Skip to content

User refactor + remove fastapi_users dependency + update fastapi #1290

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 50 commits into from
Oct 18, 2023
Merged

User refactor + remove fastapi_users dependency + update fastapi #1290

merged 50 commits into from
Oct 18, 2023

Conversation

ikreymer
Copy link
Member

@ikreymer ikreymer commented Oct 16, 2023
edited
Loading

Fixes #1050

Major refactor of the user/auth system to remove fastapi_users dependency. Refactors users.py to be standalone
and adds new auth.py module for handling auth. UserManager now works similar to other ops classes.
Also includes:

Branch based off #1272 work, and may supersede it fully.

The auth should be fully backwards compatible with fastapi_users auth, including accepting previous JWT tokens w/o having to re-login. The User data model in mongodb is also unchanged.

API changes:

  • Removing theGET, PATCH, DELETE /users/<id> endpoints, which were not in used before, as users are scoped to orgs. For deletion, probably auto-delete when user is removed from last org (to be implemented).
  • Rename /users/me-with-orgs is renamed to just /users/me/

tw4l and others added 30 commits October 11, 2023 13:47
@tw4l @SuaYoo
Modify PATCH /users/me to require current password
99879f1 
Implements a forked custom user router to make the change, since
overriding fastapi endpoints is not straightforward.
@tw4l @SuaYoo
Fix linting
f54a906
@tw4l @SuaYoo
Another try at fixing linting issues
2f404f3
@tw4l @SuaYoo
Aaand fix linting for real
5a8028b
@tw4l @SuaYoo
Instruct mypy to ignore type for user_manager.update
01993f0
@tw4l @SuaYoo
Ignore long lines
9035b3e
@tw4l @SuaYoo
Update with new endpoint
c911e1d
@SuaYoo
remove auth check
3c78f8f
@tw4l
Fixups
7c9824e
@tw4l
Add mypy ignore
b7d8cb7
@tw4l
Require user email in /me/password-change body
382f9cd
@tw4l
Update password tests
b1d5dfd
@tw4l
Update test_users:test_reset_password_invalid_current
72782a3
@tw4l
Try verifying plaintext against user's stored hash
86f05a1
@ikreymer
backend: remove unsafe PATCH routes, remove router override
466c12e 
update model to contain 'password' and 'newPassword'
frontend: match model
@ikreymer
rename /users/me-with-orgs to /users/me
0ed710b 
update tests
@ikreymer
remove unused model
77e4f9f
@ikreymer
remove get_users_router() altogether
b47f220
@ikreymer
tests: use latest crawler, lower resource usage
3529fd6
@ikreymer
remove fastap_users register, reset, verify routers, replace with loc…
287e09a 
…al routes
@ikreymer
remove fastapi_users auth, replace with fastapi OAuth2 jwt token crea…
e946075 
…tion + decoding

