full-stack-fastapi-template/backend/app/api/routes/login.py

from datetime import timedelta
from typing import Annotated, Any

from fastapi import APIRouter, Depends, HTTPException
from fastapi.responses import HTMLResponse
from fastapi.security import OAuth2PasswordRequestForm

from app import crud
from app.api.deps import CurrentUser, SessionDep, get_current_active_superuser
from app.core import security
from app.core.config import settings
from app.core.security import get_password_hash
from app.models import Message, NewPassword, Token, User, UserOut
from app.utils import (
    generate_password_reset_token,
    generate_reset_password_email,
    send_email,
    verify_password_reset_token,
)

router = APIRouter()


@router.post("/login/access-token")
def login_access_token(
    session: SessionDep, form_data: Annotated[OAuth2PasswordRequestForm, Depends()]
) -> Token:
    """
    OAuth2 compatible token login, get an access token for future requests
    """
    user = crud.authenticate(
        session=session, email=form_data.username, password=form_data.password
    )
    if not user:
        raise HTTPException(status_code=400, detail="Incorrect email or password")
    elif not user.is_active:
        raise HTTPException(status_code=400, detail="Inactive user")
    access_token_expires = timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
    return Token(
        access_token=security.create_access_token(
            user.id, expires_delta=access_token_expires
        )
    )


@router.post("/login/test-token", response_model=UserOut)
def test_token(current_user: CurrentUser) -> Any:
    """
    Test access token
    """
    return current_user


@router.post("/password-recovery/{email}")
def recover_password(email: str, session: SessionDep) -> Message:
    """
    Password Recovery
    """
    user = crud.get_user_by_email(session=session, email=email)

    if not user:
        raise HTTPException(
            status_code=404,
            detail="The user with this username does not exist in the system.",
        )
    password_reset_token = generate_password_reset_token(email=email)
    email_data = generate_reset_password_email(
        email_to=user.email, email=email, token=password_reset_token
    )
    send_email(
        email_to=user.email,
        subject=email_data.subject,
        html_content=email_data.html_content,
    )
    return Message(message="Password recovery email sent")


@router.post("/reset-password/")
def reset_password(session: SessionDep, body: NewPassword) -> Message:
    """
    Reset password
    """
    email = verify_password_reset_token(token=body.token)
    if not email:
        raise HTTPException(status_code=400, detail="Invalid token")
    user = crud.get_user_by_email(session=session, email=email)
    if not user:
        raise HTTPException(
            status_code=404,
            detail="The user with this username does not exist in the system.",
        )
    elif not user.is_active:
        raise HTTPException(status_code=400, detail="Inactive user")
    hashed_password = get_password_hash(password=body.new_password)
    user.hashed_password = hashed_password
    session.add(user)
    session.commit()
    return Message(message="Password updated successfully")


@router.post(
    "/password-recovery-html-content/{email}",
    dependencies=[Depends(get_current_active_superuser)],
    response_class=HTMLResponse,
)
def recover_password_html_content(email: str, session: SessionDep) -> Any:
    """
    HTML Content for Password Recovery
    """
    user = crud.get_user_by_email(session=session, email=email)

    if not user:
        raise HTTPException(
            status_code=404,
            detail="The user with this username does not exist in the system.",
        )
    password_reset_token = generate_password_reset_token(email=email)
    email_data = generate_reset_password_email(
        email_to=user.email, email=email, token=password_reset_token
    )

    return HTMLResponse(
        content=email_data.html_content, headers={"subject:": email_data.subject}
    )
:tada: First commit, from couchbase generator, basic changes not tested / updated yet 2019-02-09 19:42:36 +04:00			`from datetime import timedelta`
✨ Update code for login API (#571) * ✨ Update models for login API * ✨ Add authenticate simplified CRUD * ♻️ Refactor get_current_user dependency, integrate is_active * ✨ Refactor and upgrade login API code 2023-12-27 19:06:47 +01:00			`from typing import Annotated, Any`
:tada: First commit, from couchbase generator, basic changes not tested / updated yet 2019-02-09 19:42:36 +04:00
✨ Update code for login API (#571) * ✨ Update models for login API * ✨ Add authenticate simplified CRUD * ♻️ Refactor get_current_user dependency, integrate is_active * ✨ Refactor and upgrade login API code 2023-12-27 19:06:47 +01:00			`from fastapi import APIRouter, Depends, HTTPException`
✨ Create endpoint to show password recovery email content and update email template (#664) 2024-03-10 00:53:46 +01:00			`from fastapi.responses import HTMLResponse`
:tada: First commit, from couchbase generator, basic changes not tested / updated yet 2019-02-09 19:42:36 +04:00			`from fastapi.security import OAuth2PasswordRequestForm`

