cartsnitch/api
12
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: cartsnitch/api:betty/fix-lint-errors
Branches Tags
cartsnitch/api:main cartsnitch/api:dev cartsnitch/api:uat cartsnitch/api:betty/car-1362-cache-remove-uat cartsnitch/api:betty/car-1362-push-unknown-fix cartsnitch/api:betty/car-1362-remove-gha-cache-dev cartsnitch/api:betty/car-1330-buildpush-registry-token-dev cartsnitch/api:betty/car-1330-buildpush-registry-token-uat cartsnitch/api:betty/car-1330-dev-ci-fix cartsnitch/api:betty/car-1340-uat-ci-fix cartsnitch/api:barcode-betty/fix-car-1135-dispose-engine cartsnitch/api:betty/car-1132-comprehensive-fix cartsnitch/api:promote/car1077-dev-uat cartsnitch/api:betty/fix-postgres-pool cartsnitch/api:betty/fix-sqlite-uuid-server-default cartsnitch/api:betty/fix-ci-test-failures-v2 cartsnitch/api:remove-deploy-dev-uat-jobs cartsnitch/api:betty/fix-ci-test-failures cartsnitch/api:barcode-betty/fix-lint-f402 cartsnitch/api:betty/fix-email-inbound-token-tests cartsnitch/api:barcode-betty/car-1004-fix-ruff-lint cartsnitch/api:betty/fix-lint-errors cartsnitch/api:fix/cart-995-gitea-registry-migration cartsnitch/api:fix-gitea-registry-migration cartsnitch/api:betty/car-995-gitea-registry cartsnitch/api:betty/car-932-dispose-import-v3 cartsnitch/api:barcode-betty/car-995-gitea-registry cartsnitch/api:betty/car-932-fix-dispose-engine cartsnitch/api:betty/car-964-gitea-registry-v2 cartsnitch/api:barcode-betty/gitea-registry cartsnitch/api:barcode-betty/fix-dispose-engine-import cartsnitch/api:savannah/fix-ci-uat-trigger cartsnitch/api:barcode-betty/fix-ci-uat-trigger cartsnitch/api:betty/car-869-gitea-actions-api cartsnitch/api:betty/car-723-final-review cartsnitch/api:betty/car-723-ci-workflow cartsnitch/api:feat/car-723-migrate-api-to-new-repo
..
pull from: cartsnitch/api:betty/fix-sqlite-uuid-server-default
Branches Tags
cartsnitch/api:dev cartsnitch/api:uat cartsnitch/api:betty/car-1362-cache-remove-uat cartsnitch/api:betty/car-1362-push-unknown-fix cartsnitch/api:betty/car-1362-remove-gha-cache-dev cartsnitch/api:betty/car-1330-buildpush-registry-token-dev cartsnitch/api:betty/car-1330-buildpush-registry-token-uat cartsnitch/api:betty/car-1330-dev-ci-fix cartsnitch/api:betty/car-1340-uat-ci-fix cartsnitch/api:barcode-betty/fix-car-1135-dispose-engine cartsnitch/api:betty/car-1132-comprehensive-fix cartsnitch/api:promote/car1077-dev-uat cartsnitch/api:betty/fix-postgres-pool cartsnitch/api:betty/fix-sqlite-uuid-server-default cartsnitch/api:betty/fix-ci-test-failures-v2 cartsnitch/api:remove-deploy-dev-uat-jobs cartsnitch/api:main cartsnitch/api:betty/fix-ci-test-failures cartsnitch/api:barcode-betty/fix-lint-f402 cartsnitch/api:betty/fix-email-inbound-token-tests cartsnitch/api:barcode-betty/car-1004-fix-ruff-lint cartsnitch/api:betty/fix-lint-errors cartsnitch/api:fix/cart-995-gitea-registry-migration cartsnitch/api:fix-gitea-registry-migration cartsnitch/api:betty/car-995-gitea-registry cartsnitch/api:betty/car-932-dispose-import-v3 cartsnitch/api:barcode-betty/car-995-gitea-registry cartsnitch/api:betty/car-932-fix-dispose-engine cartsnitch/api:betty/car-964-gitea-registry-v2 cartsnitch/api:barcode-betty/gitea-registry cartsnitch/api:barcode-betty/fix-dispose-engine-import cartsnitch/api:savannah/fix-ci-uat-trigger cartsnitch/api:barcode-betty/fix-ci-uat-trigger cartsnitch/api:betty/car-869-gitea-actions-api cartsnitch/api:betty/car-723-final-review cartsnitch/api:betty/car-723-ci-workflow cartsnitch/api:feat/car-723-migrate-api-to-new-repo

14 Commits
betty/fix-lint-errors .. betty/fix-sqlite-uuid-server-default

Author SHA1 Message Date
Flea Flicker 8c78fde48d Fix SQLite UUID and server_default incompatibilities in test fixtures
CI / lint (pull_request) Failing after 7s
Details
CI / typecheck (pull_request) Failing after 48s
Details
CI / test (pull_request) Failing after 1m35s
Details
CI / build-and-push (pull_request) Has been skipped
Details 
Adds SQLiteCompatibleUUID TypeDecorator and _StringUUID fallback to handle
PostgreSQL UUID and Text PK columns when using SQLite test database.

- SQLiteCompatibleUUID: converts uuid.UUID to CHAR(32) hex string for bind,
  returns uuid.UUID on result fetch
- _StringUUID: handles Text PK/FK columns that tests bind UUID values into
- _adapt_uuid_columns_for_sqlite: replaces PostgresUUID column types
- _adapt_text_pk_columns_for_uuid: replaces Text PK types
- _adapt_fk_columns_for_uuid: replaces Text FK types
- _strip_postgres_server_defaults: removes gen_random_uuid/gen_random_bytes
  server_defaults that SQLite can't evaluate

Updates test_encrypted_json.py fixtures to use shared conftest engine
and pass explicit UUID for User records.

