try:
+            payload = jwt.decode(
+                token, auth.SECRET_KEY, algorithms=[auth.ALGORITHM]
+            )
+            username = payload.get("sub")
+            if username is None:
+                raise credentials_exception
+            token_data = TokenPayload(username=username)
+        except InvalidTokenError:
+            raise credentials_exception
+        session: AsyncSession = request.app.db_session_factory
+        community = await get_community_by_username(
+            session=session, username=token_data.username
+        )
+        if community is None:
+            raise credentials_exception
+
+        return community
+
+    async def get_current_active_community(
+        current_user: Annotated[DBCommunity, Depends(get_current_community)],
+    ) -> DBCommunity:
+        # A função simplesmente retorna o usuário.
+        # Pode ser estendido futuramente para verificar um status "ativo".
+        return current_user
 
     # Teste
 
@@ -48,7 +92,9 @@ async def login_for_access_token(
         request: Request, form_data: OAuth2PasswordRequestForm = Depends()
     ):
         # Rota de login: valida credenciais e retorna token JWT
-        community = await authenticate_community( request, form_data.username, form_data.password)
+        community = await authenticate_community(
+            request, form_data.username, form_data.password
+        )
         if not community:
             raise HTTPException(
                 status_code=status.HTTP_401_UNAUTHORIZED,
@@ -62,4 +108,13 @@ async def login_for_access_token(
             "expires_in": expires_in,
         }
 
+    @router.get("/me", response_model=Community)
+    async def read_community_me(
+        current_community: Annotated[
+            DBCommunity, Depends(get_current_active_community)
+        ],
+    ):
+        # Rota para obter informações do usuário autenticado
+        return current_community
+
     return router  # Retorna o router configurado com as rotas de autenticação

app/routers/news/routes.py

@@ -1,11 +1,17 @@
-from fastapi import APIRouter, status
+from fastapi import APIRouter, Request, status
 from pydantic import BaseModel
+from services.database.orm.news import get_news_by_query_params
 
 
 class NewsPostResponse(BaseModel):
     status: str = "News Criada"
 
 
+class NewsGetResponse(BaseModel):
+    status: str = "Lista de News Obtida"
+    news_list: list = []
+
+
 def setup():
     router = APIRouter(prefix="/news", tags=["news"])
 
@@ -16,10 +22,30 @@ def setup():
         summary="News endpoint",
         description="Creates news and returns a confirmation message",
     )
-    async def news():
+    async def post_news():
         """
         News endpoint that creates news and returns a confirmation message.
         """
         return NewsPostResponse()
 
+    @router.get(
+        "",
+        response_model=NewsGetResponse,
+        status_code=status.HTTP_200_OK,
+        summary="Get News",
+        description="Retrieves news filtered by user and query params",
+    )
+    async def get_news(request: Request):
+        """
+        Get News endpoint that retrieves news filtered by user and query params.
+        """
+        news_list = await get_news_by_query_params(
+            session=request.app.db_session_factory,
+            id=request.query_params.get("id"),
+            user_email=request.headers.get("user-email"),
+            category=request.query_params.get("category"),
+            tags=request.query_params.get("tags"),
+        )
+        return NewsGetResponse(news_list=news_list)
+
     return router

app/services/auth.py

@@ -1,41 +1,36 @@
-#from passlib.context import CryptContext
-import bcrypt
+# from passlib.context import CryptContext
+import os
 from datetime import datetime, timedelta, timezone
-from app.schemas import TokenPayload
+
+import bcrypt
 import jwt
-import os
+
+from app.schemas import TokenPayload
 
 SECRET_KEY = os.getenv("SECRET_KEY", "default_fallback_key")
 ALGORITHM = os.getenv("ALGORITHM", "HS256")
 ACCESS_TOKEN_EXPIRE_MINUTES = int(os.getenv("ACCESS_TOKEN_EXPIRE_MINUTES", 20))
 
-def verify_password(plain, hashed): 
+
+def verify_password(plain, hashed):
     # Verifica se a senha passada bate com a hash da comunidade
     return bcrypt.checkpw(
         bytes(plain, encoding="utf-8"),
         hashed,
     )
 
