0.3 #146

Merged
edraft merged 359 commits from 0.3 into master 2023-01-12 07:04:40 +01:00
10 changed files with 145 additions and 52 deletions
Showing only changes of commit e0844a7f92 - Show all commits

View File

@ -4,6 +4,7 @@ from cpl_core.dependency_injection import ServiceCollectionABC
from cpl_core.environment import ApplicationEnvironmentABC
from bot_data.abc.migration_abc import MigrationABC
from bot_data.migration.api_migration import ApiMigration
from bot_data.migration.auto_role_migration import AutoRoleMigration
from bot_data.migration.initial_migration import InitialMigration
from bot_data.service.migration_service import MigrationService
@ -21,3 +22,4 @@ class StartupMigrationExtension(StartupExtensionABC):
services.add_transient(MigrationService)
services.add_transient(MigrationABC, InitialMigration)
services.add_transient(MigrationABC, AutoRoleMigration) # 03.10.2022 #54 - 0.2.2
services.add_transient(MigrationABC, ApiMigration) # 15.10.2022 #70 - 0.3.0

View File

@ -1,13 +1,16 @@
import json
import sys
import uuid
from functools import partial
from blinker import Namespace
from cpl_core.dependency_injection import ServiceProviderABC
from flask import Flask, request
from flask import Flask, request, jsonify, Response, make_response
from flask_cors import CORS
from bot_api.configuration.api_settings import ApiSettings
from bot_api.exception.service_exception import ServiceException
from bot_api.logging.api_logger import ApiLogger
from bot_api.model.error_dto import ErrorDTO
from bot_api.route.route import Route
@ -33,8 +36,8 @@ class Api(Flask):
# register before request
self.before_request_funcs.setdefault(None, []).append(self.before_request)
my_signals = Namespace()
notify = my_signals.signal('notify')
exc_class, code = self._get_exc_class_and_code(Exception)
self.error_handler_spec[None][code][exc_class] = self.handle_exception
def _register_routes(self):
for path, f in Route.registered_routes.items():
@ -50,6 +53,21 @@ class Api(Flask):
partial_f.__name__ = route.__name__
self.route(path, **kwargs)(partial_f)
def handle_exception(self, e: Exception):
self._logger.error(__name__, f'Caught error', e)
if isinstance(e, ServiceException):
ex: ServiceException = e
self._logger.error(__name__, ex.get_detailed_message())
error = ErrorDTO(ex.error_code, ex.message)
return jsonify(error.to_dict()), 500
else:
tracking_id = uuid.uuid4()
user_message = f'Tracking Id: {tracking_id}'
self._logger.error(__name__, user_message, e)
error = ErrorDTO(None, user_message)
return jsonify(error.to_dict()), 400
def before_request(self, *args, **kwargs):
self._logger.debug(__name__, f'Received GET @{request.url}')
headers = str(request.headers).replace("\n", "\n\t")

View File

View File

@ -0,0 +1,19 @@
from enum import Enum
class ServiceErrorCode(Enum):
Unknown = 0
InvalidDependencies = 1
InvalidData = 2
NotFound = 3
DataAlreadyExists = 4
UnableToAdd = 5
UnableToDelete = 6
InvalidUser = 7
ConnectionFailed = 8
Timeout = 9
MailError = 10

View File

@ -0,0 +1,13 @@
from bot_api.exception.service_error_code_enum import ServiceErrorCode
class ServiceException(Exception):
def __init__(self, error_code: ServiceErrorCode, message: str, *args):
Exception.__init__(self, *args)
self.error_code = error_code
self.message = message
def get_detailed_message(self) -> str:
return f'ServiceException - ErrorCode: {self.error_code} - ErrorMessage: {self.message}'

View File

@ -0,0 +1,34 @@
import traceback
from typing import Optional
from cpl_core.console import Console
from bot_api.abc.dto_abc import DtoABC
from bot_api.exception.service_error_code_enum import ServiceErrorCode
class ErrorDTO(DtoABC):
def __init__(self, error_code: Optional[ServiceErrorCode], message: str):
DtoABC.__init__(self)
self._error_code = ServiceErrorCode.Unknown if error_code is None else error_code
self._message = message
@property
def error_code(self) -> ServiceErrorCode:
return self._error_code
@property
def message(self) -> str:
return self._message
def from_dict(self, values: dict):
self._error_code = values['ErrorCode']
self._message = values['Message']
def to_dict(self) -> dict:
return {
'ErrorCode': int(self._error_code.value),
'Message': self._message
}

