Merge pull request #65 from harshraj22/auth_db

Auth db

Author: harshraj22

src/auth/main.py

@@ -1,37 +1,58 @@
 from fastapi import FastAPI, Depends, HTTPException
 from auth import AuthHandler
+import mysql.connector
 from schemas import AuthDetails
+import logging
+import requests
 
 
 app = FastAPI()
 
-
+logger = logging.getLogger(__name__)
 auth_handler = AuthHandler()
 users = [{'username': 'test', 'password': auth_handler.get_password_hash('test')}]
 
+database = mysql.connector.connect(
+  host ="subscription_db",
+  user ="root",
+  passwd ="mypassword",
+  database = 'DB'
+)
+cursor_object = database.cursor()
+
 @app.post('/register', status_code=201)
 def register(auth_details: AuthDetails):
-    if any(x['username'] == auth_details.username for x in users):
+    cursor_object.execute(f"""SELECT * FROM auth where username = '{auth_details.username}'""")
+    if len(cursor_object.fetchall()) > 0:
         raise HTTPException(status_code=400, detail='Username is taken')
     hashed_password = auth_handler.get_password_hash(auth_details.password)
-    users.append({
-        'username': auth_details.username,
-        'password': hashed_password    
-    })
+    cursor_object.execute(f"""INSERT INTO auth VALUES ('{auth_details.username}', '{hashed_password}', 'Free')""")
+    
+    database.commit()
+    requests.post(f'http://data_population:8020/sync/', json={'username': auth_details.username})
+
+    logger.info(f"User {auth_details.username} registered successfully")
     return
 
 
 @app.post('/login')
 def login(auth_details: AuthDetails):
     user = None
-    for x in users:
-        if x['username'] == auth_details.username:
-            user = x
-            break
+    user_record = cursor_object.execute(f"""SELECT * FROM auth where username = '{auth_details.username}'""")
+    user_record = cursor_object.fetchall()
+    
+    if len(user_record) > 0:
+        user = {
+            'username': user_record[0][0],
+            'password': user_record[0][1]
+        }
+
+        logger.debug(f'Entered password: {auth_details.password}, saved password: {user["password"]}')
 
     if (user is None) or (not auth_handler.verify_password(auth_details.password, user['password'])):
         raise HTTPException(status_code=401, detail='Invalid username and/or password')
     token = auth_handler.encode_token(user['username'])
+    logger.info(f"User {auth_details.username} logged in successfully")
     return { 'token': token }
 
 
@@ -42,4 +63,5 @@ def login(auth_details: AuthDetails):
 
 @app.get('/protected')
 def protected(username=Depends(auth_handler.auth_wrapper)):
-    return { 'name': username }
+    logger.info(f"User {username} accessed protected route")
+    return { 'name': username }

src/auth/requirements.txt

@@ -1,5 +1,7 @@
 PyJWT
+mysql-connector-python==8.0.32
 passlib
 bcrypt
 fastapi
-uvicorn
+uvicorn
+requests

src/data_population/Dockerfile

@@ -7,6 +7,7 @@ RUN pip install -r requirements.txt
 #COPY app.py /app.py
 ADD . /app
 WORKDIR /app
+EXPOSE 8020
 
-
-CMD ["python3", "-u", "populate.py"]
+# CMD ["python3", "-u", "populate.py"]
+CMD ["uvicorn", "populate:app", "--reload", "--host", "0.0.0.0", "--port", "8020"]

src/data_population/populate.py

@@ -2,6 +2,13 @@
 import redis
 import mysql.connector
 import logging
+from fastapi import FastAPI
+from pydantic import BaseModel
+import requests
+
+
+class Username(BaseModel):
+  username: str
 
 
 logger = logging.getLogger(__name__)
@@ -15,22 +22,41 @@
   database = 'DB'
 )
 
+app = FastAPI()
+
 r = redis.StrictRedis(host='redis', port=6379, decode_responses=True, password="")
 ALLOWED_PREFIX = 'allowed' # max number of requests allowed per WINDOW_LENGTH
 
 # preparing a cursor object
 cursor_object = database.cursor()
-user_record = """SELECT * FROM subscription_details """
-records = cursor_object.execute(user_record)
-result = cursor_object.fetchall()
 
