Merge pull request 'promote: dev → uat (CI trigger fix)' (#10) from dev into uat

promote: dev → uat (CI trigger fix) (#10)

Co-Authored-By: Paperclip <noreply@paperclip.ing>

.gitea/workflows/ci.yml

@@ -26,6 +26,7 @@ jobs:
       - uses: actions/setup-python@v5
         with:
           python-version: "3.12"
+          cache: pip
       - run: pip install ruff
       - name: Ruff lint
         run: ruff check .
@@ -40,6 +41,7 @@ jobs:
       - uses: actions/setup-python@v5
         with:
           python-version: "3.12"
+          cache: pip
       - name: Install system dependencies
         run: sudo apt-get update && sudo apt-get install -y libpq-dev build-essential
       - run: pip install -e ".[dev]" mypy
@@ -81,13 +83,12 @@ jobs:
       CARTSNITCH_DATABASE_URL: postgresql+asyncpg://cartsnitch:cartsnitch_test@localhost:5432/cartsnitch_test
       CARTSNITCH_REDIS_URL: redis://localhost:6379/0
       CARTSNITCH_JWT_SECRET_KEY: test-secret-do-not-use-in-prod
-      CARTSNITCH_SERVICE_KEY: test-service-key-do-not-use-in-prod
-      CARTSNITCH_FERNET_KEY: wXWQsC0FZlhSz2t_tfVQjNUSP8vgAGG3o3pkjrX8Bw0=
     steps:
       - uses: actions/checkout@v4
       - uses: actions/setup-python@v5
         with:
           python-version: "3.12"
+          cache: pip
       - name: Install system dependencies
         run: sudo apt-get update && sudo apt-get install -y libpq-dev build-essential
       - run: pip install -e ".[dev]"

src/cartsnitch_api/auth/dependencies.py

@@ -5,8 +5,7 @@ Sessions are verified by querying the shared sessions table directly.
 """
 
 from datetime import UTC, datetime
-
-from fastapi import Depends, Header, HTTPException, Request, status
+from fastapi import Cookie, Depends, Header, HTTPException, Request, status
 from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
 from sqlalchemy import text
 from sqlalchemy.ext.asyncio import AsyncSession

src/cartsnitch_api/auth/routes.py

@@ -6,10 +6,13 @@ endpoints that query our own user data from the shared database.
 """
 
 from fastapi import APIRouter, Depends, HTTPException, status
+from pydantic import BaseModel
+from sqlalchemy import select
 from sqlalchemy.ext.asyncio import AsyncSession
 
 from cartsnitch_api.auth.dependencies import get_current_user
 from cartsnitch_api.database import get_db
+from cartsnitch_api.models import User
 from cartsnitch_api.schemas import (
     UpdateUserRequest,
     UserResponse,

src/cartsnitch_api/config.py

@@ -23,12 +23,7 @@ class Settings(BaseSettings):
 
     auth_service_url: str = "http://auth:3001"
 
-    cors_origins: list[str] = [
-        "http://localhost:3000",
-        "https://cartsnitch.com",
-        "https://dev.cartsnitch.com",
-        "https://uat.cartsnitch.com",
-    ]
+    cors_origins: list[str] = ["http://localhost:3000", "https://cartsnitch.com"]
 
     receiptwitness_url: str = "http://receiptwitness:8001"
     stickershock_url: str = "http://stickershock:8002"

src/cartsnitch_api/main.py

@@ -7,10 +7,10 @@ from fastapi import APIRouter, FastAPI
 from cartsnitch_api.auth.routes import router as auth_router
 from cartsnitch_api.cache import cache_client
 from cartsnitch_api.database import dispose_engine
-from cartsnitch_api.middleware.audit import add_audit_middleware
 from cartsnitch_api.middleware.cors import add_cors_middleware
 from cartsnitch_api.middleware.error_handler import add_error_handlers, add_error_monitor_middleware
 from cartsnitch_api.middleware.rate_limit import add_rate_limit_middleware
+from cartsnitch_api.middleware.audit import add_audit_middleware
 from cartsnitch_api.routes.alerts import router as alerts_router
 from cartsnitch_api.routes.coupons import router as coupons_router
 from cartsnitch_api.routes.health import router as health_router