nt_web_template/full-stack-fastapi-template
2
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

🔥 Remove USERS_OPEN_REGISTRATION config, make registration enabled by default (#1274)

Browse Source
This commit is contained in:
Alejandra
2024-07-31 17:08:26 -05:00
committed by GitHub
parent 7bba5a85f0
commit 1f686689f1
7 changed files with 31 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.env
View File

@@ -13,7 +13,6 @@ BACKEND_CORS_ORIGINS="http://localhost,http://localhost:5173,https://localhost,h
SECRET_KEY=changethis SECRET_KEY=changethis
FIRST_SUPERUSER=admin@example.com FIRST_SUPERUSER=admin@example.com
FIRST_SUPERUSER_PASSWORD=changethis FIRST_SUPERUSER_PASSWORD=changethis
USERS_OPEN_REGISTRATION=True
# Emails # Emails
SMTP_HOST= SMTP_HOST=

10
backend/README.md
View File

@@ -63,16 +63,6 @@ Make sure your editor is using the correct Python virtual environment.
Modify or add SQLModel models for data and SQL tables in `./backend/app/models.py`, API endpoints in `./backend/app/api/`, CRUD (Create, Read, Update, Delete) utils in `./backend/app/crud.py`. Modify or add SQLModel models for data and SQL tables in `./backend/app/models.py`, API endpoints in `./backend/app/api/`, CRUD (Create, Read, Update, Delete) utils in `./backend/app/crud.py`.
### Enabling Open User Registration
By default the backend has user registration disabled, but there's already a route to register users. If you want to allow users to register themselves, you can set the environment variable `USERS_OPEN_REGISTRATION` to `True` in the `.env` file.
After modifying the environment variables, restart the Docker containers to apply the changes. You can do this by running:
```console
$ docker compose up -d
```
### VS Code ### VS Code
There are already configurations in place to run the backend through the VS Code debugger, so that you can use breakpoints, pause and explore variables, etc. There are already configurations in place to run the backend through the VS Code debugger, so that you can use breakpoints, pause and explore variables, etc.

5
backend/app/api/routes/users.py
View File

@@ -146,11 +146,6 @@ def register_user(session: SessionDep, user_in: UserRegister) -> Any:
""" """
Create new user without the need to be logged in. Create new user without the need to be logged in.
""" """
if not settings.USERS_OPEN_REGISTRATION:
raise HTTPException(
status_code=403,
detail="Open user registration is forbidden on this server",
)
user = crud.get_user_by_email(session=session, email=user_in.email) user = crud.get_user_by_email(session=session, email=user_in.email)
if user: if user:
raise HTTPException( raise HTTPException(

1
backend/app/core/config.py
View File

@@ -94,7 +94,6 @@ class Settings(BaseSettings):
# TODO: update type to EmailStr when sqlmodel supports it # TODO: update type to EmailStr when sqlmodel supports it
FIRST_SUPERUSER: str FIRST_SUPERUSER: str
FIRST_SUPERUSER_PASSWORD: str FIRST_SUPERUSER_PASSWORD: str
USERS_OPEN_REGISTRATION: bool = False
def _check_default_secret(self, var_name: str, value: str | None) -> None: def _check_default_secret(self, var_name: str, value: str | None) -> None:
if value == "changethis": if value == "changethis":