Fixes CAR-1111.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-06-01 11:37:05 +00:00
Barcode Betty 84c143c4e7 Remove deploy-dev/deploy-uat CI jobs (CAR-1069) (#37)
CI / lint (push) Failing after 3s
Details
CI / typecheck (push) Failing after 19s
Details
CI / lint (pull_request) Failing after 4s
Details
CI / test (push) Failing after 30s
Details
CI / build-and-push (push) Has been skipped
Details
CI / typecheck (pull_request) Failing after 18s
Details
CI / test (pull_request) Failing after 29s
Details
CI / build-and-push (pull_request) Has been skipped
Details 
Co-authored-by: Barcode Betty <32+cs_betty@noreply.git.farh.net>
Co-committed-by: Barcode Betty <32+cs_betty@noreply.git.farh.net>
 2026-05-27 01:56:53 +00:00
Savannah Savings 1c42e4b0af Merge pull request 'Fix: strip PostgreSQL server_defaults from SQLite test fixtures' (#32) from betty/fix-email-inbound-token-tests into dev
CI / lint (push) Failing after 7s
Details
CI / typecheck (push) Failing after 17s
Details
CI / test (push) Failing after 18s
Details
CI / build-and-push (push) Has been skipped
Details
CI / deploy-uat (push) Has been skipped
Details
CI / deploy-dev (push) Failing after 25s
Details 
Merge PR #32: Fix SQLite server_default stripping for test fixtures
 2026-05-23 23:46:59 +00:00
Barcode Betty 6755ca8c27 Fix: strip PostgreSQL server_default from UUID + gen_random_bytes columns for SQLite tests
CI / lint (pull_request) Failing after 3s
Details
CI / typecheck (pull_request) Failing after 19s
Details
CI / test (pull_request) Failing after 16s
Details
CI / build-and-push (pull_request) Has been skipped
Details
CI / deploy-dev (pull_request) Has been skipped
Details
CI / deploy-uat (pull_request) Has been skipped
Details 
The sync engine fixture (engine) and async engine fixture (db_engine) now
iterate all Base.metadata tables and null server_default on any column
whose SQL text contains 'gen_random_uuid' or 'gen_random_bytes'. This
covers all UUIDPrimaryKeyMixin columns (Purchase, PurchaseItem, Store,
StoreLocation, Coupon, NormalizedProduct, PriceHistory,
ShrinkflationEvent, UserStoreAccount) as well as the
email_inbound_token gen_random_bytes expression in User.

Without this, SQLite raises 'type UUID is not supported' when the ORM
tries to bind Python UUID objects, and NOT NULL constraint failures when
server_default expressions reference non-existent PostgreSQL functions.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-05-23 23:36:08 +00:00
Savannah Savings 280882f515 Merge pull request 'Fix test failures: email_inbound_token server_default for SQLite' (#29) from betty/fix-email-inbound-token-tests into dev
CI / test (push) Failing after 1m19s
Details
CI / build-and-push (push) Has been skipped
Details
CI / lint (push) Successful in 5s
Details
CI / typecheck (push) Failing after 29s
Details
CI / deploy-uat (push) Has been skipped
Details
CI / deploy-dev (push) Failing after 28s
Details
CI / lint (pull_request) Successful in 6s
Details
CI / typecheck (pull_request) Failing after 31s
Details
CI / test (pull_request) Failing after 43s
Details
CI / build-and-push (pull_request) Has been skipped
Details
CI / deploy-dev (pull_request) Has been skipped
Details
CI / deploy-uat (pull_request) Has been skipped
Details 
Fix test failures: email_inbound_token server_default for SQLite (#29)

Strip PostgreSQL-only server_default from email_inbound_token before SQLite create_all(). Add email_inbound_token to test user INSERT statements.

Reviewed-by: Savannah Savings (CTO)
Approved-by: Checkout Charlie (QA)
 2026-05-23 23:25:03 +00:00
Savannah Savings ec4eaa1f03 Merge pull request 'Fix ruff lint errors across codebase' (#30) from barcode-betty/car-1004-fix-ruff-lint into dev
CI / build-and-push (push) Has been skipped
Details
CI / deploy-uat (push) Has been skipped
Details
CI / build-and-push (pull_request) Has been skipped
Details
CI / test (push) Failing after 1s
Details
CI / deploy-dev (push) Failing after 1s
Details
CI / typecheck (push) Failing after 0s
Details
CI / typecheck (pull_request) Failing after 17s
Details
CI / lint (push) Failing after 1s
Details
CI / lint (pull_request) Failing after 3s
Details
CI / test (pull_request) Failing after 49s
Details
CI / deploy-dev (pull_request) Has been skipped
Details
CI / deploy-uat (pull_request) Has been skipped
Details 
Merge PR #30: Fix ruff lint errors across codebase

Fixes 56 ruff lint errors (E501, F401, I001) in cartsnitch/api.
QA: cs_charlie APPROVED
CTO: cs_savannah APPROVED
 2026-05-23 23:11:54 +00:00
Barcode Betty 0e3c9fb52e Fix: strip PostgreSQL server_default from email_inbound_token for SQLite
CI / lint (pull_request) Failing after 5s
Details
CI / typecheck (pull_request) Failing after 32s
Details
CI / test (pull_request) Failing after 1m23s
Details
CI / build-and-push (pull_request) Has been skipped
Details
CI / deploy-dev (pull_request) Has been skipped
Details
CI / deploy-uat (pull_request) Has been skipped
Details 
The email_inbound_token column uses a PostgreSQL-only server_default
(gen_random_bytes/encode/trim) that SQLite cannot parse.