✨ Update code for login API (#571) * ✨ Update models for login API * ✨ Add authenticate simplified CRUD * ♻️ Refactor get_current_user dependency, integrate is_active * ✨ Refactor and upgrade login API code 2023-12-27 19:06:47 +01:00			`from app import crud`
✨ Create endpoint to show password recovery email content and update email template (#664) 2024-03-10 00:53:46 +01:00			`from app.api.deps import CurrentUser, SessionDep, get_current_active_superuser`
:recycle: Refactor backend, settings, DB sessions, types, configs, plugins (#158) * :recycle: Refactor backend, update DB session handling * :sparkles: Add mypy config and plugins * :heavy_plus_sign: Use Python-jose instead of PyJWT as it has some extra functionalities and features * :sparkles: Add/update scripts for test, lint, format * :wrench: Update lint and format configs * :art: Update import format, comments, and types * :art: Add types to config * :sparkles: Add types for all the code, and small fixes * :art: Use global imports to simplify exploring with Jupyter * :recycle: Import schemas and models, instead of each class * :truck: Rename db_session to db for simplicity * :pushpin: Update dependencies installation for testing 2020-04-20 19:03:13 +02:00			`from app.core import security`
:sparkles: Use Pydantic BaseSettings for config settings (#87) * Use Pydantic BaseSettings for config settings * Update fastapi dep to >=0.47.0 and email_validator to email-validator * Fix deprecation warning for Pydantic >=1.0 * Properly support old-format comma separated strings for BACKEND_CORS_ORIGINS Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> 2020-04-16 23:56:10 -06:00			`from app.core.config import settings`
:sparkles: Update all for Postgres and new techniques 2019-02-23 18:44:29 +04:00			`from app.core.security import get_password_hash`
✅ Add tests to raise coverage to at least 90% and fix recover password logic (#632) Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> 2024-03-07 18:21:46 -05:00			`from app.models import Message, NewPassword, Token, User, UserOut`
:tada: First commit, from couchbase generator, basic changes not tested / updated yet 2019-02-09 19:42:36 +04:00			`from app.utils import (`
			`generate_password_reset_token,`
♻️ Refactor email logic to allow re-using util functions for testing and development (#663) 2024-03-10 00:02:36 +01:00			`generate_reset_password_email,`
			`send_email,`
:tada: First commit, from couchbase generator, basic changes not tested / updated yet 2019-02-09 19:42:36 +04:00			`verify_password_reset_token,`
			`)`

