migrate to UV

Author: igorbenav

.gitignore

@@ -82,34 +82,7 @@ target/
 profile_default/
 ipython_config.py
 
-# pyenv
-#   For a library or package, you might want to ignore these files since the code is
-#   intended to run in multiple environments; otherwise, check them in:
-# .python-version
-
-# pipenv
-#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
-#   However, in case of collaboration, if having platform-specific dependencies or dependencies
-#   having no cross-platform support, pipenv may install dependencies that don't work, or not
-#   install all needed dependencies.
-#Pipfile.lock
-
-# poetry
-#   Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
-#   This is especially recommended for binary packages to ensure reproducibility, and is more
-#   commonly ignored for libraries.
-#   https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
-poetry.lock
-
-# pdm
-#   Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
-#pdm.lock
-#   pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it
-#   in version control.
-#   https://pdm.fming.dev/#use-with-ide
 .pdm.toml
-poetry.lock
-src/poetry.lock
 
 # PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
 __pypackages__/
@@ -154,13 +127,6 @@ dmypy.json
 # Cython debug symbols
 cython_debug/
 
-# PyCharm
-#  JetBrains specific template is maintained in a separate JetBrains.gitignore that can
-#  be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
-#  and can be added to the global gitignore or merged into this file.  For a more nuclear
-#  option (not recommended) you can uncomment the following to ignore the entire idea folder.
-#.idea/
-
 # Macos
 .DS_Store
 

.pre-commit-config.yaml

@@ -64,7 +64,7 @@ repos:
     - id: unit_test
       name: Unit test
       language: system
-      entry: poetry run pytest
+      entry: uv run pytest
       pass_filenames: false
       always_run: true
       types: [python]

CONTRIBUTING.md

@@ -10,22 +10,27 @@ Start by forking and cloning the FastAPI-boilerplate repository:
 
 1. **Fork the Repository**: Begin by forking the project repository. You can do this by visiting https://github.com/igormagalhaesr/FastAPI-boilerplate and clicking the "Fork" button.
 1. **Create a Feature Branch**: Once you've forked the repo, create a branch for your feature by running `git checkout -b feature/fooBar`.
-1. **Testing Changes**: Ensure that your changes do not break existing functionality by running tests. In the root folder, execute poetry run `python -m pytest` to run the tests.
+1. **Testing Changes**: Ensure that your changes do not break existing functionality by running tests. In the root folder, execute `uv run pytest` to run the tests.
 
-### Using Poetry for Dependency Management
-FastAPI-boilerplate uses Poetry for managing dependencies. If you don't have Poetry installed, follow the instructions on the [official Poetry website](https://python-poetry.org/docs/).
+### Using uv for Dependency Management
+FastAPI-boilerplate uses uv for managing dependencies. If you don't have uv installed, follow the instructions on the [official uv website](https://docs.astral.sh/uv/).
 
-Once Poetry is installed, navigate to the cloned repository and install the dependencies:
+Once uv is installed, navigate to the cloned repository and install the dependencies:
 ```sh
 cd FastAPI-boilerplate
-poetry install
+uv sync
 ```
 
 ### Activating the Virtual Environment
-Poetry creates a virtual environment for your project. Activate it using:
+uv creates a virtual environment for your project. Activate it using:
 
 ```sh
-poetry shell
+source .venv/bin/activate
+```
+
+Alternatively, you can run commands directly with `uv run` without activating the environment:
+```sh
+uv run python your_script.py
 ```
 
 ## Making Contributions
@@ -37,7 +42,7 @@ poetry shell
 ### Testing with Pytest
 FastAPI-boilerplate uses pytest for testing. Run tests using:
 ```sh
-poetry run pytest
+uv run pytest
 ```
 
 ### Linting
@@ -59,7 +64,7 @@ Ensure your code passes linting before submitting.
 It helps in identifying simple issues before submission to code review. By running automated checks, pre-commit can ensure code quality and consistency.
 
 1. **Install Pre-commit**:
-   - **Installation**: Install pre-commit in your development environment. Use the command `pip install pre-commit`.
+   - **Installation**: Install pre-commit in your development environment. Use the command `uv add --dev pre-commit` or `pip install pre-commit`.
    - **Setting Up Hooks**: After installing pre-commit, set up the hooks with `pre-commit install`. This command will install hooks into your .git/ directory which will automatically check your commits for issues.
 1. **Committing Your Changes**:
    After making your changes, use `git commit -am 'Add some fooBar'` to commit them. Pre-commit will run automatically on your files when you commit, ensuring that they meet the required standards.