-def hash_password(password): 
+
+def hash_password(password):
     # Retorna a senha em hash para salvar no banco de dados
     return bcrypt.hashpw(
         bytes(password, encoding="utf-8"),
         bcrypt.gensalt(),
     )
 
 
-
-#pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
-
-#def verify_password(plain, hashed): 
-#    # Verifica se a senha passada bate com a hash da comunidade
-#    return pwd_context.verify(plain, hashed)
-#
-#def hash_password(password): 
-#    # Retorna a senha em hash para salvar no banco de dados
-#    return pwd_context.hash(password)
-
-def create_access_token(data: TokenPayload, expires_delta: timedelta | None = None):
+def create_access_token(
+    data: TokenPayload, expires_delta: timedelta | None = None
+):
     """
     Gera um token JWT contendo os dados do usuário (payload) e uma data de expiração.
     JWT specification says that there's a key sub (subject) that should be used to identify the user.

app/services/database/orm/community.py

@@ -1,21 +1,24 @@
 from typing import Optional
+
 from sqlmodel import select
 from sqlmodel.ext.asyncio.session import AsyncSession
+
 from app.services.database.models import Community
 
 
 async def get_community_by_username(
     username: str,
-    session: AsyncSession,) -> Optional[Community]:
+    session: AsyncSession,
+) -> Optional[Community]:
     """
     Busca e retorna um membro da comunidade pelo nome de usuário.
     Retorna None se o usuário não for encontrado.
     """
     # Cria a declaração SQL para buscar a comunidade pelo nome de usuário
     statement = select(Community).where(Community.username == username)
-    
+
     # Executa a declaração na sessão e retorna o primeiro resultado
     result = await session.exec(statement)
     community = result.first()
-    
-    return community
+
+    return community

app/services/database/orm/news.py

@@ -0,0 +1,30 @@
+from typing import Optional
+
+from services.database.models import News
+from sqlmodel import select
+from sqlmodel.ext.asyncio.session import AsyncSession
+
+
+async def get_news_by_query_params(
+    session: AsyncSession,
+    user_email: Optional[str] = None,
+    category: Optional[str] = None,
+    tags: Optional[str] = None,
+    id: Optional[str] = None,
+) -> list[News]:
+    filters = []
+    if user_email is not None:
+        filters.append(News.user_email == user_email)
+    if category is not None:
+        filters.append(News.category == category)
+    if tags is not None:
+        filters.append(News.tags == tags)
+    if id is not None:
+        filters.append(News.id == id)
+
+    print("user_email:", user_email)
+    print("Filters:", filters)
+
+    statement = select(News).where(*filters)
+    results = await session.exec(statement)
+    return results.all()

tests/conftest.py

@@ -1,5 +1,4 @@
-from collections.abc import AsyncGenerator, Generator
-from unittest.mock import AsyncMock
+from collections.abc import AsyncGenerator
 
 import pytest
 import pytest_asyncio
@@ -10,7 +9,8 @@
 from sqlmodel.ext.asyncio.session import AsyncSession
 
 from app.main import app
-#from app.main import get_db_session
+
+# from app.main import get_db_session
 
 # Importar todos os modelos SQLModel a serem usados
 # (necessários para as validações de modelo)
@@ -40,7 +40,9 @@ async def get_db_session_test() -> AsyncGenerator[AsyncSession, None]:
 async def setup_database():
     async with test_engine.begin() as conn:
         await conn.run_sync(SQLModel.metadata.create_all)
-    yield test_engine    
+    yield test_engine
+    async with test_engine.begin() as conn:
+        await conn.run_sync(SQLModel.metadata.drop_all)
 
 
 @pytest_asyncio.fixture(scope="function")
@@ -50,10 +52,11 @@ async def session() -> AsyncGenerator[AsyncSession, None]:
     yield session
     await session.close()
 
+
 @pytest_asyncio.fixture
 async def test_app(session) -> FastAPI:
     mock_db_connection = session
-    setattr(app, 'db_session_factory', mock_db_connection)
+    setattr(app, "db_session_factory", mock_db_connection)
     return app