			`router = APIRouter()`


✨ Update code for login API (#571) * ✨ Update models for login API * ✨ Add authenticate simplified CRUD * ♻️ Refactor get_current_user dependency, integrate is_active * ✨ Refactor and upgrade login API code 2023-12-27 19:06:47 +01:00			`@router.post("/login/access-token")`
:sparkles: Update all for Postgres and new techniques 2019-02-23 18:44:29 +04:00			`def login_access_token(`
✨ Update code for login API (#571) * ✨ Update models for login API * ✨ Add authenticate simplified CRUD * ♻️ Refactor get_current_user dependency, integrate is_active * ✨ Refactor and upgrade login API code 2023-12-27 19:06:47 +01:00			`session: SessionDep, form_data: Annotated[OAuth2PasswordRequestForm, Depends()]`
			`) -> Token:`
:tada: First commit, from couchbase generator, basic changes not tested / updated yet 2019-02-09 19:42:36 +04:00			`"""`
			`OAuth2 compatible token login, get an access token for future requests`
			`"""`
✨ Update code for login API (#571) * ✨ Update models for login API * ✨ Add authenticate simplified CRUD * ♻️ Refactor get_current_user dependency, integrate is_active * ✨ Refactor and upgrade login API code 2023-12-27 19:06:47 +01:00			`user = crud.authenticate(`
			`session=session, email=form_data.username, password=form_data.password`
:sparkles: Update all for Postgres and new techniques 2019-02-23 18:44:29 +04:00			`)`
:tada: First commit, from couchbase generator, basic changes not tested / updated yet 2019-02-09 19:42:36 +04:00			`if not user:`
			`raise HTTPException(status_code=400, detail="Incorrect email or password")`
✨ Update code for login API (#571) * ✨ Update models for login API * ✨ Add authenticate simplified CRUD * ♻️ Refactor get_current_user dependency, integrate is_active * ✨ Refactor and upgrade login API code 2023-12-27 19:06:47 +01:00			`elif not user.is_active:`
:tada: First commit, from couchbase generator, basic changes not tested / updated yet 2019-02-09 19:42:36 +04:00			`raise HTTPException(status_code=400, detail="Inactive user")`
:sparkles: Use Pydantic BaseSettings for config settings (#87) * Use Pydantic BaseSettings for config settings * Update fastapi dep to >=0.47.0 and email_validator to email-validator * Fix deprecation warning for Pydantic >=1.0 * Properly support old-format comma separated strings for BACKEND_CORS_ORIGINS Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com> 2020-04-16 23:56:10 -06:00			`access_token_expires = timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)`
✨ Update code for login API (#571) * ✨ Update models for login API * ✨ Add authenticate simplified CRUD * ♻️ Refactor get_current_user dependency, integrate is_active * ✨ Refactor and upgrade login API code 2023-12-27 19:06:47 +01:00			`return Token(`
			`access_token=security.create_access_token(`
:recycle: Refactor backend, settings, DB sessions, types, configs, plugins (#158) * :recycle: Refactor backend, update DB session handling * :sparkles: Add mypy config and plugins * :heavy_plus_sign: Use Python-jose instead of PyJWT as it has some extra functionalities and features * :sparkles: Add/update scripts for test, lint, format * :wrench: Update lint and format configs * :art: Update import format, comments, and types * :art: Add types to config * :sparkles: Add types for all the code, and small fixes * :art: Use global imports to simplify exploring with Jupyter * :recycle: Import schemas and models, instead of each class * :truck: Rename db_session to db for simplicity * :pushpin: Update dependencies installation for testing 2020-04-20 19:03:13 +02:00			`user.id, expires_delta=access_token_expires`
✨ Update code for login API (#571) * ✨ Update models for login API * ✨ Add authenticate simplified CRUD * ♻️ Refactor get_current_user dependency, integrate is_active * ✨ Refactor and upgrade login API code 2023-12-27 19:06:47 +01:00			`)`
			`)`
:tada: First commit, from couchbase generator, basic changes not tested / updated yet 2019-02-09 19:42:36 +04:00

✨ Update code for login API (#571) * ✨ Update models for login API * ✨ Add authenticate simplified CRUD * ♻️ Refactor get_current_user dependency, integrate is_active * ✨ Refactor and upgrade login API code 2023-12-27 19:06:47 +01:00			`@router.post("/login/test-token", response_model=UserOut)`
			`def test_token(current_user: CurrentUser) -> Any:`
:tada: First commit, from couchbase generator, basic changes not tested / updated yet 2019-02-09 19:42:36 +04:00			`"""`
			`Test access token`
			`"""`
			`return current_user`


✨ Update code for login API (#571) * ✨ Update models for login API * ✨ Add authenticate simplified CRUD * ♻️ Refactor get_current_user dependency, integrate is_active * ✨ Refactor and upgrade login API code 2023-12-27 19:06:47 +01:00			`@router.post("/password-recovery/{email}")`
			`def recover_password(email: str, session: SessionDep) -> Message:`
:tada: First commit, from couchbase generator, basic changes not tested / updated yet 2019-02-09 19:42:36 +04:00			`"""`
			`Password Recovery`
			`"""`
✨ Update code for login API (#571) * ✨ Update models for login API * ✨ Add authenticate simplified CRUD * ♻️ Refactor get_current_user dependency, integrate is_active * ✨ Refactor and upgrade login API code 2023-12-27 19:06:47 +01:00			`user = crud.get_user_by_email(session=session, email=email)`
:tada: First commit, from couchbase generator, basic changes not tested / updated yet 2019-02-09 19:42:36 +04:00
			`if not user:`
			`raise HTTPException(`
			`status_code=404,`
			`detail="The user with this username does not exist in the system.",`
			`)`
:sparkles: Update all for Postgres and new techniques 2019-02-23 18:44:29 +04:00			`password_reset_token = generate_password_reset_token(email=email)`
♻️ Refactor email logic to allow re-using util functions for testing and development (#663) 2024-03-10 00:02:36 +01:00			`email_data = generate_reset_password_email(`
:sparkles: Update all for Postgres and new techniques 2019-02-23 18:44:29 +04:00			`email_to=user.email, email=email, token=password_reset_token`
:tada: First commit, from couchbase generator, basic changes not tested / updated yet 2019-02-09 19:42:36 +04:00			`)`
♻️ Refactor email logic to allow re-using util functions for testing and development (#663) 2024-03-10 00:02:36 +01:00			`send_email(`
			`email_to=user.email,`
			`subject=email_data.subject,`
			`html_content=email_data.html_content,`
			`)`
✨ Update code for login API (#571) * ✨ Update models for login API * ✨ Add authenticate simplified CRUD * ♻️ Refactor get_current_user dependency, integrate is_active * ✨ Refactor and upgrade login API code 2023-12-27 19:06:47 +01:00			`return Message(message="Password recovery email sent")`
:tada: First commit, from couchbase generator, basic changes not tested / updated yet 2019-02-09 19:42:36 +04:00

