benavlabs
diff --git a/‎README.md‎
Lines changed: 35 additions & 0 deletions b/‎README.md‎
Lines changed: 35 additions & 0 deletions
diff --git a/‎src/alembic.ini‎
Lines changed: 116 additions & 0 deletions b/‎src/alembic.ini‎
Lines changed: 116 additions & 0 deletions
diff --git a/‎src/app/api/__init__.py‎
Lines changed: 6 additions & 0 deletions b/‎src/app/api/__init__.py‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎src/app/api/dependencies.py‎
Lines changed: 40 additions & 0 deletions b/‎src/app/api/dependencies.py‎
Lines changed: 40 additions & 0 deletions
diff --git a/‎src/app/api/v1/__init__.py‎
Lines changed: 8 additions & 0 deletions b/‎src/app/api/v1/__init__.py‎
Lines changed: 8 additions & 0 deletions
diff --git a/‎src/app/api/v1/login.py‎
Lines changed: 34 additions & 0 deletions b/‎src/app/api/v1/login.py‎
Lines changed: 34 additions & 0 deletions
diff --git a/‎src/app/api/v1/users.py‎
Lines changed: 100 additions & 0 deletions b/‎src/app/api/v1/users.py‎
Lines changed: 100 additions & 0 deletions
diff --git a/‎src/app/core/config.py‎
Lines changed: 37 additions & 0 deletions b/‎src/app/core/config.py‎
Lines changed: 37 additions & 0 deletions
@@ -1,2 +1,37 @@
 # FastAPI-boilerplate
 A boilerplate for Fastapi
+
+## Running PostgreSQL with docker:
+After installing docker, run:
+```sh
+docker pull postgres
+```
+
+Then pick the port, name, user and password and replace them:
+```sh
+docker run -d \
+    -p {PORT}:{PORT} \
+    --name {NAME} \
+    -e POSTGRES_PASSWORD={PASSWORD} \
+    -e POSTGRES_USER={USER} \
+    postgres
+```
+
+Such as:
+```sh
+docker run -d \
+    -p 5432:5432 \
+    --name postgres \
+    -e POSTGRES_PASSWORD=1234 \
+    -e POSTGRES_USER=postgres \
+    postgres
+```
+
+And create the variables in a .env file in the src folder:
+```
+POSTGRES_USER="postgres"
+POSTGRES_PASSWORD=1234
+POSTGRES_SERVER="localhost"
+POSTGRES_PORT=5432
+POSTGRES_DB="postgres"
+```
@@ -0,0 +1,116 @@
+# A generic, single database configuration.
+
+[alembic]
+# path to migration scripts
+script_location = migrations
+
+# template used to generate migration file names; The default value is %%(rev)s_%%(slug)s
+# Uncomment the line below if you want the files to be prepended with date and time
+# see https://alembic.sqlalchemy.org/en/latest/tutorial.html#editing-the-ini-file
+# for all available tokens
+# file_template = %%(year)d_%%(month).2d_%%(day).2d_%%(hour).2d%%(minute).2d-%%(rev)s_%%(slug)s
+
+# sys.path path, will be prepended to sys.path if present.
+# defaults to the current working directory.
+prepend_sys_path = .
+
+# timezone to use when rendering the date within the migration file
+# as well as the filename.
+# If specified, requires the python-dateutil library that can be
+# installed by adding `alembic[tz]` to the pip requirements
+# string value is passed to dateutil.tz.gettz()
+# leave blank for localtime
+# timezone =
+
+# max length of characters to apply to the
+# "slug" field
+# truncate_slug_length = 40
+
+# set to 'true' to run the environment during
+# the 'revision' command, regardless of autogenerate
+# revision_environment = false
+
+# set to 'true' to allow .pyc and .pyo files without
+# a source .py file to be detected as revisions in the
+# versions/ directory
+# sourceless = false
+
+# version location specification; This defaults
+# to migrations/versions.  When using multiple version
+# directories, initial revisions must be specified with --version-path.
+# The path separator used here should be the separator specified by "version_path_separator" below.
+# version_locations = %(here)s/bar:%(here)s/bat:migrations/versions
+
+# version path separator; As mentioned above, this is the character used to split
+# version_locations. The default within new alembic.ini files is "os", which uses os.pathsep.
+# If this key is omitted entirely, it falls back to the legacy behavior of splitting on spaces and/or commas.
+# Valid values for version_path_separator are:
+#
+# version_path_separator = :
+# version_path_separator = ;
+# version_path_separator = space
+version_path_separator = os  # Use os.pathsep. Default configuration used for new projects.
