mongodb-labs
diff --git a/‎.DS_Store
6 KB b/‎.DS_Store
6 KB
diff --git a/‎{{cookiecutter.project_slug}}/backend/.DS_Store
6 KB b/‎{{cookiecutter.project_slug}}/backend/.DS_Store
6 KB
diff --git a/‎{{cookiecutter.project_slug}}/backend/app/.DS_Store
6 KB b/‎{{cookiecutter.project_slug}}/backend/app/.DS_Store
6 KB
diff --git a/‎{{cookiecutter.project_slug}}/backend/app/app/__version__.py
Lines changed: 1 addition & 1 deletion b/‎{{cookiecutter.project_slug}}/backend/app/app/__version__.py
Lines changed: 1 addition & 1 deletion
diff --git a/‎{{cookiecutter.project_slug}}/backend/app/app/api/api_v1/endpoints/login.py
Lines changed: 40 additions & 39 deletions b/‎{{cookiecutter.project_slug}}/backend/app/app/api/api_v1/endpoints/login.py
Lines changed: 40 additions & 39 deletions
diff --git a/‎{{cookiecutter.project_slug}}/backend/app/app/api/api_v1/endpoints/proxy.py
Lines changed: 8 additions & 3 deletions b/‎{{cookiecutter.project_slug}}/backend/app/app/api/api_v1/endpoints/proxy.py
Lines changed: 8 additions & 3 deletions
@@ -1 +1 @@
-__version__="0.1.0"
+__version__ = "0.1.0"
@@ -1,8 +1,8 @@
-from typing import Any, Union, Dict
+from typing import Any, Union
 
 from fastapi import APIRouter, Body, Depends, HTTPException
 from fastapi.security import OAuth2PasswordRequestForm
-from sqlalchemy.orm import Session
+from motor.core import AgnosticDatabase
 
 from app import crud, models, schemas
 from app.api import deps
@@ -24,7 +24,7 @@
         - The user ID or password was incorrect.
         - The account does not exist.
         - The account is locked or disabled.
-    - Code should go through the same process, no matter what, allowing the application to return in approximately 
+    - Code should go through the same process, no matter what, allowing the application to return in approximately
       the same response time.
     - In the words of George Orwell, break these rules sooner than do something truly barbaric.
 
@@ -33,15 +33,15 @@
 
 
 @router.post("/magic/{email}", response_model=schemas.WebToken)
-def login_with_magic_link(*, db: Session = Depends(deps.get_db), email: str) -> Any:
+async def login_with_magic_link(*, db: AgnosticDatabase = Depends(deps.get_db), email: str) -> Any:
     """
     First step of a 'magic link' login. Check if the user exists and generate a magic link. Generates two short-duration
     jwt tokens, one for validation, one for email. Creates user if not exist.
     """
-    user = crud.user.get_by_email(db, email=email)
+    user = await crud.user.get_by_email(db, email=email)
     if not user:
         user_in = schemas.UserCreate(**{"email": email})
-        user = crud.user.create(db, obj_in=user_in)
+        user = await crud.user.create(db, obj_in=user_in)
     if not crud.user.is_active(user):
         # Still permits a timed-attack, but does create ambiguity.
         raise HTTPException(status_code=400, detail="A link to activate your account has been emailed.")
@@ -53,9 +53,9 @@ def login_with_magic_link(*, db: Session = Depends(deps.get_db), email: str) ->
 
 
 @router.post("/claim", response_model=schemas.Token)
-def validate_magic_link(
+async def validate_magic_link(
     *,
-    db: Session = Depends(deps.get_db),
+    db: AgnosticDatabase = Depends(deps.get_db),
     obj_in: schemas.WebToken,
     magic_in: bool = Depends(deps.get_magic_token),
 ) -> Any:
@@ -64,7 +64,7 @@ def validate_magic_link(
     """
     claim_in = deps.get_magic_token(token=obj_in.claim)
     # Get the user
-    user = crud.user.get(db, id=magic_in.sub)
+    user = await crud.user.get(db, id=magic_in.sub)
     # Test the claims
     if (
         (claim_in.sub == magic_in.sub)
@@ -75,15 +75,15 @@ def validate_magic_link(
         raise HTTPException(status_code=400, detail="Login failed; invalid claim.")
     # Validate that the email is the user's
     if not user.email_validated:
-        crud.user.validate_email(db=db, db_obj=user)
+        await crud.user.validate_email(db=db, db_obj=user)
     # Check if totp active
     refresh_token = None
     force_totp = True
     if not user.totp_secret:
         # No TOTP, so this concludes the login validation
         force_totp = False
         refresh_token = security.create_refresh_token(subject=user.id)
-        crud.token.create(db=db, obj_in=refresh_token, user_obj=user)
+        await crud.token.create(db=db, obj_in=refresh_token, user_obj=user)
     return {
         "access_token": security.create_access_token(subject=user.id, force_totp=force_totp),
         "refresh_token": refresh_token,
@@ -92,11 +92,13 @@ def validate_magic_link(
 