✨ Update code for login API (#571) * ✨ Update models for login API * ✨ Add authenticate simplified CRUD * ♻️ Refactor get_current_user dependency, integrate is_active * ✨ Refactor and upgrade login API code 2023-12-27 19:06:47 +01:00			`@router.post("/reset-password/")`
♻️ Remove type ignores and add `response_model` (#572) 2023-12-27 13:37:05 -05:00			`def reset_password(session: SessionDep, body: NewPassword) -> Message:`
:tada: First commit, from couchbase generator, basic changes not tested / updated yet 2019-02-09 19:42:36 +04:00			`"""`
			`Reset password`
			`"""`
✨ Create endpoint to show password recovery email content and update email template (#664) 2024-03-10 00:53:46 +01:00			`email = verify_password_reset_token(token=body.token)`
			`if not email:`
:tada: First commit, from couchbase generator, basic changes not tested / updated yet 2019-02-09 19:42:36 +04:00			`raise HTTPException(status_code=400, detail="Invalid token")`
✨ Create endpoint to show password recovery email content and update email template (#664) 2024-03-10 00:53:46 +01:00			`user = crud.get_user_by_email(session=session, email=email)`
:tada: First commit, from couchbase generator, basic changes not tested / updated yet 2019-02-09 19:42:36 +04:00			`if not user:`
			`raise HTTPException(`
			`status_code=404,`
			`detail="The user with this username does not exist in the system.",`
			`)`
✨ Update code for login API (#571) * ✨ Update models for login API * ✨ Add authenticate simplified CRUD * ♻️ Refactor get_current_user dependency, integrate is_active * ✨ Refactor and upgrade login API code 2023-12-27 19:06:47 +01:00			`elif not user.is_active:`
:tada: First commit, from couchbase generator, basic changes not tested / updated yet 2019-02-09 19:42:36 +04:00			`raise HTTPException(status_code=400, detail="Inactive user")`
✨ Update code for login API (#571) * ✨ Update models for login API * ✨ Add authenticate simplified CRUD * ♻️ Refactor get_current_user dependency, integrate is_active * ✨ Refactor and upgrade login API code 2023-12-27 19:06:47 +01:00			`hashed_password = get_password_hash(password=body.new_password)`
:sparkles: Update all for Postgres and new techniques 2019-02-23 18:44:29 +04:00			`user.hashed_password = hashed_password`
✨ Update code for login API (#571) * ✨ Update models for login API * ✨ Add authenticate simplified CRUD * ♻️ Refactor get_current_user dependency, integrate is_active * ✨ Refactor and upgrade login API code 2023-12-27 19:06:47 +01:00			`session.add(user)`
			`session.commit()`
			`return Message(message="Password updated successfully")`
✨ Create endpoint to show password recovery email content and update email template (#664) 2024-03-10 00:53:46 +01:00

			`@router.post(`
			`"/password-recovery-html-content/{email}",`
			`dependencies=[Depends(get_current_active_superuser)],`
			`response_class=HTMLResponse,`
			`)`
			`def recover_password_html_content(email: str, session: SessionDep) -> Any:`
			`"""`
			`HTML Content for Password Recovery`
			`"""`
			`user = crud.get_user_by_email(session=session, email=email)`

			`if not user:`
			`raise HTTPException(`
			`status_code=404,`
			`detail="The user with this username does not exist in the system.",`
			`)`
			`password_reset_token = generate_password_reset_token(email=email)`
			`email_data = generate_reset_password_email(`
			`email_to=user.email, email=email, token=password_reset_token`
			`)`

			`return HTMLResponse(`
			`content=email_data.html_content, headers={"subject:": email_data.subject}`
			`)`