-# >>> print(result)
-# [('free_user', 'Free', 10, 1), ('basic_user', 'Basic', 100, 15), ('advanced_user', 'Advanced', 1000, 60), ('test', 'Advanced', 1000, 60)]
+@app.post('/sync', status_code=200)
+def sync(username: Username):
+  print(f'Syncing {username} to redis')
+  user_record = f"""SELECT * FROM subscription_details where username = '{username.username}'"""
+  print(user_record)
+  cursor_object.execute(user_record)
+  result = cursor_object.fetchall()
+
+  for username, subscription_tier, request_limit, retention_period in result:
+    r.set(f'{ALLOWED_PREFIX}-{username}', request_limit) 
+
+
+@app.get('/sync_all', status_code=200)
+def sync_all():
+  user_record = """SELECT * FROM subscription_details """
+  records = cursor_object.execute(user_record)
+  result = cursor_object.fetchall()
+
+  # >>> print(result)
+  # [('free_user', 'Free', 10, 1), ('basic_user', 'Basic', 100, 15), ('advanced_user', 'Advanced', 1000, 60), ('test', 'Advanced', 1000, 60)]
+
+  logger.debug(result)
 
-logger.debug(result)
-database.close()
+  for username, subscription_tier, request_limit, retention_period in result:
+    r.set(f'{ALLOWED_PREFIX}-{username}', request_limit)
 
-for username, subscription_tier, request_limit, retention_period in result:
-  r.set(f'{ALLOWED_PREFIX}-{username}', request_limit)
+# r.close()
+if __name__ == '__main__':
+  requests.get('http://data_population:8020/sync_all/')
 
-r.close()

src/data_population/requirements.txt

@@ -1,2 +1,5 @@
 mysql-connector-python==8.0.32
-redis==4.3.3
+redis==4.3.3
+fastapi
+uvicorn
+requests

src/frontend/main_page.py

@@ -9,6 +9,22 @@
     st.session_state['token'] = None
 
 if st.session_state.token is None:
+    # Registration form
+    with st.form('Register'):
+        username = st.text_input('Username')
+        password = st.text_input('Password', type='password')
+        confirm_password = st.text_input('Confirm Password', type='password')
+        register = st.form_submit_button('Register')
+        if register:
+            if password == confirm_password:
+                r = requests.post('http://auth:8019/register', json={'username': username, 'password': password})
+                if r.status_code == 201:
+                    st.success('Registration successful')
+                else:
+                    st.error('Registration failed')
+            else:
+                st.error('Passwords do not match')
+
     with st.form('Authenticate'):
         username = st.text_input('Username')
         password = st.text_input('Password', type='password')

src/subscription_db/schema.sql

@@ -14,7 +14,7 @@ CREATE TABLE `subscription` (
 DROP TABLE IF EXISTS `auth`;
 CREATE TABLE auth (
   `username` VARCHAR(20) PRIMARY KEY,
-  `password` VARCHAR(20) NOT NULL,
+  `password` VARCHAR(80) NOT NULL,
   `subscription_tier` varchar(10) NOT NULL,
   FOREIGN KEY (`subscription_tier`) REFERENCES `subscription`(`subscription_tier`)
 ) ENGINE=InnoDB AUTO_INCREMENT=8 DEFAULT CHARSET=utf8;
@@ -31,10 +31,10 @@ VALUES
 
 INSERT INTO `auth` (`username`, `password`, `subscription_tier`) 
 VALUES 
-('free_user', 'free', 'Free'), 
-('basic_user', 'basic', 'Basic'), 
-('advanced_user', 'advanced', 'Advanced'), 
-('test', 'test', 'Advanced');
+('free_user', '$2b$12$Zyc0kpMpoqAefW9GHzotku4zxqru.2ihF.xdfuzAc6LmiRTURzcbm', 'Free'), -- password: 'free'
+('basic_user', '$2b$12$GdyyqYJ0PumKjP3RmEJJceD78xbAvoAXLS5i70kHFmelbei8x9ddG', 'Basic'), -- password: 'basic'
+('advanced_user', '$2b$12$bjNu058XT2R0dEgUi0Usn.hw4xbeahN/lmM1w3t3W8pLV9r70MXxu', 'Advanced'), -- password: 'advanced'
+('test', '$2b$12$1w6qLVssMOpw4vFoVerFQunrZnlQT1YZUW7.sErHVXSSGJPtvEvte', 'Advanced'); -- password: 'test'
 
 
 CREATE VIEW `subscription_details` AS SELECT a.username, s.subscription_tier, s.request_limit, s.retention_period FROM auth a INNER JOIN subscription s ON a.subscription_tier = s.subscription_tier;