 
 @router.post("/oauth", response_model=schemas.Token)
-def login_with_oauth2(db: Session = Depends(deps.get_db), form_data: OAuth2PasswordRequestForm = Depends()) -> Any:
+async def login_with_oauth2(
+    db: AgnosticDatabase = Depends(deps.get_db), form_data: OAuth2PasswordRequestForm = Depends()
+) -> Any:
     """
     First step with OAuth2 compatible token login, get an access token for future requests.
     """
-    user = crud.user.authenticate(db, email=form_data.username, password=form_data.password)
+    user = await crud.user.authenticate(db, email=form_data.username, password=form_data.password)
     if not form_data.password or not user or not crud.user.is_active(user):
         raise HTTPException(status_code=400, detail="Login failed; incorrect email or password")
     # Check if totp active
@@ -106,7 +108,7 @@ def login_with_oauth2(db: Session = Depends(deps.get_db), form_data: OAuth2Passw
         # No TOTP, so this concludes the login validation
         force_totp = False
         refresh_token = security.create_refresh_token(subject=user.id)
-        crud.token.create(db=db, obj_in=refresh_token, user_obj=user)
+        await crud.token.create(db=db, obj_in=refresh_token, user_obj=user)
     return {
         "access_token": security.create_access_token(subject=user.id, force_totp=force_totp),
         "refresh_token": refresh_token,
@@ -115,9 +117,9 @@ def login_with_oauth2(db: Session = Depends(deps.get_db), form_data: OAuth2Passw
 
 
 @router.post("/totp", response_model=schemas.Token)
-def login_with_totp(
+async def login_with_totp(
     *,
-    db: Session = Depends(deps.get_db),
+    db: AgnosticDatabase = Depends(deps.get_db),
     totp_data: schemas.WebToken,
     current_user: models.User = Depends(deps.get_totp_user),
 ) -> Any:
@@ -130,9 +132,9 @@ def login_with_totp(
     if not new_counter:
         raise HTTPException(status_code=400, detail="Login failed; unable to verify TOTP.")
     # Save the new counter to prevent reuse
-    current_user = crud.user.update_totp_counter(db=db, db_obj=current_user, new_counter=new_counter)
+    current_user = await crud.user.update_totp_counter(db=db, db_obj=current_user, new_counter=new_counter)
     refresh_token = security.create_refresh_token(subject=current_user.id)
-    crud.token.create(db=db, obj_in=refresh_token, user_obj=current_user)
+    await crud.token.create(db=db, obj_in=refresh_token, user_obj=current_user)
     return {
         "access_token": security.create_access_token(subject=current_user.id),
         "refresh_token": refresh_token,
@@ -141,17 +143,17 @@ def login_with_totp(
 
 
 @router.put("/totp", response_model=schemas.Msg)
-def enable_totp_authentication(
+async def enable_totp_authentication(
     *,
-    db: Session = Depends(deps.get_db),
+    db: AgnosticDatabase = Depends(deps.get_db),
     data_in: schemas.EnableTOTP,
     current_user: models.User = Depends(deps.get_current_active_user),
 ) -> Any:
     """
     For validation of token before enabling TOTP.
     """
     if current_user.hashed_password:
-        user = crud.user.authenticate(db, email=current_user.email, password=data_in.password)
+        user = await crud.user.authenticate(db, email=current_user.email, password=data_in.password)
         if not data_in.password or not user:
             raise HTTPException(status_code=400, detail="Unable to authenticate or activate TOTP.")
     totp_in = security.create_new_totp(label=current_user.email, uri=data_in.uri)
@@ -161,39 +163,39 @@ def enable_totp_authentication(
     if not new_counter:
         raise HTTPException(status_code=400, detail="Unable to authenticate or activate TOTP.")
     # Enable TOTP and save the new counter to prevent reuse
-    current_user = crud.user.activate_totp(db=db, db_obj=current_user, totp_in=totp_in)
-    current_user = crud.user.update_totp_counter(db=db, db_obj=current_user, new_counter=new_counter)
+    current_user = await crud.user.activate_totp(db=db, db_obj=current_user, totp_in=totp_in)
+    current_user = await crud.user.update_totp_counter(db=db, db_obj=current_user, new_counter=new_counter)
     return {"msg": "TOTP enabled. Do not lose your recovery code."}
 
