Compare commits
2 Commits
472cb654d8
...
994b400221
| Author | SHA1 | Date |
|---|---|---|
k1nq
|
994b400221 | |
|
k1nq
|
00addb971f |
|
|
@ -27,7 +27,6 @@ from app.services.organization_service import (
|
|||
OrganizationService,
|
||||
)
|
||||
from app.services.task_service import TaskService
|
||||
from app.services.user_service import UserService
|
||||
|
||||
oauth2_scheme = OAuth2PasswordBearer(tokenUrl=f"{settings.api_v1_prefix}/auth/token")
|
||||
|
||||
|
|
@ -66,10 +65,6 @@ def get_deal_service(repo: DealRepository = Depends(get_deal_repository)) -> Dea
|
|||
return DealService(repository=repo)
|
||||
|
||||
|
||||
def get_user_service(repo: UserRepository = Depends(get_user_repository)) -> UserService:
|
||||
return UserService(user_repository=repo, password_hasher=password_hasher)
|
||||
|
||||
|
||||
def get_auth_service(
|
||||
repo: UserRepository = Depends(get_user_repository),
|
||||
) -> AuthService:
|
||||
|
|
|
|||
|
|
@ -9,13 +9,11 @@ from app.api.v1 import (
|
|||
deals,
|
||||
organizations,
|
||||
tasks,
|
||||
users,
|
||||
)
|
||||
from app.core.config import settings
|
||||
|
||||
api_router = APIRouter()
|
||||
api_router.include_router(auth.router, prefix=settings.api_v1_prefix)
|
||||
api_router.include_router(users.router, prefix=settings.api_v1_prefix)
|
||||
api_router.include_router(organizations.router, prefix=settings.api_v1_prefix)
|
||||
api_router.include_router(contacts.router, prefix=settings.api_v1_prefix)
|
||||
api_router.include_router(deals.router, prefix=settings.api_v1_prefix)
|
||||
|
|
|
|||
|
|
@ -7,7 +7,6 @@ from . import (
|
|||
deals,
|
||||
organizations,
|
||||
tasks,
|
||||
users,
|
||||
)
|
||||
|
||||
__all__ = [
|
||||
|
|
@ -18,5 +17,4 @@ __all__ = [
|
|||
"deals",
|
||||
"organizations",
|
||||
"tasks",
|
||||
"users",
|
||||
]
|
||||
|
|
|
|||
|
|
@ -1,37 +0,0 @@
|
|||
"""User API endpoints."""
|
||||
from __future__ import annotations
|
||||
|
||||
from fastapi import APIRouter, Depends, HTTPException, status
|
||||
|
||||
from app.api.deps import get_user_service
|
||||
from app.models.user import UserCreate, UserRead
|
||||
from app.services.user_service import UserAlreadyExistsError, UserNotFoundError, UserService
|
||||
|
||||
router = APIRouter(prefix="/users", tags=["users"])
|
||||
|
||||
|
||||
@router.get("/", response_model=list[UserRead])
|
||||
async def list_users(service: UserService = Depends(get_user_service)) -> list[UserRead]:
|
||||
users = await service.list_users()
|
||||
return [UserRead.model_validate(user) for user in users]
|
||||
|
||||
|
||||
@router.post("/", response_model=UserRead, status_code=status.HTTP_201_CREATED)
|
||||
async def create_user(
|
||||
user_in: UserCreate,
|
||||
service: UserService = Depends(get_user_service),
|
||||
) -> UserRead:
|
||||
try:
|
||||
user = await service.create_user(user_in)
|
||||
except UserAlreadyExistsError as exc: # pragma: no cover - thin API layer
|
||||
raise HTTPException(status_code=status.HTTP_409_CONFLICT, detail=str(exc)) from exc
|
||||
return UserRead.model_validate(user)
|
||||
|
||||
|
||||
@router.get("/{user_id}", response_model=UserRead)
|
||||
async def get_user(user_id: int, service: UserService = Depends(get_user_service)) -> UserRead:
|
||||
try:
|
||||
user = await service.get_user(user_id)
|
||||
except UserNotFoundError as exc: # pragma: no cover - thin API layer
|
||||
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail=str(exc)) from exc
|
||||
return UserRead.model_validate(user)
|
||||
|
|
@ -14,7 +14,7 @@ class PasswordHasher:
|
|||
"""Wraps passlib context to hash and verify secrets."""
|
||||
|
||||
def __init__(self) -> None:
|
||||
self._context = CryptContext(schemes=["bcrypt"], deprecated="auto")
|
||||
self._context = CryptContext(schemes=["pbkdf2_sha256"], deprecated="auto")
|
||||
|
||||
def hash(self, password: str) -> str:
|
||||
return self._context.hash(password)
|
||||
|
|
|
|||
|
|
@ -23,4 +23,3 @@ from .task_service import ( # noqa: F401
|
|||
TaskServiceError,
|
||||
TaskUpdateData,
|
||||
)
|
||||
from .user_service import UserService # noqa: F401
|
||||
|
|
@ -1,48 +0,0 @@
|
|||
"""User-related business logic."""