Strip the server_default before metadata.create_all() in both the
sync engine and async db_engine fixtures so tests run against SQLite.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-05-23 23:07:39 +00:00
Barcode Betty cc6ca5982c fix: resolve email_inbound_token conflict in test fixtures
CI / lint (pull_request) Failing after 7s
Details
CI / typecheck (pull_request) Failing after 31s
Details
CI / test (pull_request) Failing after 51s
Details
CI / build-and-push (pull_request) Has been skipped
Details
CI / deploy-dev (pull_request) Has been skipped
Details
CI / deploy-uat (pull_request) Has been skipped
Details 
Rebase on latest dev and wrap SQL INSERT lines to honor ruff line-length=100.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-05-23 23:00:02 +00:00
Barcode Betty c9fd066c31 fix: resolve email_inbound_token conflict in test fixtures
CI / lint (pull_request) Failing after 7s
Details
CI / typecheck (pull_request) Failing after 31s
Details
CI / test (pull_request) Failing after 49s
Details
CI / build-and-push (pull_request) Has been skipped
Details
CI / deploy-dev (pull_request) Has been skipped
Details
CI / deploy-uat (pull_request) Has been skipped
Details
2026-05-23 22:57:16 +00:00
Barcode Betty c68838acf2 Fix ruff lint errors across codebase
CI / lint (pull_request) Successful in 5s
Details
CI / typecheck (pull_request) Failing after 29s
Details
CI / test (pull_request) Failing after 48s
Details
CI / build-and-push (pull_request) Has been skipped
Details
CI / deploy-dev (pull_request) Has been skipped
Details
CI / deploy-uat (pull_request) Has been skipped
Details 
- Auto-fix F401 (unused imports) and I001 (unsorted imports) with ruff --fix
- Manually fix E501 (line too long) in alembic migrations and src/ models
- Run ruff format to ensure consistent formatting

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-05-23 22:47:17 +00:00
Savannah Savings 4751154679 Merge pull request 'Fix ruff lint errors across codebase' (#28) from cs_betty/api:betty/car-932-lint-fixes into dev
CI / lint (push) Failing after 3s
Details
CI / typecheck (push) Failing after 29s
Details
CI / test (push) Failing after 48s
Details
CI / build-and-push (push) Has been skipped
Details
CI / deploy-uat (push) Has been skipped
Details
CI / deploy-dev (push) Failing after 27s
Details 
Merge PR #28: Fix ruff lint errors across codebase
 2026-05-23 22:44:02 +00:00
Savannah Savings 71cf0a4563 Merge pull request 'ci: migrate from ghcr.io to Gitea built-in registry' (#25) from fix/cart-995-gitea-registry-migration into dev
CI / lint (push) Failing after 5s
Details
CI / lint (pull_request) Failing after 5s
Details
CI / typecheck (pull_request) Failing after 16s
Details
CI / typecheck (push) Failing after 30s
Details
CI / test (push) Failing after 51s
Details
CI / build-and-push (push) Has been skipped
Details
CI / deploy-dev (pull_request) Has been skipped
Details
CI / deploy-uat (push) Has been skipped
Details
CI / test (pull_request) Failing after 1m51s
Details
CI / build-and-push (pull_request) Has been skipped
Details
CI / deploy-dev (push) Failing after 32s
Details
CI / deploy-uat (pull_request) Has been skipped
Details 
ci: migrate from ghcr.io to Gitea built-in registry (#25)

CAR-995: Update CI workflow to use Gitea built-in container registry.
- REGISTRY env var: ghcr.io -> git.farh.net
- Replace Docker Hub/GHCR login with direct docker login using github.token
- Remove Docker Hub credentials from service containers
- Update deploy kustomize image refs to use env vars
 2026-05-23 22:31:36 +00:00
Barcode Betty 9659e63208 ci: migrate from ghcr.io to Gitea built-in registry
CI / lint (pull_request) Failing after 8s
Details
CI / typecheck (pull_request) Failing after 29s
Details
CI / test (pull_request) Failing after 50s
Details
CI / build-and-push (pull_request) Has been skipped
Details
CI / deploy-dev (pull_request) Has been skipped
Details
CI / deploy-uat (pull_request) Has been skipped
Details 
- Update REGISTRY env var: ghcr.io -> git.farh.net
- Replace Docker Hub + GHCR login with Gitea login step
- Remove credentials blocks from postgres and redis service definitions
- Update deploy-dev/deploy-uat kustomize image refs to use $REGISTRY var

Fixes QA FAIL from PR #23: missing Gitea login step.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-05-23 22:14:55 +00:00
Barcode Betty ae2fc15a5b fix: resolve lint errors in test files [CAR-932]
CI / lint (pull_request) Has been cancelled
Details
CI / typecheck (pull_request) Has been cancelled
Details
CI / test (pull_request) Has been cancelled
Details
CI / build-and-push (pull_request) Has been cancelled
Details
CI / deploy-dev (pull_request) Has been cancelled
Details
CI / deploy-uat (pull_request) Has been cancelled
Details 
Fix 56 lint errors in test files that were blocking CI:
- E501: Split long SQL INSERT statements across multiple lines
- F401: Remove unused imports (os, unittest.mock.patch)

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-05-23 22:09:33 +00:00
20 changed files with 2549 additions and 200 deletions
Expand all files Collapse all files
.gitea/workflows/ci.yml
+4 -108
View File
@@ -15,7 +15,7 @@ permissions:
packages: write
env:
REGISTRY: ghcr.io
REGISTRY: git.farh.net
IMAGE_NAME: cartsnitch/api
jobs:
@@ -51,9 +51,6 @@ jobs:
services:
postgres:
image: postgres:15-alpine
credentials:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
env:
POSTGRES_USER: cartsnitch
POSTGRES_PASSWORD: cartsnitch_test
@@ -67,9 +64,6 @@ jobs:
--health-retries 5
redis:
image: redis:7-alpine
credentials:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
ports:
- 6379:6379
options: >-
@@ -122,19 +116,8 @@ jobs:
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
echo "CalVer tag: $VERSION"
- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Log in to GHCR
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Log in to Gitea Container Registry
run: echo "${{ github.token }}" | docker login git.farh.net -u ${{ github.actor }} --password-stdin