move auth functionality to auth.py
@ikreymer
unify password auth functions
7645cfa
@ikreymer
full removal first pass
f2cc836 
- move relevant functions from fastapi_user manager to users
- update modules
- remove fastapi_users, update to latest fastapi!
- still more cleanup needed, simplification where possible
@ikreymer
update reqs
c4c712a
@ikreymer
add missing file
262f0cb
@ikreymer
fix req
4250fc7
@ikreymer
additional type fixes for latest pydantic, update reqs
5f34b2c
@ikreymer
refactoring work:
746e3da 
- keep pydantic at 1.x for now (made some model changes that are forward compatible with 2.0)
- ensure users uses _id not id similar to all other objects (will need migration)
- remove userdb, move db functions into users
- remove generic _update, add update_verified, update_password, update_email
- webhooks: add webhooks for openapi!
@ikreymer
additional type fixes:
78d9e2d 
- remove references to 'user_db'
- unify 'get_id' / 'get_user_by_id' to just 'get_by_id'
- fix 'id' -> '_id' reference
@ikreymer
add update_invites
1bcfc9b
@ikreymer
update test
9331d06
@ikreymer
test fixes
4ad4986
@ikreymer
cleanup, update response models for auth
14b8352
@ikreymer
api function name tweaks
e05693f
@ikreymer
return UserOut model from register also
378e6f3 
remove is_active from model, check for 'id' on frontend instead of unused 'is_active'
@ikreymer
cleanup
e8c20b6
@ikreymer
cleanup:
1e46eea 
- error code pass: use more consistent lowercase errors, remove old fastapi_users error code
- use 'user_already_exists' and 'invalid_password' for dupe user and invalid password errors
- update frontend error codes checking
- rename self.collection -> self.users in UserManager
@ikreymer
users model: don't switch to '_id' for id, key 'id' key for backwards…
447c3af 
… compatibility
@ikreymer
auth: add audience to jwt tokens, accept audience from fastapi_users …
6f1ec8b 
…for backwards compatibility
@ikreymer ikreymer mentioned this pull request Oct 16, 2023
Merged
@ikreymer ikreymer marked this pull request as ready for review October 17, 2023 05:02
@ikreymer ikreymer requested a review from tw4l October 17, 2023 05:03
tw4l
tw4l reviewed Oct 17, 2023
View reviewed changes
Copy link
Member

@tw4l tw4l left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Initial comments, testing locally now

@tw4l tw4l mentioned this pull request Oct 17, 2023
Closed
@tw4l
Copy link
Member

tw4l commented Oct 17, 2023

Manually tested:

  • Changing user password via forgot password link
  • Chaning user name, email, and password via account settings
  • Changing user roles in org via org settings
  • Log in and log out
  • Usernames set correctly on crawls and workflows after creating and deleting crawls

Aside from the comment about using auth.verify_password(), this is looking good to me!

@tw4l
Copy link
Member

tw4l commented Oct 17, 2023
edited
Loading

I am seeing an error trying to render the API docs:

Screen Shot 2023-10-17 at 4 21 12 PM

Console error:

Screen Shot 2023-10-17 at 4 21 24 PM

Update: seeing this as an issue on Chromium Version 92.0.4515.131 (Official Build, ungoogled-chromium) (arm64) on macOS. In Chrome Version 118.0.5993.70 (Official Build) (arm64), Firefox Version 118.0.5993.70 (Official Build) (arm64), and Safari Version 16.5 (17615.2.9.11.6, 17615) it works fine.

Might just be due to the older Chromium version? Going to say this is definitely not a blocker given it's only happening in one older browser and not any of the up-to-date mainstream browsers.

@ikreymer
fixes from code review:
c052f93 
- fix doc strings
- add user.update_invites() when removing an invite
- fix logic for printing when superuser password has changed
@ikreymer
Merge branch 'main' into remove_fastapi_users
f10dbdd
@ikreymer
add 'slug' to UserOrgInfoOut
cb3ee1d
@tw4l tw4l mentioned this pull request Oct 18, 2023
Merged
@ikreymer ikreymer merged commit 9a2787f into main Oct 18, 2023
@ikreymer ikreymer deleted the remove_fastapi_users branch October 18, 2023 17:49
@ikreymer ikreymer mentioned this pull request Oct 18, 2023
Closed
ikreymer added a commit that referenced this pull request Oct 27, 2023
@ikreymer
users: add case-insensitive index to maintain backwards compatibility…
4b4676a 
… with fastapi-users

follow up to #1290
@ikreymer ikreymer mentioned this pull request Oct 27, 2023
Merged
ikreymer added a commit that referenced this pull request Oct 27, 2023
@ikreymer
users: add case-insensitive index to maintain backwards compatibility…
c1d3bed 
… with fastapi-users (#1319)

follow up to #1290

Based on implementation in:
https://github.com/fastapi-users/fastapi-users-db-mongodb/blob/main/fastapi_users_db_mongodb/__init__.py
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tw4l tw4l tw4l approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Update FastAPI to latest - requires updating or removing fastapi-users dependency
3 participants
@ikreymer @tw4l @SuaYoo