|
||||
from __future__ import annotations
|
||||
|
||||
from collections.abc import Sequence
|
||||
|
||||
from app.core.security import PasswordHasher
|
||||
from app.models.user import User, UserCreate
|
||||
from app.repositories.user_repo import UserRepository
|
||||
|
||||
|
||||
class UserServiceError(Exception):
|
||||
"""Base class for user service errors."""
|
||||
|
||||
|
||||
class UserAlreadyExistsError(UserServiceError):
|
||||
"""Raised when attempting to create a user with duplicate email."""
|
||||
|
||||
|
||||
class UserNotFoundError(UserServiceError):
|
||||
"""Raised when user record cannot be located."""
|
||||
|
||||
|
||||
class UserService:
|
||||
"""Encapsulates user-related workflows."""
|
||||
|
||||
def __init__(self, user_repository: UserRepository, password_hasher: PasswordHasher) -> None:
|
||||
self._repository = user_repository
|
||||
self._password_hasher = password_hasher
|
||||
|
||||
async def list_users(self) -> Sequence[User]:
|
||||
return await self._repository.list()
|
||||
|
||||
async def get_user(self, user_id: int) -> User:
|
||||
user = await self._repository.get_by_id(user_id)
|
||||
if user is None:
|
||||
raise UserNotFoundError(f"User {user_id} not found")
|
||||
return user
|
||||
|
||||
async def create_user(self, data: UserCreate) -> User:
|
||||
existing = await self._repository.get_by_email(data.email)
|
||||
if existing is not None:
|
||||
raise UserAlreadyExistsError(f"User {data.email} already exists")
|
||||
|
||||
hashed_password = self._password_hasher.hash(data.password)
|
||||
user = await self._repository.create(data=data, hashed_password=hashed_password)
|
||||
await self._repository.session.commit()
|
||||
await self._repository.session.refresh(user)
|
||||
return user
|
||||
|
|
@ -1,88 +0,0 @@
|
|||
"""API tests for user endpoints."""
|
||||
from __future__ import annotations
|
||||
|
||||
import pytest
|
||||
from httpx import AsyncClient
|
||||
from sqlalchemy.ext.asyncio import AsyncSession, async_sessionmaker
|
||||
|
||||
from app.core.security import password_hasher
|
||||
from app.models.user import User
|
||||
|
||||
|
||||
async def _seed_user(
|
||||
session_factory: async_sessionmaker[AsyncSession],
|
||||
*,
|
||||
email: str,
|
||||
name: str,
|
||||
) -> int:
|
||||
async with session_factory() as session:
|
||||
user = User(
|
||||
email=email,
|
||||
hashed_password=password_hasher.hash("SeedPass123!"),
|
||||
name=name,
|
||||
is_active=True,
|
||||
)
|
||||
session.add(user)
|
||||
await session.commit()
|
||||
return user.id
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_create_user_endpoint_persists_user(
|
||||
session_factory: async_sessionmaker[AsyncSession],
|
||||
client: AsyncClient,
|
||||
) -> None:
|
||||
payload = {
|
||||
"email": "api-user@example.com",
|
||||
"name": "API User",
|
||||
"password": "UserPass123!",
|
||||
}
|
||||
|
||||
response = await client.post("/api/v1/users/", json=payload)
|
||||
|
||||
assert response.status_code == 201
|
||||
body = response.json()
|
||||
assert body["email"] == payload["email"]
|
||||
|
||||
async with session_factory() as session:
|
||||
user = await session.get(User, body["id"])
|
||||
assert user is not None
|
||||
assert user.email == payload["email"]
|
||||
assert user.hashed_password != payload["password"]
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_list_users_endpoint_returns_existing_users(
|
||||
session_factory: async_sessionmaker[AsyncSession],
|
||||
client: AsyncClient,
|
||||
) -> None:
|
||||
await _seed_user(session_factory, email="list-a@example.com", name="List A")
|
||||
await _seed_user(session_factory, email="list-b@example.com", name="List B")
|
||||
|
||||
response = await client.get("/api/v1/users/")
|
||||
|
||||
assert response.status_code == 200
|
||||
data = response.json()
|
||||
emails = {item["email"] for item in data}
|
||||
assert {"list-a@example.com", "list-b@example.com"}.issubset(emails)
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_get_user_endpoint_returns_single_user(
|
||||
session_factory: async_sessionmaker[AsyncSession],
|
||||
client: AsyncClient,
|
||||
) -> None:
|
||||
user_id = await _seed_user(session_factory, email="detail@example.com", name="Detail User")
|
||||
|
||||
response = await client.get(f"/api/v1/users/{user_id}")
|
||||
|
||||
assert response.status_code == 200
|
||||
payload = response.json()
|
||||
assert payload["id"] == user_id
|
||||
assert payload["email"] == "detail@example.com"
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_get_user_endpoint_returns_404_for_missing_user(client: AsyncClient) -> None:
|
||||
response = await client.get("/api/v1/users/999")
|
||||
assert response.status_code == 404
|
||||
Loading…
Reference in New Issue