- name: Extract metadata
id: meta
@@ -171,7 +154,7 @@ jobs:
only-fixed: "true"
output-format: sarif
- name: Push Docker image
if: github.event_name == 'push'
@@ -192,90 +175,3 @@ jobs:
git tag "v${{ steps.calver.outputs.version }}"
git push origin "v${{ steps.calver.outputs.version }}"
deploy-dev:
runs-on: ubuntu-latest
needs: [build-and-push]
if: always() && !cancelled() && github.event_name == 'push' && (github.ref == 'refs/heads/dev' || github.ref == 'refs/heads/main')
steps:
- name: Checkout infra repo
uses: actions/checkout@v4
with:
repository: cartsnitch/infra
token: ${{ secrets.GITEA_TOKEN }}
ref: main
path: infra
- name: Install kubectl
uses: azure/setup-kubectl@v4
- name: Install kustomize
uses: imranismail/setup-kustomize@v2
- name: Determine image tag
id: api_tag
run: |
if [ "${{ github.ref }}" == "refs/heads/main" ]; then
echo "tag=${{ needs.build-and-push.outputs.calver_tag }}" >> "$GITHUB_OUTPUT"
else
echo "tag=${{ needs.build-and-push.outputs.sha_tag }}" >> "$GITHUB_OUTPUT"
fi
- name: Update api image tag
if: needs.build-and-push.result == 'success'
run: |
cd infra/apps/overlays/dev
kustomize edit set image ghcr.io/cartsnitch/api:${{ steps.api_tag.outputs.tag }}
- name: Commit and push to infra
run: |
cd infra
git config user.name "cartsnitch-ci[bot]"
git config user.email "cartsnitch-ci[bot]@users.noreply.github.com"
git add apps/overlays/dev/kustomization.yaml
git commit -m "ci(dev): update api image"
git pull --rebase origin main
git push origin main
deploy-uat:
runs-on: ubuntu-latest
needs: [build-and-push]
if: always() && !cancelled() && github.event_name == 'push' && (github.ref == 'refs/heads/uat' || github.ref == 'refs/heads/main')
steps:
- name: Checkout infra repo
uses: actions/checkout@v4
with:
repository: cartsnitch/infra
token: ${{ secrets.GITEA_TOKEN }}
ref: main
path: infra
- name: Install kubectl
uses: azure/setup-kubectl@v4
- name: Install kustomize
uses: imranismail/setup-kustomize@v2
- name: Determine image tag
id: api_tag
run: |
if [ "${{ github.ref }}" == "refs/heads/main" ]; then
echo "tag=${{ needs.build-and-push.outputs.calver_tag }}" >> "$GITHUB_OUTPUT"
else
echo "tag=${{ needs.build-and-push.outputs.sha_tag }}" >> "$GITHUB_OUTPUT"
fi
- name: Update api image tag
if: needs.build-and-push.result == 'success'
run: |
cd infra/apps/overlays/uat
kustomize edit set image ghcr.io/cartsnitch/api:${{ steps.api_tag.outputs.tag }}
- name: Commit and push to infra
run: |
cd infra
git config user.name "cartsnitch-ci[bot]"
git config user.email "cartsnitch-ci[bot]@users.noreply.github.com"
git add apps/overlays/uat/kustomization.yaml
git commit -m "ci(uat): update api image"
git pull --rebase origin main
git push origin main
.mcp.json
+11
View File
@@ -0,0 +1,11 @@
{
"mcpServers": {
"gitea": {
"type": "http",
"url": "https://git-mcp.farh.net/mcp",
"headers": {
"Authorization": "Bearer ${GITEA_TOKEN}"
}
}
}
}
alembic/env.py
+6 -1
View File
@@ -45,7 +45,11 @@ def run_migrations_online() -> None:
poolclass=pool.NullPool,
)
with connectable.connect() as connection:
context.configure(connection=connection, target_metadata=target_metadata, version_table_column_width=128)
context.configure(
connection=connection,
target_metadata=target_metadata,
version_table_column_width=128,
)
with context.begin_transaction():
context.run_migrations()
# Create any tables defined in models but not yet created by migrations.
@@ -56,6 +60,7 @@ def run_migrations_online() -> None:
connection.commit()
except Exception as exc:
import logging
logging.getLogger("alembic.env").warning(
"create_all failed (non-fatal, migrations should handle table creation): %s", exc
)
alembic/versions/002_better_auth_tables.py
+44 -9
View File
@@ -30,7 +30,10 @@ def upgrade() -> None:
if inspector.has_table("users"):
existing_user_cols = [c["name"] for c in inspector.get_columns("users")]
if "email_verified" not in existing_user_cols:
op.add_column("users", sa.Column("email_verified", sa.Boolean(), nullable=False, server_default="false"))
op.add_column(
"users",
sa.Column("email_verified", sa.Boolean(), nullable=False, server_default="false"),
)
if "image" not in existing_user_cols:
op.add_column("users", sa.Column("image", sa.Text(), nullable=True))
@@ -44,8 +47,18 @@ def upgrade() -> None:
sa.Column("expires_at", sa.DateTime(timezone=True), nullable=False),
sa.Column("ip_address", sa.Text(), nullable=True),
sa.Column("user_agent", sa.Text(), nullable=True),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.PrimaryKeyConstraint("id"),
)
op.create_index("ix_sessions_token", "sessions", ["token"], unique=True)
@@ -66,8 +79,18 @@ def upgrade() -> None:
sa.Column("scope", sa.Text(), nullable=True),
sa.Column("id_token", sa.Text(), nullable=True),
sa.Column("password", sa.Text(), nullable=True),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.PrimaryKeyConstraint("id"),
)
op.create_index("ix_accounts_user_id", "accounts", ["user_id"])
@@ -80,8 +103,18 @@ def upgrade() -> None:
sa.Column("identifier", sa.Text(), nullable=False),
sa.Column("value", sa.Text(), nullable=False),
sa.Column("expires_at", sa.DateTime(timezone=True), nullable=False),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.PrimaryKeyConstraint("id"),
)
@@ -96,8 +129,10 @@ def upgrade() -> None:
user_id_str = str(user_id)
conn.execute(
text(
"INSERT INTO accounts (id, user_id, account_id, provider_id, password, created_at, updated_at) "
"VALUES (gen_random_uuid()::text, :user_id, :account_id, 'credential', :password, now(), now())"
"INSERT INTO accounts "
"(id, user_id, account_id, provider_id, password, created_at, updated_at) "
"VALUES (gen_random_uuid()::text, :user_id, :account_id, "
"'credential', :password, now(), now())"
),
{"user_id": user_id_str, "account_id": user_id_str, "password": hashed_password},
)
alembic/versions/004_fix_user_id_text.py
+12 -2
View File
@@ -40,7 +40,12 @@ def upgrade() -> None:
return # already TEXT — nothing to do
# Step 1: Drop existing FK constraints (ignore if they don't exist)
op.execute(text("ALTER TABLE user_store_accounts DROP CONSTRAINT IF EXISTS user_store_accounts_user_id_fkey"))