 
 @router.delete("/totp", response_model=schemas.Msg)
-def disable_totp_authentication(
+async def disable_totp_authentication(
     *,
-    db: Session = Depends(deps.get_db),
+    db: AgnosticDatabase = Depends(deps.get_db),
     data_in: schemas.UserUpdate,
     current_user: models.User = Depends(deps.get_current_active_user),
 ) -> Any:
     """
     Disable TOTP.
     """
     if current_user.hashed_password:
-        user = crud.user.authenticate(db, email=current_user.email, password=data_in.original)
+        user = await crud.user.authenticate(db, email=current_user.email, password=data_in.original)
         if not data_in.original or not user:
             raise HTTPException(status_code=400, detail="Unable to authenticate or deactivate TOTP.")
-    crud.user.deactivate_totp(db=db, db_obj=current_user)
+    await crud.user.deactivate_totp(db=db, db_obj=current_user)
     return {"msg": "TOTP disabled."}
 
 
 @router.post("/refresh", response_model=schemas.Token)
-def refresh_token(
-    db: Session = Depends(deps.get_db),
+async def refresh_token(
+    db: AgnosticDatabase = Depends(deps.get_db),
     current_user: models.User = Depends(deps.get_refresh_user),
 ) -> Any:
     """
     Refresh tokens for future requests
     """
     refresh_token = security.create_refresh_token(subject=current_user.id)
-    crud.token.create(db=db, obj_in=refresh_token, user_obj=current_user)
+    await crud.token.create(db=db, obj_in=refresh_token, user_obj=current_user)
     return {
         "access_token": security.create_access_token(subject=current_user.id),
         "refresh_token": refresh_token,
@@ -202,8 +204,8 @@ def refresh_token(
 
 
 @router.post("/revoke", response_model=schemas.Msg)
-def revoke_token(
-    db: Session = Depends(deps.get_db),
+async def revoke_token(
+    db: AgnosticDatabase = Depends(deps.get_db),
     current_user: models.User = Depends(deps.get_refresh_user),
 ) -> Any:
     """
@@ -213,11 +215,11 @@ def revoke_token(
 
 
 @router.post("/recover/{email}", response_model=Union[schemas.WebToken, schemas.Msg])
-def recover_password(email: str, db: Session = Depends(deps.get_db)) -> Any:
+async def recover_password(email: str, db: AgnosticDatabase = Depends(deps.get_db)) -> Any:
     """
     Password Recovery
     """
-    user = crud.user.get_by_email(db, email=email)
+    user = await crud.user.get_by_email(db, email=email)
     if user and crud.user.is_active(user):
         tokens = security.create_magic_tokens(subject=user.id)
         if settings.EMAILS_ENABLED:
@@ -227,9 +229,9 @@ def recover_password(email: str, db: Session = Depends(deps.get_db)) -> Any:
 
 
 @router.post("/reset", response_model=schemas.Msg)
-def reset_password(
+async def reset_password(
     *,
-    db: Session = Depends(deps.get_db),
+    db: AgnosticDatabase = Depends(deps.get_db),
     new_password: str = Body(...),
     claim: str = Body(...),
     magic_in: bool = Depends(deps.get_magic_token),
@@ -239,7 +241,7 @@ def reset_password(
     """
     claim_in = deps.get_magic_token(token=claim)
     # Get the user
-    user = crud.user.get(db, id=magic_in.sub)
+    user = await crud.user.get(db, id=magic_in.sub)
     # Test the claims
     if (
         (claim_in.sub == magic_in.sub)
@@ -251,6 +253,5 @@ def reset_password(
     # Update the password
     hashed_password = security.get_password_hash(new_password)
     user.hashed_password = hashed_password
-    db.add(user)
-    db.commit()
+    await user.save()
     return {"msg": "Password updated successfully."}
@@ -17,7 +17,10 @@
 
 @router.post("/{path:path}")
 async def proxy_post_request(
-    *, path: AnyHttpUrl, request: Request, current_user: models.User = Depends(deps.get_current_active_user),
+    *,
+    path: AnyHttpUrl,
+    request: Request,
+    current_user: models.User = Depends(deps.get_current_active_user),
 ) -> Any:
     # https://www.starlette.io/requests/
     # https://www.python-httpx.org/quickstart/
@@ -39,7 +42,10 @@ async def proxy_post_request(
 
 @router.get("/{path:path}")
 async def proxy_get_request(
-    *, path: AnyHttpUrl, request: Request, current_user: models.User = Depends(deps.get_current_active_user),
+    *,
+    path: AnyHttpUrl,
+    request: Request,
+    current_user: models.User = Depends(deps.get_current_active_user),
 ) -> Any:
     try:
         headers = {
@@ -52,4 +58,3 @@ async def proxy_get_request(
         return response
     except Exception as e:
         raise HTTPException(status_code=403, detail=str(e))
-
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-__version__="0.1.0"`
	`1`	`+__version__ = "0.1.0"`