backend.im/userauthenticationservice-altocj
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update refresh token expiration from 30 to 7 days and format code

Browse Source
This commit is contained in:
Automated Action 2025-05-17 16:59:58 +00:00
parent ec714bf9f0
commit b43b669cab
19 changed files with 122 additions and 116 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/api/v1/endpoints/auth.py
View File

@ -137,7 +137,9 @@ def refresh_token(
)
# Create new refresh token
new_refresh_token = token_service.create_refresh_token(db, user_id=refresh_token.user_id)
new_refresh_token = token_service.create_refresh_token(
db, user_id=refresh_token.user_id
)
return {
"access_token": access_token,

2
app/core/config.py
View File

@ -3,6 +3,7 @@ from pathlib import Path
from pydantic import AnyHttpUrl, validator
from pydantic_settings import BaseSettings
class Settings(BaseSettings):
API_V1_STR: str = "/api/v1"
PROJECT_NAME: str = "User Authentication Service"
@ -36,6 +37,7 @@ class Settings(BaseSettings):
case_sensitive = True
env_file = ".env"
# Create the DB directory if it doesn't exist
Settings().DB_DIR.mkdir(parents=True, exist_ok=True)

3
app/core/database.py
View File

@ -6,13 +6,14 @@ from app.core.config import settings
engine = create_engine(
settings.SQLALCHEMY_DATABASE_URL,
connect_args={"check_same_thread": False} # Only needed for SQLite
connect_args={"check_same_thread": False}, # Only needed for SQLite
)
SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
Base = declarative_base()
# Dependency to get the database session
def get_db():
db = SessionLocal()

13
app/core/dependencies.py
View File

@ -1,4 +1,3 @@
from fastapi import Depends, HTTPException, status
from fastapi.security import OAuth2PasswordBearer
from jose import jwt
@ -23,9 +22,7 @@ def get_current_user(
Get current user based on JWT token
"""
try:
payload = jwt.decode(
token, settings.SECRET_KEY, algorithms=[ALGORITHM]
)
payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[ALGORITHM])
token_data = TokenPayload(**payload)
except (jwt.JWTError, ValidationError):
raise HTTPException(
@ -37,8 +34,7 @@ def get_current_user(
user = user_service.get_by_id(db, user_id=token_data.sub)
if not user:
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND,
detail="User not found"
status_code=status.HTTP_404_NOT_FOUND, detail="User not found"
)
return user
@ -51,8 +47,7 @@ def get_current_active_user(
"""
if not user_service.is_active(current_user):
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="Inactive user"
status_code=status.HTTP_400_BAD_REQUEST, detail="Inactive user"
)
return current_user
@ -66,6 +61,6 @@ def get_current_active_superuser(
if not user_service.is_superuser(current_user):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="The user doesn't have enough privileges"
detail="The user doesn't have enough privileges",
)
return current_user

4
app/models/token.py
View File

@ -8,7 +8,9 @@ class Token(Base):
__tablename__ = "tokens"
id = Column(Integer, primary_key=True, index=True)
user_id = Column(Integer, ForeignKey("users.id", ondelete="CASCADE"), nullable=False)
user_id = Column(
Integer, ForeignKey("users.id", ondelete="CASCADE"), nullable=False
)
token = Column(String, unique=True, index=True, nullable=False)
expires_at = Column(DateTime(timezone=True), nullable=False)
is_revoked = Column(Boolean, default=False)

4
app/models/user.py
View File

@ -15,4 +15,6 @@ class User(Base):
is_active = Column(Boolean, default=True)
is_superuser = Column(Boolean, default=False)
created_at = Column(DateTime(timezone=True), server_default=func.now())
updated_at = Column(DateTime(timezone=True), server_default=func.now(), onupdate=func.now())
updated_at = Column(
DateTime(timezone=True), server_default=func.now(), onupdate=func.now()
)

2
app/schemas/__init__.py
View File

@ -14,5 +14,5 @@ __all__ = [
"Message",
"HTTPValidationError",
"ResponseBase",
"ResponseData"
"ResponseData",
]

11
app/services/token.py
View File

@ -19,17 +19,14 @@ def create_refresh_token(
if expires_delta:
expire = datetime.utcnow() + expires_delta
else:
expire = datetime.utcnow() + timedelta(days=30) # 30 days default
expire = datetime.utcnow() + timedelta(days=7) # 7 days default
# Generate a secure random token
token_value = secrets.token_urlsafe(64)
# Create token in DB
db_token = Token(
user_id=user_id,
token=token_value,
expires_at=expire,
is_revoked=False
user_id=user_id, token=token_value, expires_at=expire, is_revoked=False
)
db.add(db_token)
db.commit()
@ -80,9 +77,7 @@ def decode_token(token: str) -> Optional[dict]:
Decode a JWT token
"""
try:
payload = jwt.decode(
token, settings.SECRET_KEY, algorithms=[ALGORITHM]
)
payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[ALGORITHM])
return payload
except JWTError:
return None

4
app/services/user.py
View File

@ -28,9 +28,7 @@ def get_by_username(db: Session, username: str) -> Optional[User]:
return db.query(User).filter(User.username == username).first()
def get_multi(
db: Session, *, skip: int = 0, limit: int = 100
) -> List[User]:
def get_multi(db: Session, *, skip: int = 0, limit: int = 100) -> List[User]:
"""
Get multiple users with pagination
"""