op.execute(
text(
"ALTER TABLE user_store_accounts "
"DROP CONSTRAINT IF EXISTS user_store_accounts_user_id_fkey"
)
)
op.execute(text("ALTER TABLE purchases DROP CONSTRAINT IF EXISTS purchases_user_id_fkey"))
# Step 2: Alter users.id from uuid to text
@@ -89,7 +94,12 @@ def upgrade() -> None:
def downgrade() -> None:
# Drop FK constraints
op.execute(text("ALTER TABLE user_store_accounts DROP CONSTRAINT IF EXISTS user_store_accounts_user_id_fkey"))
op.execute(
text(
"ALTER TABLE user_store_accounts "
"DROP CONSTRAINT IF EXISTS user_store_accounts_user_id_fkey"
)
)
op.execute(text("ALTER TABLE purchases DROP CONSTRAINT IF EXISTS purchases_user_id_fkey"))
# Revert users.id from text to uuid
alembic/versions/005_add_email_inbound_token.py
+1 -1
View File
@@ -20,7 +20,7 @@ depends_on = None
def upgrade() -> None:
conn = op.get_bind()
inspector = sa.inspect(conn)
# Guard: on a fresh DB Base.metadata.create_all creates users table with the column already present
# Guard: on fresh DB, Base.metadata.create_all already has the column
if not inspector.has_table("users"):
return
existing_cols = [c["name"] for c in inspector.get_columns("users")]
alembic/versions/006_email_inbound_token_server_default.py
+3 -1
View File
@@ -6,6 +6,7 @@ Create Date: 2026-04-04
"""
import sqlalchemy as sa
from alembic import op
revision = "006_email_inbound_token_server_default"
@@ -29,7 +30,8 @@ def upgrade() -> None:
"users",
"email_inbound_token",
server_default=sa.text(
"replace(replace(trim(trailing '=' from encode(gen_random_bytes(16), 'base64')), '+', '-'), '/', '_')"
"replace(replace(trim(trailing '=' from "
"encode(gen_random_bytes(16), 'base64')), '+', '-'), '/', '_')"
),
)
alembic/versions/007_bootstrap_users_table.py
+13 -3
View File
@@ -27,7 +27,8 @@ def upgrade() -> None:
if inspector.has_table("users"):
return # Table already exists (non-fresh DB or create_all already ran)
conn.execute(text("""
conn.execute(
text("""
CREATE TABLE users (
id TEXT PRIMARY KEY,
email VARCHAR(255) NOT NULL UNIQUE,
@@ -36,11 +37,20 @@ def upgrade() -> None:
email_verified BOOLEAN NOT NULL DEFAULT false,
image TEXT,
email_inbound_token VARCHAR(22) NOT NULL UNIQUE
DEFAULT replace(replace(trim(trailing '=' from encode(gen_random_bytes(16), 'base64')), '+', '-'), '/', '_'),
DEFAULT (
replace(
replace(
trim(trailing '=' from encode(gen_random_bytes(16), 'base64')),
'+', '-'
),
'/', '_'
)
),
created_at TIMESTAMPTZ NOT NULL DEFAULT now(),
updated_at TIMESTAMPTZ NOT NULL DEFAULT now()
)
"""))
""")
)
def downgrade() -> None:
alembic/versions/008_create_domain_tables.py
+150 -26
View File
@@ -29,8 +29,18 @@ def upgrade() -> None:
sa.Column("slug", sa.String(20), nullable=False, unique=True),
sa.Column("logo_url", sa.String(500), nullable=True),
sa.Column("website_url", sa.String(500), nullable=True),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
)
# 2. store_locations
@@ -45,8 +55,18 @@ def upgrade() -> None:
sa.Column("zip", sa.String(10), nullable=False),
sa.Column("lat", sa.Float(), nullable=True),
sa.Column("lng", sa.Float(), nullable=True),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
)
# 3. normalized_products
@@ -61,8 +81,18 @@ def upgrade() -> None:
sa.Column("size", sa.String(50), nullable=True),
sa.Column("size_unit", sa.String(10), nullable=True),
sa.Column("upc_variants", sa.JSON(), nullable=True),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
)
# 4. purchases
@@ -72,7 +102,9 @@ def upgrade() -> None:
sa.Column("id", sa.Uuid(), server_default=text("gen_random_uuid()"), primary_key=True),
sa.Column("user_id", sa.Text(), sa.ForeignKey("users.id"), nullable=False),
sa.Column("store_id", sa.Uuid(), sa.ForeignKey("stores.id"), nullable=False),
sa.Column("store_location_id", sa.Uuid(), sa.ForeignKey("store_locations.id"), nullable=True),
sa.Column(
"store_location_id", sa.Uuid(), sa.ForeignKey("store_locations.id"), nullable=True
),
sa.Column("receipt_id", sa.String(200), nullable=False),
sa.Column("purchase_date", sa.Date(), nullable=False),
sa.Column("total", sa.Numeric(10, 2), nullable=False),
@@ -81,9 +113,24 @@ def upgrade() -> None:
sa.Column("savings_total", sa.Numeric(10, 2), nullable=True),
sa.Column("source_url", sa.String(500), nullable=True),
sa.Column("raw_data", sa.JSON(), nullable=True),
sa.Column("ingested_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column(
"ingested_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.UniqueConstraint("user_id", "store_id", "receipt_id", name="uq_purchase_receipt"),
sa.Index("ix_purchases_user_store", "user_id", "store_id"),
)
@@ -104,9 +151,24 @@ def upgrade() -> None:
sa.Column("coupon_discount", sa.Numeric(10, 2), nullable=True),
sa.Column("loyalty_discount", sa.Numeric(10, 2), nullable=True),
sa.Column("category_raw", sa.String(100), nullable=True),
sa.Column("normalized_product_id", sa.Uuid(), sa.ForeignKey("normalized_products.id"), nullable=True),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column(
"normalized_product_id",
sa.Uuid(),
sa.ForeignKey("normalized_products.id"),
nullable=True,
),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
)
# 6. coupons
@@ -115,7 +177,12 @@ def upgrade() -> None:
"coupons",
sa.Column("id", sa.Uuid(), server_default=text("gen_random_uuid()"), primary_key=True),
sa.Column("store_id", sa.Uuid(), sa.ForeignKey("stores.id"), nullable=False),
sa.Column("normalized_product_id", sa.Uuid(), sa.ForeignKey("normalized_products.id"), nullable=True),
sa.Column(
"normalized_product_id",
sa.Uuid(),
sa.ForeignKey("normalized_products.id"),
nullable=True,
),
sa.Column("title", sa.String(300), nullable=False),
sa.Column("description", sa.String(1000), nullable=True),
sa.Column("discount_type", sa.String(20), nullable=False),
@@ -127,8 +194,18 @@ def upgrade() -> None:
sa.Column("coupon_code", sa.String(100), nullable=True),
sa.Column("source_url", sa.String(500), nullable=True),
sa.Column("scraped_at", sa.DateTime(timezone=True), nullable=True),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