83
backend/app/tests/api/routes/test_users.py
View File

@@ -283,62 +283,41 @@ def test_update_password_me_same_password_error(
def test_register_user(client: TestClient, db: Session) -> None: def test_register_user(client: TestClient, db: Session) -> None:
with patch("app.core.config.settings.USERS_OPEN_REGISTRATION", True): username = random_email()
username = random_email() password = random_lower_string()
password = random_lower_string() full_name = random_lower_string()
full_name = random_lower_string() data = {"email": username, "password": password, "full_name": full_name}
data = {"email": username, "password": password, "full_name": full_name} r = client.post(
r = client.post( f"{settings.API_V1_STR}/users/signup",
f"{settings.API_V1_STR}/users/signup", json=data,
json=data, )
) assert r.status_code == 200
assert r.status_code == 200 created_user = r.json()
created_user = r.json() assert created_user["email"] == username
assert created_user["email"] == username assert created_user["full_name"] == full_name
assert created_user["full_name"] == full_name
user_query = select(User).where(User.email == username) user_query = select(User).where(User.email == username)
user_db = db.exec(user_query).first() user_db = db.exec(user_query).first()
assert user_db assert user_db
assert user_db.email == username assert user_db.email == username
assert user_db.full_name == full_name assert user_db.full_name == full_name
assert verify_password(password, user_db.hashed_password) assert verify_password(password, user_db.hashed_password)
def test_register_user_forbidden_error(client: TestClient) -> None:
with patch("app.core.config.settings.USERS_OPEN_REGISTRATION", False):
username = random_email()
password = random_lower_string()
full_name = random_lower_string()
data = {"email": username, "password": password, "full_name": full_name}
r = client.post(
f"{settings.API_V1_STR}/users/signup",
json=data,
)
assert r.status_code == 403
assert (
r.json()["detail"] == "Open user registration is forbidden on this server"
)
def test_register_user_already_exists_error(client: TestClient) -> None: def test_register_user_already_exists_error(client: TestClient) -> None:
with patch("app.core.config.settings.USERS_OPEN_REGISTRATION", True): password = random_lower_string()
password = random_lower_string() full_name = random_lower_string()
full_name = random_lower_string() data = {
data = { "email": settings.FIRST_SUPERUSER,
"email": settings.FIRST_SUPERUSER, "password": password,
"password": password, "full_name": full_name,
"full_name": full_name, }
} r = client.post(
r = client.post( f"{settings.API_V1_STR}/users/signup",
f"{settings.API_V1_STR}/users/signup", json=data,
json=data, )
) assert r.status_code == 400
assert r.status_code == 400 assert r.json()["detail"] == "The user with this email already exists in the system"
assert (
r.json()["detail"]
== "The user with this email already exists in the system"
)
def test_update_user( def test_update_user(

1
deployment.md
View File

@@ -133,7 +133,6 @@ You can set several variables, like:
* `SECRET_KEY`: The secret key for the FastAPI project, used to sign tokens. * `SECRET_KEY`: The secret key for the FastAPI project, used to sign tokens.
* `FIRST_SUPERUSER`: The email of the first superuser, this superuser will be the one that can create new users. * `FIRST_SUPERUSER`: The email of the first superuser, this superuser will be the one that can create new users.
* `FIRST_SUPERUSER_PASSWORD`: The password of the first superuser. * `FIRST_SUPERUSER_PASSWORD`: The password of the first superuser.
* `USERS_OPEN_REGISTRATION`: Whether to allow open registration of new users.
* `SMTP_HOST`: The SMTP server host to send emails, this would come from your email provider (E.g. Mailgun, Sparkpost, Sendgrid, etc). * `SMTP_HOST`: The SMTP server host to send emails, this would come from your email provider (E.g. Mailgun, Sparkpost, Sendgrid, etc).
* `SMTP_USER`: The SMTP server user to send emails. * `SMTP_USER`: The SMTP server user to send emails.
* `SMTP_PASSWORD`: The SMTP server password to send emails. * `SMTP_PASSWORD`: The SMTP server password to send emails.

1
docker-compose.yml
View File

@@ -52,7 +52,6 @@ services:
- SECRET_KEY=${SECRET_KEY?Variable not set} - SECRET_KEY=${SECRET_KEY?Variable not set}
- FIRST_SUPERUSER=${FIRST_SUPERUSER?Variable not set} - FIRST_SUPERUSER=${FIRST_SUPERUSER?Variable not set}
- FIRST_SUPERUSER_PASSWORD=${FIRST_SUPERUSER_PASSWORD?Variable not set} - FIRST_SUPERUSER_PASSWORD=${FIRST_SUPERUSER_PASSWORD?Variable not set}
- USERS_OPEN_REGISTRATION=${USERS_OPEN_REGISTRATION}
- SMTP_HOST=${SMTP_HOST} - SMTP_HOST=${SMTP_HOST}
- SMTP_USER=${SMTP_USER} - SMTP_USER=${SMTP_USER}
- SMTP_PASSWORD=${SMTP_PASSWORD} - SMTP_PASSWORD=${SMTP_PASSWORD}