Coupon Carl
782448a54a
Replace hand-rolled JWT auth with Better-Auth session-based authentication. - Scaffold auth/ Node.js service with Better-Auth, bcrypt password compat, Postgres adapter mapped to existing users table - Add Alembic migration (002) creating sessions, accounts, verifications tables and migrating password hashes to accounts table - Update FastAPI auth dependency to validate sessions via shared DB (supports both cookie and Bearer token) - Remove registration/login/refresh endpoints from API gateway (now handled by Better-Auth service) - Update frontend to use better-auth/react client with httpOnly cookies (no tokens in localStorage or memory) - Rewrite auth store, Login, Register, Dashboard, Settings, ProtectedRoute to use session-based auth - Update all tests to create sessions directly in DB instead of JWT tokens Resolves CAR-27 See plan: CAR-26#document-plan Co-Authored-By: Paperclip <noreply@paperclip.ing>
71 lines
2.3 KiB
Python
71 lines
2.3 KiB
Python
"""Auth service — user profile management.
|
|
|
|
Registration, login, token management, and session handling are now
|
|
handled by the Better-Auth service (auth/). This service provides
|
|
user lookup and profile update operations for the API gateway.
|
|
"""
|
|
|
|
from uuid import UUID
|
|
|
|
from sqlalchemy import select
|
|
from sqlalchemy.ext.asyncio import AsyncSession
|
|
|
|
|
|
class AuthService:
|
|
def __init__(self, db: AsyncSession) -> None:
|
|
self.db = db
|
|
|
|
async def get_user(self, user_id: UUID) -> dict:
|
|
from cartsnitch_api.models import User
|
|
|
|
result = await self.db.execute(select(User).where(User.id == user_id))
|
|
user = result.scalar_one_or_none()
|
|
if not user:
|
|
raise LookupError("User not found")
|
|
|
|
return {
|
|
"id": user.id,
|
|
"email": user.email,
|
|
"display_name": user.display_name,
|
|
"created_at": user.created_at,
|
|
}
|
|
|
|
async def update_user(self, user_id: UUID, **fields) -> dict:
|
|
from cartsnitch_api.models import User
|
|
|
|
result = await self.db.execute(select(User).where(User.id == user_id))
|
|
user = result.scalar_one_or_none()
|
|
if not user:
|
|
raise LookupError("User not found")
|
|
|
|
if "display_name" in fields and fields["display_name"] is not None:
|
|
user.display_name = fields["display_name"]
|
|
if "email" in fields and fields["email"] is not None:
|
|
existing = await self.db.execute(
|
|
select(User).where(User.email == fields["email"], User.id != user_id)
|
|
)
|
|
if existing.scalar_one_or_none():
|
|
raise ValueError("Email already in use")
|
|
user.email = fields["email"]
|
|
|
|
await self.db.commit()
|
|
await self.db.refresh(user)
|
|
|
|
return {
|
|
"id": user.id,
|
|
"email": user.email,
|
|
"display_name": user.display_name,
|
|
"created_at": user.created_at,
|
|
}
|
|
|
|
async def delete_user(self, user_id: UUID) -> None:
|
|
from cartsnitch_api.models import User
|
|
|
|
result = await self.db.execute(select(User).where(User.id == user_id))
|
|
user = result.scalar_one_or_none()
|
|
if not user:
|
|
raise LookupError("User not found")
|
|
|
|
await self.db.delete(user)
|
|
await self.db.commit()
|