3
main.py
View File

@ -24,11 +24,14 @@ if settings.BACKEND_CORS_ORIGINS:
app.include_router(api_router, prefix=settings.API_V1_STR)
# Health check endpoint
@app.get("/health", status_code=200)
def health_check():
return {"status": "healthy"}
if __name__ == "__main__":
import uvicorn
uvicorn.run("main:app", host="0.0.0.0", port=8000, reload=True)

2
migrations/env.py
View File

@ -65,7 +65,7 @@ def run_migrations_online() -> None:
)
with connectable.connect() as connection:
is_sqlite = connection.dialect.name == 'sqlite'
is_sqlite = connection.dialect.name == "sqlite"
context.configure(
connection=connection,
target_metadata=target_metadata,

72
migrations/versions/001_create_user_token_tables.py
View File

@ -5,13 +5,14 @@ Revises:
Create Date: 2023-10-10
"""
from alembic import op
import sqlalchemy as sa
from sqlalchemy.sql import func
# revision identifiers, used by Alembic.
revision = '001'
revision = "001"
down_revision = None
branch_labels = None
depends_on = None
@ -20,46 +21,51 @@ depends_on = None
def upgrade() -> None:
# Create users table
op.create_table(
'users',
sa.Column('id', sa.Integer(), nullable=False),
sa.Column('email', sa.String(), nullable=False),
sa.Column('username', sa.String(), nullable=False),
sa.Column('hashed_password', sa.String(), nullable=False),
sa.Column('full_name', sa.String(), nullable=True),
sa.Column('is_active', sa.Boolean(), default=True),
sa.Column('is_superuser', sa.Boolean(), default=False),
sa.Column('created_at', sa.DateTime(timezone=True), server_default=func.now()),
sa.Column('updated_at', sa.DateTime(timezone=True), server_default=func.now(), onupdate=func.now()),
sa.PrimaryKeyConstraint('id')
"users",
sa.Column("id", sa.Integer(), nullable=False),
sa.Column("email", sa.String(), nullable=False),
sa.Column("username", sa.String(), nullable=False),
sa.Column("hashed_password", sa.String(), nullable=False),
sa.Column("full_name", sa.String(), nullable=True),
sa.Column("is_active", sa.Boolean(), default=True),
sa.Column("is_superuser", sa.Boolean(), default=False),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=func.now()),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=func.now(),
onupdate=func.now(),
),
sa.PrimaryKeyConstraint("id"),
)
op.create_index(op.f('ix_users_id'), 'users', ['id'], unique=False)
op.create_index(op.f('ix_users_email'), 'users', ['email'], unique=True)
op.create_index(op.f('ix_users_username'), 'users', ['username'], unique=True)
op.create_index(op.f("ix_users_id"), "users", ["id"], unique=False)
op.create_index(op.f("ix_users_email"), "users", ["email"], unique=True)
op.create_index(op.f("ix_users_username"), "users", ["username"], unique=True)
# Create tokens table
op.create_table(
'tokens',
sa.Column('id', sa.Integer(), nullable=False),
sa.Column('user_id', sa.Integer(), nullable=False),
sa.Column('token', sa.String(), nullable=False),
sa.Column('expires_at', sa.DateTime(timezone=True), nullable=False),
sa.Column('is_revoked', sa.Boolean(), default=False),
sa.Column('created_at', sa.DateTime(timezone=True), server_default=func.now()),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ondelete='CASCADE'),
sa.PrimaryKeyConstraint('id')
"tokens",
sa.Column("id", sa.Integer(), nullable=False),
sa.Column("user_id", sa.Integer(), nullable=False),
sa.Column("token", sa.String(), nullable=False),
sa.Column("expires_at", sa.DateTime(timezone=True), nullable=False),
sa.Column("is_revoked", sa.Boolean(), default=False),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=func.now()),
sa.ForeignKeyConstraint(["user_id"], ["users.id"], ondelete="CASCADE"),
sa.PrimaryKeyConstraint("id"),
)
op.create_index(op.f('ix_tokens_id'), 'tokens', ['id'], unique=False)
op.create_index(op.f('ix_tokens_token'), 'tokens', ['token'], unique=True)
op.create_index(op.f("ix_tokens_id"), "tokens", ["id"], unique=False)
op.create_index(op.f("ix_tokens_token"), "tokens", ["token"], unique=True)
def downgrade() -> None:
op.drop_index(op.f('ix_tokens_token'), table_name='tokens')
op.drop_index(op.f('ix_tokens_id'), table_name='tokens')
op.drop_table('tokens')
op.drop_index(op.f("ix_tokens_token"), table_name="tokens")
op.drop_index(op.f("ix_tokens_id"), table_name="tokens")
op.drop_table("tokens")
op.drop_index(op.f('ix_users_username'), table_name='users')
op.drop_index(op.f('ix_users_email'), table_name='users')
op.drop_index(op.f('ix_users_id'), table_name='users')
op.drop_table('users')
op.drop_index(op.f("ix_users_username"), table_name="users")
op.drop_index(op.f("ix_users_email"), table_name="users")
op.drop_index(op.f("ix_users_id"), table_name="users")
op.drop_table("users")