View File

@ -1,3 +1,6 @@
from flask_cors import cross_origin
class Route:
registered_routes = {}
@ -5,6 +8,7 @@ class Route:
def route(cls, path=None, **kwargs):
# simple decorator for class based views
def inner(fn):
cross_origin(fn)
cls.registered_routes[path] = (fn, kwargs)
return fn

View File

@ -13,6 +13,8 @@ from cpl_translation import TranslatePipe
from bot_api.abc.auth_service_abc import AuthServiceABC
from bot_api.configuration.authentication_settings import AuthenticationSettings
from bot_api.configuration.frontend_settings import FrontendSettings
from bot_api.exception.service_error_code_enum import ServiceErrorCode
from bot_api.exception.service_exception import ServiceException
from bot_api.filter.auth_user_select_criteria import AuthUserSelectCriteria
from bot_api.logging.api_logger import ApiLogger
from bot_api.model.auth_user_dto import AuthUserDTO
@ -131,7 +133,7 @@ class AuthService(AuthServiceABC):
return user
except Exception as e:
self._logger.error(__name__, f'AuthUser not found', e)
raise Exception(f'User not found {email}')
raise ServiceException(ServiceErrorCode.InvalidData, f'User not found {email}')
async def find_auth_user_by_email_async(self, email: str) -> Optional[AuthUser]:
user = self._auth_users.find_auth_user_by_email(email)
@ -140,12 +142,12 @@ class AuthService(AuthServiceABC):
async def add_auth_user_async(self, user_dto: AuthUserDTO):
db_user = self._auth_users.find_auth_user_by_email(user_dto.email)
if db_user is not None:
raise Exception('User already exists')
raise ServiceException(ServiceErrorCode.InvalidUser, 'User already exists')
user_dto.password = self._hash_sha256(user_dto.password)
user = AUT.to_db(user_dto)
if not self._is_email_valid(user.email):
raise Exception('Invalid E-Mail address')
raise ServiceException(ServiceErrorCode.InvalidData, 'Invalid E-Mail address')
try:
user.confirmation_id = uuid.uuid4()
@ -155,26 +157,27 @@ class AuthService(AuthServiceABC):
self._logger.info(__name__, f'Added auth user with E-Mail: {user_dto.email}')
except Exception as e:
self._logger.error(__name__, f'Cannot add user with E-Mal {user_dto.email}', e)
raise ServiceException(ServiceErrorCode.UnableToAdd, "Invalid E-Mail")
async def update_user_async(self, update_user_dto: UpdateAuthUserDTO):
if update_user_dto is None:
raise Exception(f'User is empty')
raise ServiceException(ServiceErrorCode.InvalidData, f'User is empty')
if update_user_dto.auth_user is None:
raise Exception(f'Existing user is empty')
raise ServiceException(ServiceErrorCode.InvalidData, f'Existing user is empty')
if update_user_dto.new_auth_user is None:
raise Exception(f'New user is empty')
raise ServiceException(ServiceErrorCode.InvalidData, f'New user is empty')
if not self._is_email_valid(update_user_dto.auth_user.email) or not self._is_email_valid(update_user_dto.new_auth_user.email):
raise Exception(f'Invalid E-Mail')
raise ServiceException(ServiceErrorCode.InvalidData, f'Invalid E-Mail')
user = self._auth_users.find_auth_user_by_email(update_user_dto.auth_user.email)
if user is None:
raise Exception('User not found')
raise ServiceException(ServiceErrorCode.InvalidUser, 'User not found')
if user.confirmation_id is not None:
raise Exception('E-Mail not confirmed')
raise ServiceException(ServiceErrorCode.InvalidUser, 'E-Mail not confirmed')
# update first name
if update_user_dto.new_auth_user.first_name is not None and update_user_dto.auth_user.first_name != update_user_dto.new_auth_user.first_name:
@ -189,7 +192,7 @@ class AuthService(AuthServiceABC):
if update_user_dto.new_auth_user.email is not None and update_user_dto.new_auth_user.email != '' and update_user_dto.auth_user.email != update_user_dto.new_auth_user.email:
user_by_new_e_mail = self._auth_users.find_auth_user_by_email(update_user_dto.new_auth_user.email)
if user_by_new_e_mail is not None:
raise Exception('User already exists')
raise ServiceException(ServiceErrorCode.InvalidUser, 'User already exists')
user.email = update_user_dto.new_auth_user.email
is_existing_password_set = False
@ -200,7 +203,7 @@ class AuthService(AuthServiceABC):
update_user_dto.auth_user.Password = self._hash_sha256(update_user_dto.auth_user.Password)
if update_user_dto.auth_user.Password != user.Password:
raise Exception('Wrong password')
raise ServiceException(ServiceErrorCode.InvalidUser, 'Wrong password')
if update_user_dto.new_auth_user.Password is not None and update_user_dto.new_auth_user.Password != '':
is_new_password_set = True
@ -214,27 +217,27 @@ class AuthService(AuthServiceABC):
async def update_user_as_admin_async(self, update_user_dto: UpdateAuthUserDTO):
if update_user_dto is None:
raise Exception(f'User is empty')
raise ServiceException(ServiceErrorCode.InvalidData, f'User is empty')
if update_user_dto.auth_user is None:
raise Exception(f'Existing user is empty')
raise ServiceException(ServiceErrorCode.InvalidData, f'Existing user is empty')
if update_user_dto.new_auth_user is None:
raise Exception(f'New user is empty')
raise ServiceException(ServiceErrorCode.InvalidData, f'New user is empty')
if not self._is_email_valid(update_user_dto.auth_user.email) or not self._is_email_valid(update_user_dto.new_auth_user.email):
raise Exception(f'Invalid E-Mail')