)
# 7. price_history
@@ -136,7 +213,12 @@ def upgrade() -> None:
op.create_table(
"price_history",
sa.Column("id", sa.Uuid(), server_default=text("gen_random_uuid()"), primary_key=True),
sa.Column("normalized_product_id", sa.Uuid(), sa.ForeignKey("normalized_products.id"), nullable=False),
sa.Column(
"normalized_product_id",
sa.Uuid(),
sa.ForeignKey("normalized_products.id"),
nullable=False,
),
sa.Column("store_id", sa.Uuid(), sa.ForeignKey("stores.id"), nullable=False),
sa.Column("observed_date", sa.Date(), nullable=False),
sa.Column("regular_price", sa.Numeric(10, 2), nullable=False),
@@ -144,10 +226,27 @@ def upgrade() -> None:
sa.Column("loyalty_price", sa.Numeric(10, 2), nullable=True),
sa.Column("coupon_price", sa.Numeric(10, 2), nullable=True),
sa.Column("source", sa.String(20), nullable=False),
sa.Column("purchase_item_id", sa.Uuid(), sa.ForeignKey("purchase_items.id"), nullable=True),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Index("ix_price_history_product_store_date", "normalized_product_id", "store_id", "observed_date"),
sa.Column(
"purchase_item_id", sa.Uuid(), sa.ForeignKey("purchase_items.id"), nullable=True
),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Index(
"ix_price_history_product_store_date",
"normalized_product_id",
"store_id",
"observed_date",
),
)
# 8. shrinkflation_events
@@ -155,7 +254,12 @@ def upgrade() -> None:
op.create_table(
"shrinkflation_events",
sa.Column("id", sa.Uuid(), server_default=text("gen_random_uuid()"), primary_key=True),
sa.Column("normalized_product_id", sa.Uuid(), sa.ForeignKey("normalized_products.id"), nullable=False),
sa.Column(
"normalized_product_id",
sa.Uuid(),
sa.ForeignKey("normalized_products.id"),
nullable=False,
),
sa.Column("detected_date", sa.Date(), nullable=False),
sa.Column("old_size", sa.String(50), nullable=False),
sa.Column("new_size", sa.String(50), nullable=False),
@@ -165,8 +269,18 @@ def upgrade() -> None:
sa.Column("price_at_new_size", sa.Numeric(10, 2), nullable=True),
sa.Column("confidence", sa.Numeric(3, 2), server_default=text("1.00"), nullable=False),
sa.Column("notes", sa.String(1000), nullable=True),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
)
# 9. user_store_accounts
@@ -180,8 +294,18 @@ def upgrade() -> None:
sa.Column("session_expires_at", sa.DateTime(timezone=True), nullable=True),
sa.Column("last_sync_at", sa.DateTime(timezone=True), nullable=True),
sa.Column("status", sa.String(20), server_default=text("'active'"), nullable=False),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.UniqueConstraint("user_id", "store_id", name="uq_user_store_account"),
)
alembic/versions/009_add_gin_index_upc_variants.py
+1
View File
@@ -6,6 +6,7 @@ Create Date: 2026-04-14
"""
import sqlalchemy as sa
from alembic import op
revision = "009_add_gin_index_upc_variants"
pyproject.toml
+6 -1
View File
@@ -15,12 +15,17 @@ dependencies = [
"sqlalchemy[asyncio]>=2.0.35",
"asyncpg>=0.30.0",
"alembic>=1.13,<2.0",
"psycopg2>=2.9,<3.0",
"psycopg2-binary>=2.9,<3.0",
"python-jose[cryptography]>=3.3.0",
"passlib[bcrypt]>=1.7.4",
"httpx>=0.27.0",
"redis[hiredis]>=5.2.0",
"cryptography>=43.0.0",
"pytest[dev]>=9.0.3",
"pytest-asyncio[dev]>=1.3.0",
"aiosqlite[dev]>=0.22.1",
"ruff[dev]>=0.15.14",
"mypy[dev]>=1.19.0",
]
[project.optional-dependencies]
src/cartsnitch_api/main.py
+2 -1
View File
@@ -6,7 +6,6 @@ from fastapi import APIRouter, FastAPI
from cartsnitch_api.auth.routes import router as auth_router
from cartsnitch_api.cache import cache_client
from cartsnitch_api.database import dispose_engine
from cartsnitch_api.middleware.audit import add_audit_middleware
from cartsnitch_api.middleware.cors import add_cors_middleware
from cartsnitch_api.middleware.error_handler import add_error_handlers, add_error_monitor_middleware
@@ -26,6 +25,8 @@ from cartsnitch_api.routes.user import router as user_router
@asynccontextmanager
async def lifespan(app: FastAPI):
from cartsnitch_api.database import dispose_engine
await cache_client.initialize()
yield
await cache_client.close()
src/cartsnitch_api/models/user.py
+3 -4
View File
@@ -26,9 +26,7 @@ class User(TimestampMixin, Base):
email: Mapped[str] = mapped_column(String(255), nullable=False, unique=True)
hashed_password: Mapped[str | None] = mapped_column(String(255), nullable=True)
display_name: Mapped[str | None] = mapped_column(String(100))
email_verified: Mapped[bool] = mapped_column(
Boolean, nullable=False, server_default="false"
)
email_verified: Mapped[bool] = mapped_column(Boolean, nullable=False, server_default="false")
image: Mapped[str | None] = mapped_column(Text, nullable=True)
email_inbound_token: Mapped[str] = mapped_column(
String(22),
@@ -36,7 +34,8 @@ class User(TimestampMixin, Base):
unique=True,
default=lambda: secrets.token_urlsafe(16),
server_default=sa.text(
"replace(replace(trim(trailing '=' from encode(gen_random_bytes(16), 'base64')), '+', '-'), '/', '_')"
"replace(replace(trim(trailing '=' from "
"encode(gen_random_bytes(16), 'base64')), '+', '-'), '/', '_')"
),
)
tests/conftest.py
+144 -22
View File
@@ -5,20 +5,133 @@ matching the Better-Auth session validation flow.
"""
import secrets
import uuid
import uuid as uuid_lib
from datetime import UTC, datetime, timedelta
import pytest
from httpx import ASGITransport, AsyncClient
from sqlalchemy import create_engine, event, text
from sqlalchemy import create_engine, event, text, TypeDecorator, String
import sqlalchemy as sa
from sqlalchemy.dialects.postgresql import UUID as PostgresUUID
from sqlalchemy.ext.asyncio import AsyncSession, async_sessionmaker, create_async_engine
from sqlalchemy.orm import sessionmaker
from sqlalchemy.types import CHAR, TypeEngine
from cartsnitch_api.config import settings as cartsnitch_settings
from cartsnitch_api.database import get_db
from cartsnitch_api.main import create_app
from cartsnitch_api.models import Base
cartsnitch_settings = None
class SQLiteCompatibleUUID(TypeDecorator):
"""Adapts PostgreSQL UUID for use with SQLite at test runtime.