Dockerfile

@@ -1,27 +1,44 @@
-# --------- requirements ---------
+# --------- Builder Stage ---------
+FROM ghcr.io/astral-sh/uv:python3.11-bookworm-slim AS builder
 
-FROM python:3.11 as requirements-stage
+# Set environment variables for uv
+ENV UV_COMPILE_BYTECODE=1
+ENV UV_LINK_MODE=copy
 
-WORKDIR /tmp
+WORKDIR /app
 
-RUN pip install poetry poetry-plugin-export
+# Install dependencies first (for better layer caching)
+RUN --mount=type=cache,target=/root/.cache/uv \
+    --mount=type=bind,source=uv.lock,target=uv.lock \
+    --mount=type=bind,source=pyproject.toml,target=pyproject.toml \
+    uv sync --locked --no-install-project
 
-COPY ./pyproject.toml ./poetry.lock* /tmp/
+# Copy the project source code
+COPY . /app
 
-RUN poetry export -f requirements.txt --output requirements.txt --without-hashes
+# Install the project in non-editable mode
+RUN --mount=type=cache,target=/root/.cache/uv \
+    uv sync --locked --no-editable
 
+# --------- Final Stage ---------
+FROM python:3.11-slim-bookworm
 
-# --------- final image build ---------
-FROM python:3.11
+# Create a non-root user for security
+RUN groupadd --gid 1000 app \
+    && useradd --uid 1000 --gid app --shell /bin/bash --create-home app
 
-WORKDIR /code
+# Copy the virtual environment from the builder stage
+COPY --from=builder --chown=app:app /app/.venv /app/.venv
 
-COPY --from=requirements-stage /tmp/requirements.txt /code/requirements.txt
+# Ensure the virtual environment is in the PATH
+ENV PATH="/app/.venv/bin:$PATH"
 
-RUN pip install --no-cache-dir --upgrade -r /code/requirements.txt
+# Switch to the non-root user
+USER app
 
-COPY ./src/app /code/app
+# Set the working directory
+WORKDIR /code
 
 # -------- replace with comment to run with gunicorn --------
 CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000", "--reload"]
-# CMD ["gunicorn", "app.main:app", "-w", "4", "-k", "uvicorn.workers.UvicornWorker". "-b", "0.0.0.0:8000"]
+# CMD ["gunicorn", "app.main:app", "-w", "4", "-k", "uvicorn.workers.UvicornWorker", "-b", "0.0.0.0:8000"]

docker-compose.yml

@@ -93,20 +93,6 @@ services:
   #   volumes:
   #     - ./src:/code/src
 
-  #-------- uncomment to run tests --------
-  # pytest:
-  #   build:
-  #     context: .
-  #     dockerfile: Dockerfile
-  #   env_file:
-  #     - ./src/.env
-  #   depends_on:
-  #     - db
-  #     - redis
-  #   command: python -m pytest ./tests
-  #   volumes:
-  #     - .:/code
-
   #-------- uncomment to create first tier --------
   # create_tier:
   #   build:

src/app/api/dependencies.py

@@ -1,4 +1,4 @@
-from typing import Annotated, Any
+from typing import Annotated, Any, cast
 
 from fastapi import Depends, HTTPException, Request
 from sqlalchemy.ext.asyncio import AsyncSession
@@ -12,8 +12,8 @@
 from ..crud.crud_rate_limit import crud_rate_limits
 from ..crud.crud_tier import crud_tiers
 from ..crud.crud_users import crud_users
-from ..models.user import User
-from ..schemas.rate_limit import sanitize_path
+from ..schemas.rate_limit import RateLimitRead, sanitize_path
+from ..schemas.tier import TierRead
 
 logger = logging.getLogger(__name__)
 
@@ -29,12 +29,12 @@ async def get_current_user(
         raise UnauthorizedException("User not authenticated.")
 
     if "@" in token_data.username_or_email:
-        user: dict | None = await crud_users.get(db=db, email=token_data.username_or_email, is_deleted=False)
+        user = await crud_users.get(db=db, email=token_data.username_or_email, is_deleted=False)
     else:
         user = await crud_users.get(db=db, username=token_data.username_or_email, is_deleted=False)
 
     if user:
-        return user
+        return cast(dict[str, Any], user)
 
     raise UnauthorizedException("User not authenticated.")
 