raise ServiceException(ServiceErrorCode.InvalidData, f'Invalid E-Mail')
user = self._auth_users.find_auth_user_by_email(update_user_dto.auth_user.email)
if user is None:
raise Exception('User not found')
raise ServiceException(ServiceErrorCode.InvalidUser, 'User not found')
if user.ConfirmationId is not None and update_user_dto.new_auth_user.is_confirmed:
user.ConfirmationId = None
elif user.ConfirmationId is None and not update_user_dto.new_auth_user.is_confirmed:
user.confirmation_id = uuid.uuid4()
# else
# raise Exception(ServiceErrorCode.InvalidUser, 'E-Mail not confirmed')
# raise ServiceException(ServiceErrorCode.InvalidUser, 'E-Mail not confirmed')
# update first name
if update_user_dto.new_auth_user.first_name is not None and update_user_dto.auth_user.first_name != update_user_dto.new_auth_user.first_name:
@ -248,7 +251,7 @@ class AuthService(AuthServiceABC):
if update_user_dto.new_auth_user.email is not None and update_user_dto.new_auth_user.email != '' and update_user_dto.auth_user.email != update_user_dto.new_auth_user.email:
user_by_new_e_mail = self._auth_users.find_auth_user_by_email(update_user_dto.new_auth_user.email)
if user_by_new_e_mail is not None:
raise Exception('User already exists')
raise ServiceException(ServiceErrorCode.InvalidUser, 'User already exists')
user.EMail = update_user_dto.new_auth_user.email
# update password
@ -268,7 +271,7 @@ class AuthService(AuthServiceABC):
self._db.save_changes()
except Exception as e:
self._logger.error(__name__, f'Cannot delete user', e)
raise Exception(f'Cannot delete user by mail {email}')
raise ServiceException(ServiceErrorCode.UnableToDelete, f'Cannot delete user by mail {email}')
async def delete_auth_user_async(self, user_dto: AuthUserDTO):
try:
@ -276,21 +279,21 @@ class AuthService(AuthServiceABC):
self._db.save_changes()
except Exception as e:
self._logger.error(__name__, f'Cannot delete user', e)
raise Exception(f'Cannot delete user by mail {user_dto.email}')
raise ServiceException(ServiceErrorCode.UnableToDelete, f'Cannot delete user by mail {user_dto.email}')
async def login_async(self, user_dto: AuthUserDTO) -> TokenDTO:
if user_dto is None:
raise Exception('User not set')
raise ServiceException(ServiceErrorCode.InvalidData, 'User not set')
db_user = self._auth_users.find_auth_user_by_email(user_dto.email)
if db_user is None:
raise Exception(f'User with E-Mail {user_dto.email} not found')
raise ServiceException(ServiceErrorCode.InvalidUser, f'User not found')
user_dto.password = self._hash_sha256(user_dto.password)
if db_user.password != user_dto.password:
raise Exception('Wrong password')
raise ServiceException(ServiceErrorCode.InvalidUser, 'Wrong password')
token = self._generate_token(user_dto)
token = self._generate_token(db_user)
refresh_token = self._create_and_save_refresh_token(db_user)
if db_user.forgot_password_id is not None:
db_user.forgot_password_id = None
@ -300,16 +303,16 @@ class AuthService(AuthServiceABC):
async def refresh_async(self, token_dto: TokenDTO) -> TokenDTO:
if token_dto is None:
raise Exception(f'Token not set')
raise ServiceException(ServiceErrorCode.InvalidData, f'Token not set')
token = jwt.decode(token_dto.token, key=self._auth_settings.secret_key)
if token is None or 'email' not in token:
raise Exception('Token invalid')
raise ServiceException(ServiceErrorCode.InvalidData, 'Token invalid')
try:
user = self._auth_users.get_auth_user_by_email(token)
if user is None or user.refresh_token != token_dto.refresh_token or user.refresh_token_expire_time <= datetime.now():
raise Exception('Token expired')
raise ServiceException(ServiceErrorCode.InvalidData, 'Token expired')
return TokenDTO(self._generate_token(user), self._create_and_save_refresh_token(user))
except Exception as e:
@ -318,13 +321,13 @@ class AuthService(AuthServiceABC):
async def revoke_async(self, token_dto: TokenDTO):
if token_dto is None or token_dto.token is None or token_dto.refresh_token is None:
raise Exception('Token not set')
raise ServiceException(ServiceErrorCode.InvalidData, 'Token not set')
token = jwt.decode(token_dto.token, key=self._auth_settings.secret_key)
try:
user = self._auth_users.get_auth_user_by_email(token)
if user is None or user.refresh_token != token_dto.refresh_token or user.refresh_token_expire_time <= datetime.now():
raise Exception('Token expired')
raise ServiceException(ServiceErrorCode.InvalidData, 'Token expired')
user.refresh_token = None
self._auth_users.update_auth_user(user)
@ -359,13 +362,13 @@ class AuthService(AuthServiceABC):
async def reset_password_async(self, rp_dto: ResetPasswordDTO):
user = self._auth_users.find_auth_user_by_forgot_password_id(rp_dto.id)
if user is None:
raise Exception(f'User by forgot password id {rp_dto.id} not found')
raise ServiceException(ServiceErrorCode.InvalidUser, f'User by forgot password id {rp_dto.id} not found')
if user.confirmation_id is not None:
raise Exception(f'E-Mail not confirmed')
raise ServiceException(ServiceErrorCode.InvalidUser, f'E-Mail not confirmed')
if user.password is None or rp_dto.password == '':
raise Exception(f'Password not set')
raise ServiceException(ServiceErrorCode.InvalidData, f'Password not set')
user.password = self._hash_sha256(rp_dto.password)
self._db.save_changes()