Stores as CHAR(32) hex string, converts to Python uuid.UUID on read.
"""
impl = CHAR(32)
cache_ok = True
def process_bind_param(self, value, dialect):
if value is None:
return None
if isinstance(value, uuid_lib.UUID):
return value.hex
return str(value)
def process_result_value(self, value, dialect):
if value is None:
return None
return uuid_lib.UUID(hex=value)
class _StringUUID(TypeDecorator):
"""Fallback TypeDecorator that accepts both UUID objects and strings.
Used when the model uses Text but tests pass uuid.UUID values.
Stores as native string, returns uuid.UUID on read.
"""
impl = String(36)
cache_ok = True
def process_bind_param(self, value, dialect):
if value is None:
return None
if isinstance(value, uuid_lib.UUID):
return value.hex
return str(value)
def process_result_value(self, value, dialect):
if value is None:
return None
try:
return uuid_lib.UUID(hex=value)
except Exception:
return value
def _adapt_uuid_columns_for_sqlite(googol=None):
"""Replace PostgreSQL UUID column types with SQLiteCompatibleUUID.
PostgreSQL UUID columns generate DDL using gen_random_uuid() which SQLite
doesn't support. This replaces those column types so SQLite can bind UUIDs
as hex strings. Also sets a Python-side default so INSERTs without explicit
id succeed. Accepts an optional connection arg from run_sync.
"""
for table in Base.metadata.tables.values():
for column in table.columns.values():
if isinstance(column.type, PostgresUUID):
column.type = SQLiteCompatibleUUID()
if column.server_default is None and column.default is None:
column.default = uuid_lib.uuid4
def _adapt_text_pk_columns_for_uuid(googol=None):
"""Replace Text primary key columns that tests bind uuid.UUID values into.
User.id is a Text column but tests pass uuid.UUID objects. SQLite can't
bind UUID directly so we swap these to a compatible type. Accepts an
optional connection arg from run_sync.
"""
for table in Base.metadata.tables.values():
for column in table.columns.values():
if column.primary_key and isinstance(column.type, sa.Text):
column.type = _StringUUID()
def _adapt_fk_columns_for_uuid(googol=None):
"""Replace FK columns that reference UUID PKs but are typed as Text.
purchase.user_id, user_store_accounts.user_id/store_id, etc. are typed as str
but tests pass uuid.UUID objects for them. Accepts an optional connection arg
from run_sync.
"""
for table in Base.metadata.tables.values():
for column in table.columns.values():
if column.foreign_keys:
for fk in column.foreign_keys:
if isinstance(column.type, (sa.Text, sa.String)) and column.type.length in (None, 255):
column.type = _StringUUID()
def _strip_postgres_server_defaults(googol=None):
"""Remove PostgreSQL-specific server_default expressions for SQLite compatibility.
PostgreSQL functions like gen_random_uuid() and the base64 encoding expression
in email_inbound_token are not valid in SQLite. Accepts an optional connection
arg from run_sync.
"""
for table in Base.metadata.tables.values():
for column in table.columns.values():
if column.server_default is not None:
sd = str(column.server_default.arg)
if "gen_random_uuid" in sd or "gen_random_bytes" in sd:
column.server_default = None
TEST_DATABASE_URL = "sqlite+aiosqlite:///:memory:"
TEST_JWT_SECRET = secrets.token_urlsafe(32)
TEST_SERVICE_KEY = secrets.token_urlsafe(32)
TEST_FERNET_KEY = "7reF42nmTwbdN21PBoubGp7h_FU8qSimstmlaMLoRK8="
@@ -26,33 +139,35 @@ TEST_FERNET_KEY = "7reF42nmTwbdN21PBoubGp7h_FU8qSimstmlaMLoRK8="
@pytest.fixture(autouse=True)
def setup_test_settings():
original_jwt = cartsnitch_settings.jwt_secret_key
original_service = cartsnitch_settings.service_key
original_fernet = cartsnitch_settings.fernet_key
cartsnitch_settings.jwt_secret_key = TEST_JWT_SECRET
cartsnitch_settings.service_key = TEST_SERVICE_KEY
cartsnitch_settings.fernet_key = TEST_FERNET_KEY
from cartsnitch_api.config import settings as real_settings
original_jwt = real_settings.jwt_secret_key
original_service = real_settings.service_key
original_fernet = real_settings.fernet_key
real_settings.jwt_secret_key = TEST_JWT_SECRET
real_settings.service_key = TEST_SERVICE_KEY
real_settings.fernet_key = TEST_FERNET_KEY
yield
cartsnitch_settings.jwt_secret_key = original_jwt
cartsnitch_settings.service_key = original_service
cartsnitch_settings.fernet_key = original_fernet
TEST_DATABASE_URL = "sqlite+aiosqlite:///:memory:"
real_settings.jwt_secret_key = original_jwt
real_settings.service_key = original_service
real_settings.fernet_key = original_fernet
@pytest.fixture(autouse=True)
def disable_rate_limiting():
"""Disable rate limiting for all tests to prevent 429 interference."""
cartsnitch_settings.rate_limit_enabled = False
from cartsnitch_api.config import settings as real_settings
real_settings.rate_limit_enabled = False
yield
cartsnitch_settings.rate_limit_enabled = True
real_settings.rate_limit_enabled = True
@pytest.fixture
def engine():
"""Sync in-memory SQLite engine for model unit tests."""
eng = create_engine("sqlite:///:memory:")
_adapt_uuid_columns_for_sqlite()
_adapt_text_pk_columns_for_uuid()
_adapt_fk_columns_for_uuid()
_strip_postgres_server_defaults()
Base.metadata.create_all(eng)
yield eng
eng.dispose()
@@ -77,6 +192,10 @@ async def db_engine():
cursor.close()
async with engine.begin() as conn:
await conn.run_sync(_adapt_uuid_columns_for_sqlite)
await conn.run_sync(_adapt_text_pk_columns_for_uuid)
await conn.run_sync(_adapt_fk_columns_for_uuid)
await conn.run_sync(_strip_postgres_server_defaults)
await conn.run_sync(Base.metadata.create_all)
# Create Better-Auth tables (not managed by SQLAlchemy models)
await conn.execute(
@@ -166,19 +285,21 @@ async def _create_test_user_and_session(
Returns (user_dict, session_token). Better-Auth stores the raw token
in the DB, so we insert it as-is.