+
+# set to 'true' to search source files recursively
+# in each "version_locations" directory
+# new in Alembic version 1.10
+# recursive_version_locations = false
+
+# the output encoding used when revision files
+# are written from script.py.mako
+# output_encoding = utf-8
+
+sqlalchemy.url = driver://user:pass@localhost/dbname
+
+
+[post_write_hooks]
+# post_write_hooks defines scripts or Python functions that are run
+# on newly generated revision scripts.  See the documentation for further
+# detail and examples
+
+# format using "black" - use the console_scripts runner, against the "black" entrypoint
+# hooks = black
+# black.type = console_scripts
+# black.entrypoint = black
+# black.options = -l 79 REVISION_SCRIPT_FILENAME
+
+# lint with attempts to fix using "ruff" - use the exec runner, execute a binary
+# hooks = ruff
+# ruff.type = exec
+# ruff.executable = %(here)s/.venv/bin/ruff
+# ruff.options = --fix REVISION_SCRIPT_FILENAME
+
+# Logging configuration
+[loggers]
+keys = root,sqlalchemy,alembic
+
+[handlers]
+keys = console
+
+[formatters]
+keys = generic
+
+[logger_root]
+level = WARN
+handlers = console
+qualname =
+
+[logger_sqlalchemy]
+level = WARN
+handlers =
+qualname = sqlalchemy.engine
+
+[logger_alembic]
+level = INFO
+handlers =
+qualname = alembic
+
+[handler_console]
+class = StreamHandler
+args = (sys.stderr,)
+level = NOTSET
+formatter = generic
+
+[formatter_generic]
+format = %(levelname)-5.5s [%(name)s] %(message)s
+datefmt = %H:%M:%S
@@ -0,0 +1,6 @@
+from fastapi import APIRouter
+
+from app.api.v1 import router as v1_router
+
+router = APIRouter(prefix="/api")
+router.include_router(v1_router)
@@ -0,0 +1,40 @@
+from typing import Annotated
+
+from app.core.security import SECRET_KEY, ALGORITHM, oauth2_scheme
+
+from sqlalchemy.ext.asyncio import AsyncSession
+from jose import JWTError, jwt
+from fastapi import Depends, HTTPException, status
+
+from app.core.database import async_get_db
+from app.crud.crud_users import get_user_by_email, get_user_by_username
+from app.core.models import TokenData
+
+async def get_current_user(token: Annotated[str, Depends(oauth2_scheme)], db: Annotated[AsyncSession, Depends(async_get_db)]):
+    credentials_exception = HTTPException(
+        status_code=status.HTTP_401_UNAUTHORIZED,
+        detail="Could not validate credentials",
+        headers={"WWW-Authenticate": "Bearer"},
+    )
+    try:
+        payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
+        username_or_email: str = payload.get("sub")
+        if username_or_email is None:
+            raise credentials_exception
+        token_data = TokenData(username_or_email=username_or_email)
+    
+    except JWTError:
+        raise credentials_exception
+    
+    if "@" in username_or_email:
+        user = await get_user_by_email(db=db, email=token_data.username_or_email)
+    else: 
+        user = await get_user_by_username(db=db, username=token_data.username_or_email)
+    
+    if user is None:
+        raise credentials_exception
+    
+    if user.is_deleted:
+        raise HTTPException(status_code=400, detai="User deleted")
+
+    return user
@@ -0,0 +1,8 @@
+from fastapi import APIRouter
+
+from app.api.v1.login import router as login_router
+from app.api.v1.users import router as users_router
+
+router = APIRouter(prefix="/v1")
+router.include_router(login_router)
+router.include_router(users_router)
@@ -0,0 +1,34 @@
+from typing import Annotated
+from datetime import timedelta
+
+from fastapi import Depends, HTTPException, status
+from fastapi.security import OAuth2PasswordRequestForm
+from sqlalchemy.ext.asyncio import AsyncSession
+import fastapi
+from app.core.database import async_get_db
+from app.core.models import Token
+from app.core.security import create_access_token, authenticate_user_by_username, authenticate_user_by_email, ACCESS_TOKEN_EXPIRE_MINUTES
+
+router = fastapi.APIRouter(tags=["login"])
+
+@router.post("/login", response_model=Token)
+async def login_for_access_token(
+    form_data: Annotated[OAuth2PasswordRequestForm, Depends()],
+    db: AsyncSession = Depends(async_get_db)
+):
+    if "@" in form_data.username:
+        user = await authenticate_user_by_email(form_data.username, form_data.password, db=db)
+    else:
+        user = await authenticate_user_by_username(form_data.username, form_data.password, db=db)
+    
+    if not user:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Incorrect email, username or password",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+    access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
+    access_token = await create_access_token(
+        data={"sub": user.username}, expires_delta=access_token_expires
+    )
+    return {"access_token": access_token, "token_type": "bearer"}