View File

@ -27,9 +27,9 @@ class ApiMigration(MigrationABC):
`ConfirmationId` varchar(255) DEFAULT NULL,
`ForgotPasswordId` varchar(255) DEFAULT NULL,
`RefreshTokenExpiryTime` datetime(6) NOT NULL,
`AuthRole` int NOT NULL DEFAULT '0'
`AuthRole` int NOT NULL DEFAULT '0',
`CreatedOn` datetime(6) NOT NULL,
`LastModifiedOn` datetime(6) NOT NULL,
`LastModifiedOn` datetime(6) NOT NULL
)
""")
)

View File

@ -132,21 +132,21 @@ class AuthUser(TableABC):
def get_select_by_email_string(email: str) -> str:
return str(f"""
SELECT * FROM `AuthUsers`
WHERE `EMail` = {email};
WHERE `EMail` = '{email}';
""")
@staticmethod
def get_select_by_confirmation_id_string(id: str) -> str:
return str(f"""
SELECT * FROM `AuthUsers`
WHERE `ConfirmationId` = {id};
WHERE `ConfirmationId` = '{id}';
""")
@staticmethod
def get_select_by_forgot_password_i_string(id: str) -> str:
return str(f"""
SELECT * FROM `AuthUsers`
WHERE `ForgotPasswordId` = {id};
WHERE `ForgotPasswordId` = '{id}';
""")
@property
@ -167,17 +167,17 @@ class AuthUser(TableABC):
`LastModifiedOn`
) VALUES (
{self._auth_user_id},
{self._first_name},
{self._last_name},
{self._email},
{self._password},
{self._refresh_token},
{self._confirmation_id},
{self._forgot_password_id},
{self._refresh_token_expire_time},
{self._auth_role_id.value}
{self._created_at},
{self._modified_at}
'{self._first_name}',
'{self._last_name}',
'{self._email}',
'{self._password}',
'{self._refresh_token}',
'{self._confirmation_id}',
'{self._forgot_password_id}',
'{self._refresh_token_expire_time}',
{self._auth_role_id.value},
'{self._created_at}',
'{self._modified_at}'
)
""")