@@ -73,30 +73,32 @@ async def get_current_superuser(current_user: Annotated[dict, Depends(get_curren
 
 
 async def rate_limiter_dependency(
-    request: Request, db: Annotated[AsyncSession, Depends(async_get_db)], user: User | None = Depends(get_optional_user)
+    request: Request, db: Annotated[AsyncSession, Depends(async_get_db)], user: dict | None = Depends(get_optional_user)
 ) -> None:
     if hasattr(request.app.state, "initialization_complete"):
         await request.app.state.initialization_complete.wait()
 
     path = sanitize_path(request.url.path)
     if user:
         user_id = user["id"]
-        tier = await crud_tiers.get(db, id=user["tier_id"])
+        tier = await crud_tiers.get(db, id=user["tier_id"], schema_to_select=TierRead)
         if tier:
-            rate_limit = await crud_rate_limits.get(db=db, tier_id=tier["id"], path=path)
+            tier = cast(TierRead, tier)
+            rate_limit = await crud_rate_limits.get(db=db, tier_id=tier.id, path=path, schema_to_select=RateLimitRead)
             if rate_limit:
-                limit, period = rate_limit["limit"], rate_limit["period"]
+                rate_limit = cast(RateLimitRead, rate_limit)
+                limit, period = rate_limit.limit, rate_limit.period
             else:
                 logger.warning(
-                    f"User {user_id} with tier '{tier['name']}' has no specific rate limit for path '{path}'. \
+                    f"User {user_id} with tier '{tier.name}' has no specific rate limit for path '{path}'. \
                         Applying default rate limit."
                 )
                 limit, period = DEFAULT_LIMIT, DEFAULT_PERIOD
         else:
             logger.warning(f"User {user_id} has no assigned tier. Applying default rate limit.")
             limit, period = DEFAULT_LIMIT, DEFAULT_PERIOD
     else:
-        user_id = request.client.host
+        user_id = request.client.host if request.client else "unknown"
         limit, period = DEFAULT_LIMIT, DEFAULT_PERIOD
 
     is_limited = await rate_limiter.is_rate_limited(db=db, user_id=user_id, path=path, limit=limit, period=period)

src/app/api/v1/login.py

@@ -11,6 +11,7 @@
 from ...core.schemas import Token
 from ...core.security import (
     ACCESS_TOKEN_EXPIRE_MINUTES,
+    TokenType,
     authenticate_user,
     create_access_token,
     create_refresh_token,
@@ -37,7 +38,7 @@ async def login_for_access_token(
     max_age = settings.REFRESH_TOKEN_EXPIRE_DAYS * 24 * 60 * 60
 
     response.set_cookie(
-        key="refresh_token", value=refresh_token, httponly=True, secure=True, samesite="Lax", max_age=max_age
+        key="refresh_token", value=refresh_token, httponly=True, secure=True, samesite="lax", max_age=max_age
     )
 
     return {"access_token": access_token, "token_type": "bearer"}
@@ -49,7 +50,7 @@ async def refresh_access_token(request: Request, db: AsyncSession = Depends(asyn
     if not refresh_token:
         raise UnauthorizedException("Refresh token missing.")
 
-    user_data = await verify_token(refresh_token, db)
+    user_data = await verify_token(refresh_token, TokenType.REFRESH, db)
     if not user_data:
         raise UnauthorizedException("Invalid refresh token.")
 

src/app/api/v1/logout.py

@@ -1,7 +1,8 @@
-from fastapi import APIRouter, Depends, Response, Cookie
+from typing import Optional
+
+from fastapi import APIRouter, Cookie, Depends, Response
 from jose import JWTError
 from sqlalchemy.ext.asyncio import AsyncSession
-from typing import Optional
 
 from ...core.db.database import async_get_db
 from ...core.exceptions.http_exceptions import UnauthorizedException
@@ -15,17 +16,13 @@ async def logout(
     response: Response,
     access_token: str = Depends(oauth2_scheme),
     refresh_token: Optional[str] = Cookie(None, alias="refresh_token"),
-    db: AsyncSession = Depends(async_get_db)
+    db: AsyncSession = Depends(async_get_db),
 ) -> dict[str, str]:
     try:
         if not refresh_token:
             raise UnauthorizedException("Refresh token not found")
-            
-        await blacklist_tokens(
-            access_token=access_token,
-            refresh_token=refresh_token,
-            db=db
-        )
+
+        await blacklist_tokens(access_token=access_token, refresh_token=refresh_token, db=db)
         response.delete_cookie(key="refresh_token")
 
         return {"message": "Logged out successfully"}