@@ -0,0 +1,100 @@
+from typing import List, Annotated
+
+from fastapi import Depends, HTTPException
+from sqlalchemy.ext.asyncio import AsyncSession
+import fastapi
+
+from app.schemas.user import UserCreate, UserUpdate, UserRead, UserBase
+from app.api.dependencies import get_current_user
+from app.core.database import async_get_db
+from ...crud.crud_users import (
+    get_user, 
+    get_user_by_email, 
+    get_users, 
+    create_user, 
+    get_user_by_username, 
+    update_user,
+    delete_user
+)
+from app.api.dependencies import get_current_user
+
+router = fastapi.APIRouter(tags=["users"])
+
+@router.post("/user", response_model=UserBase, status_code=201)
+async def write_user(user: UserCreate, db: AsyncSession = Depends(async_get_db)):
+    db_user = await get_user_by_email(db=db, email=user.email)
+    if db_user:
+        raise HTTPException(status_code=400, detail="Email is already registered")
+
+    db_user = await get_user_by_username(db=db, username=user.username)
+    if db_user:
+        raise HTTPException(status_code=400, detail="Username not available")
+
+    return await create_user(db=db, user=user)
+
+
+@router.get("/user", response_model=List[UserRead])
+async def read_users(db: AsyncSession = Depends(async_get_db)):
+    users = await get_users(db=db)
+    return users
+
+
+@router.get("/user/me/", response_model=UserRead)
+async def read_users_me(
+    current_user: Annotated[UserRead, Depends(get_current_user)]
+):
+    return current_user
+
+
+@router.get("/user/{id}", response_model=UserRead)
+async def read_user(id: int, db: AsyncSession = Depends(async_get_db)):
+    db_user = await get_user(db=db, id=id)
+    if db_user is None:
+        raise HTTPException(status_code=404, detail="User not found")
+    
+    return db_user
+
+
+@router.patch("/users/{id}", response_model=UserUpdate)
+async def patch_user(
+    values: UserUpdate, 
+    id: int, 
+    current_user: Annotated[UserRead, Depends(get_current_user)],
+    db: AsyncSession = Depends(async_get_db)
+):
+    db_user = await get_user(db=db, id=id)
+    if db_user is None:
+        raise HTTPException(status_code=404, detail="User not found")
+    
+    if db_user.id != current_user.id:
+        raise HTTPException(status_code=403, detail="You don't own this user.")
+    
+    if values.username != db_user.username:
+        existing_username = await get_user_by_username(db=db, username=values.username)
+        if existing_username is not None:
+            raise HTTPException(status_code=400, detail="Username not available")
+
+    if values.email != db_user.email:
+        existing_email = await get_user_by_email(db=db, email=values.email)
+        if existing_email:
+            raise HTTPException(status_code=400, detail="Email is already registered")
+
+    db_user = await update_user(db=db, id=id, values=values, user=db_user)
+    return db_user
+
+
+@router.delete("/user/{id}")
+async def erase_user(
+    id: int, 
+    current_user: Annotated[UserRead, Depends(get_current_user)],
+    db: AsyncSession = Depends(async_get_db)
+):
+    db_user = await get_user(db=db, id=id)
+    if db_user is None:
+        raise HTTPException(status_code=404, detail="User not found")
+    
+    if db_user.id != current_user.id:
+        raise HTTPException(status_code=403, detail="You don't own this user.")
+
+    db_user = await delete_user(db=db, id=id, user=db_user)
+    return db_user
@@ -0,0 +1,37 @@
+from typing import Optional
+
+from decouple import config
+from pydantic import SecretStr
+from pydantic_settings import BaseSettings
+
+class AppSettings(BaseSettings):
+    APP_NAME: str = config("APP_NAME")
+    APP_DESCRIPTION: str = config("APP_DESCRIPTION")
+    APP_VERSION: str = config("APP_VERSION")
+    CONTACT: dict = {
+        "name": config("CONTACT_NAME"),
+        "email": config("CONTACT_EMAIL")
+    }
+    LICENSE_NAME: dict = {"name": config("LICENSE_NAME")}
+
+
+class CryptSettings(BaseSettings):
+    SECRET_KEY: str = config("SECRET_KEY")
+    ALGORITHM: str = config("ALGORITHM")
+    ACCESS_TOKEN_EXPIRE_MINUTES: int = config("ACCESS_TOKEN_EXPIRE_MINUTES")
+
+
+class PostgresSettings(BaseSettings):
+    POSTGRES_USER: str = config("POSTGRES_USER", default="postgres")
+    POSTGRES_PASSWORD: SecretStr = config("POSTGRES_PASSWORD", default="postgres")
+    POSTGRES_SERVER: str = config("POSTGRES_SERVER", default="localhost")
+    POSTGRES_PORT: str = config("POSTGRES_PORT", default=5432)
+    POSTGRES_DB: str = config("POSTGRES_DB", default="postgres")
+    POSTGRES_URI: str = f"{POSTGRES_USER}:{POSTGRES_PASSWORD}@{POSTGRES_SERVER}:{POSTGRES_PORT}/{POSTGRES_DB}"
+
+
+class Settings(AppSettings, PostgresSettings, CryptSettings):
+    pass
+
+
+settings = Settings()