"""
user_id = str(uuid.uuid4())
user_id = str(uuid_lib.uuid4())
email = user_overrides.get("email", "test@example.com")
display_name = user_overrides.get("display_name", "Test User")
session_token = secrets.token_urlsafe(32)
session_id = str(uuid.uuid4())
session_id = str(uuid_lib.uuid4())
now = datetime.now(UTC).isoformat()
expires = (datetime.now(UTC) + timedelta(days=7)).isoformat()
async with db_engine.begin() as conn:
await conn.execute(
text(
"INSERT INTO users (id, email, hashed_password, display_name, email_verified, created_at, updated_at) "
"VALUES (:id, :email, :hashed_password, :display_name, :email_verified, :created_at, :updated_at)"
"INSERT INTO users (id, email, hashed_password, display_name, "
"email_verified, email_inbound_token, created_at, updated_at) "
"VALUES (:id, :email, :hashed_password, :display_name, "
":email_verified, :email_inbound_token, :created_at, :updated_at)"
),
{
"id": user_id,
@@ -186,6 +307,7 @@ async def _create_test_user_and_session(
"hashed_password": "not-used-with-better-auth",
"display_name": display_name,
"email_verified": False,
"email_inbound_token": secrets.token_urlsafe(16),
"created_at": now,
"updated_at": now,
},
tests/test_auth/test_auth_endpoints.py
+4 -2
View File
@@ -138,8 +138,9 @@ async def test_expired_session_rejected(client, db_engine):
async with db_engine.begin() as conn:
await conn.execute(
text(
"INSERT INTO users (id, email, hashed_password, display_name, email_verified, created_at, updated_at) "
"VALUES (:id, :email, :hp, :dn, :ev, :ca, :ua)"
"INSERT INTO users (id, email, hashed_password, display_name, "
"email_verified, email_inbound_token, created_at, updated_at) "
"VALUES (:id, :email, :hp, :dn, :ev, :token, :ca, :ua)"
),
{
"id": user_id,
@@ -147,6 +148,7 @@ async def test_expired_session_rejected(client, db_engine):
"hp": "unused",
"dn": "Expired User",
"ev": False,
"token": secrets.token_urlsafe(16),
"ca": now,
"ua": now,
},
tests/test_config.py
+12 -5
View File
@@ -1,7 +1,5 @@
"""Tests for Settings config, specifically the database_url env var fallback."""
import os
from cartsnitch_api.config import Settings
@@ -30,7 +28,10 @@ def test_database_url_normalizes_plain_postgresql_prefix():
"DATABASE_URL": "postgresql://cartsnitch:cartsnitch@localhost:5432/cartsnitch",
}
settings = Settings(**env)
assert settings.database_url == "postgresql+asyncpg://cartsnitch:cartsnitch@localhost:5432/cartsnitch"
assert (
settings.database_url
== "postgresql+asyncpg://cartsnitch:cartsnitch@localhost:5432/cartsnitch"
)
def test_database_url_preserves_asyncpg_prefix():
@@ -39,10 +40,16 @@ def test_database_url_preserves_asyncpg_prefix():
"CARTSNITCH_DATABASE_URL": "postgresql+asyncpg://cartsnitch:cartsnitch@localhost:5432/cartsnitch",
}
settings = Settings(**env)
assert settings.database_url == "postgresql+asyncpg://cartsnitch:cartsnitch@localhost:5432/cartsnitch"
assert (
settings.database_url
== "postgresql+asyncpg://cartsnitch:cartsnitch@localhost:5432/cartsnitch"
)
def test_database_url_default():
"""When neither env var is set, the hardcoded default is used."""
settings = Settings()
assert settings.database_url == "postgresql+asyncpg://cartsnitch:cartsnitch@localhost:5432/cartsnitch"
assert (
settings.database_url
== "postgresql+asyncpg://cartsnitch:cartsnitch@localhost:5432/cartsnitch"
)
tests/test_e2e/test_auth_validation.py
+4 -2
View File
@@ -65,8 +65,9 @@ class TestSessionValidation:
async with db_engine.begin() as conn:
await conn.execute(
text(
"INSERT INTO users (id, email, hashed_password, display_name, email_verified, created_at, updated_at) "
"VALUES (:id, :email, :hp, :dn, :ev, :ca, :ua)"
"INSERT INTO users (id, email, hashed_password, display_name, "
"email_verified, email_inbound_token, created_at, updated_at) "
"VALUES (:id, :email, :hp, :dn, :ev, :token, :ca, :ua)"
),
{
"id": user_id,
@@ -74,6 +75,7 @@ class TestSessionValidation:
"hp": "unused",
"dn": "Expired User",
"ev": False,
"token": secrets.token_urlsafe(16),
"ca": now,
"ua": now,
},
tests/test_encrypted_json.py
+7 -11
View File
@@ -1,11 +1,12 @@
"""Tests for EncryptedJSON TypeDecorator and session_data encryption."""
import json
import uuid as uuid_lib
import pytest
from cryptography.fernet import Fernet
from pydantic import ValidationError
from sqlalchemy import column, create_engine, table, text
from sqlalchemy import column, table, text
from sqlalchemy.orm import sessionmaker
from cartsnitch_api.config import settings
@@ -15,18 +16,13 @@ from cartsnitch_api.models.user import User, UserStoreAccount
@pytest.fixture
def engine():
eng = create_engine("sqlite:///:memory:")
Base.metadata.create_all(eng)
yield eng
eng.dispose()
def engine(engine):
yield engine
@pytest.fixture
def session(engine):
factory = sessionmaker(bind=engine)
with factory() as sess:
yield sess
def session(session):
yield session
@pytest.fixture
@@ -40,7 +36,7 @@ def store(session):
@pytest.fixture
def user(session):
u = User(email="alice@example.com", hashed_password="fakehash")
u = User(id=uuid_lib.uuid4(), email="alice@example.com", hashed_password="fakehash")
session.add(u)
session.commit()
session.refresh(u)
tests/test_middleware/test_rate_limit.py
+1 -1
View File
@@ -1,7 +1,7 @@
"""Tests for rate limiting middleware."""
import time
from unittest.mock import AsyncMock, MagicMock, patch
from unittest.mock import AsyncMock, MagicMock
import pytest
uv.lock
Generated
+2121
View File
File diff suppressed because it is too large Load Diff