format and login exception

fix max age
add test fingerprint
2025-09-27 12:07:31 +03:00 · 2025-09-27 12:00:17 +03:00 · 2025-09-27 11:52:55 +03:00
6 changed files with 61 additions and 29 deletions
--- a/src/api/v1/auth.py
+++ b/src/api/v1/auth.py
@@ -27,7 +27,7 @@ async def login(
    session: sessionDep,
    credential: Annotated[OAuth2PasswordRequestForm, Depends()],
    response: Response,
-    fingerprint: str = Form(),
+    fingerprint: str = Form(min_length=5),
 ):
    result = await AuthService(session).login(
        credential.username, credential.password, fingerprint=fingerprint
@@ -38,7 +38,7 @@ async def login(
        httponly=True,
        samesite="lax",
        path=settings.api.v1_login_url,
-        max_age=60 * 60 * 24 * 7,
+        max_age=60 * 60 * 24 * settings.refresh_token.expire_days,
    )
    return result

--- a/src/core/settings.py
+++ b/src/core/settings.py
@@ -47,7 +47,9 @@ class Settings(BaseSettings):
    db: DbSettings = DbSettings()
    access_token: AccessToken
    refresh_token: RefreshToken
-    model_config = SettingsConfigDict(env_file=".env", env_file_encoding="utf-8", env_nested_delimiter='__')
+    model_config = SettingsConfigDict(
+        env_file=".env", env_file_encoding="utf-8", env_nested_delimiter="__"
+    )


 settings = Settings()  # type: ignore
--- a/src/migrations/versions/2025_09_21_2016-5821f37941a8_expire_and_fingerprintjs_token.py
+++ b/src/migrations/versions/2025_09_21_2016-5821f37941a8_expire_and_fingerprintjs_token.py
@@ -5,14 +5,15 @@ Revises: b879d3502c37
 Create Date: 2025-09-21 20:16:48.289050

 """
+
 from typing import Sequence, Union

 import sqlalchemy as sa
 from alembic import op

 # revision identifiers, used by Alembic.
-revision: str = '5821f37941a8'
-down_revision: Union[str, None] = 'b879d3502c37'
+revision: str = "5821f37941a8"
+down_revision: Union[str, None] = "b879d3502c37"
 branch_labels: Union[str, Sequence[str], None] = None
 depends_on: Union[str, Sequence[str], None] = None

@@ -20,14 +21,25 @@ depends_on: Union[str, Sequence[str], None] = None
 def upgrade() -> None:
    """Upgrade schema."""
    # ### commands auto generated by Alembic - please adjust! ###
-    op.add_column('refresh_tokens', sa.Column('fingerprint', sa.String(length=255), nullable=False))
-    op.add_column('refresh_tokens', sa.Column('expired_at', sa.TIMESTAMP(timezone=True), server_default=sa.text("(datetime('now', '+7 days'))"), nullable=False))
+    op.add_column(
+        "refresh_tokens",
+        sa.Column("fingerprint", sa.String(length=255), nullable=False),
+    )
+    op.add_column(
+        "refresh_tokens",
+        sa.Column(
+            "expired_at",
+            sa.TIMESTAMP(timezone=True),
+            server_default=sa.text("(datetime('now', '+7 days'))"),
+            nullable=False,
+        ),
+    )
    # ### end Alembic commands ###


 def downgrade() -> None:
    """Downgrade schema."""
    # ### commands auto generated by Alembic - please adjust! ###
-    op.drop_column('refresh_tokens', 'expired_at')
-    op.drop_column('refresh_tokens', 'fingerprint')
+    op.drop_column("refresh_tokens", "expired_at")
+    op.drop_column("refresh_tokens", "fingerprint")
    # ### end Alembic commands ###
--- a/src/models/tokens.py
+++ b/src/models/tokens.py
@@ -15,5 +15,7 @@ class RefreshTokensORM(Base):
    fingerprint: Mapped[str] = mapped_column(String(255), nullable=False)
    expired_at: Mapped[datetime] = mapped_column(
        TIMESTAMP(timezone=True),
-        server_default=text(f"datetime('now', '+{settings.refresh_token.expire_days} days')"),
+        server_default=text(
+            f"datetime('now', '+{settings.refresh_token.expire_days} days')"
+        ),
    )
--- a/src/services/auth.py
+++ b/src/services/auth.py
@@ -25,7 +25,7 @@ class AuthService(BaseService):
        await self.session.auth.create_one({
            "token": refresh_token,
            "user_id": user_data.id,
-            "fingerprint": fingerprint
+            "fingerprint": fingerprint,
        })
        return {
            "access_token": access_token,
@@ -34,28 +34,27 @@ class AuthService(BaseService):
        }

    async def login(self, username: str, password: str, fingerprint: str) -> dict:
+        login_exception = HTTPException(
+            status_code=401,
+            detail="Incorrect username or password",
+        )
        result = await self.session.user.get_one_or_none(username=username)
        if result is None:
-            raise HTTPException(
-                status_code=401,
-                detail="Incorrect username or password",
-            )
+            raise login_exception
        user = UserWithHashedPass.model_validate(result)
        token_data = TokenData.model_validate(user.model_dump())
        verify = AuthManager.verify_password(
            plain_password=password, hashed_password=user.hashed_password
        )
        if not verify or user.is_active is False:
-            raise HTTPException(
-                status_code=401,
-                detail="Incorrect username or password",
-            )
+            raise login_exception
        tokens = await self._tokens_create(token_data, fingerprint)
        await self.session.commit()
-        print(tokens)
        return tokens

-    async def refresh_tokens(self, refresh_token: str, user_data: TokenData, fingerprint: str) -> dict:
+    async def refresh_tokens(
+        self, refresh_token: str, user_data: TokenData, fingerprint: str
+    ) -> dict:
        token_record = await self.session.auth.get_one_or_none(token=refresh_token)
        if not token_record or token_record.user_id != user_data.id:
            raise HTTPException(status_code=401, detail="Invalid refresh token")
--- a/tests/integration_tests/test_auth_api.py
+++ b/tests/integration_tests/test_auth_api.py
@@ -1,3 +1,4 @@
+import pytest
 from httpx import AsyncClient

 from src.core.settings import settings
@@ -15,14 +16,30 @@ async def test_registration(ac):
    assert result.json()["is_active"]


-async def test_login(ac: AsyncClient):
+@pytest.mark.parametrize(
+    "fingerprint, username,password,expected_status",
+    [("string", "kot", "P@ssw0rd", 200), ("", "kot", "P@ssw0rd", 422)],
+)
+async def test_login(
+    ac: AsyncClient,
+    fingerprint: str,
+    username: str,
+    password: str,
+    expected_status: int,
+):
    result = await ac.post(
        f"{settings.api.v1_login_url}/login",
        data={
+            "fingerprint": fingerprint,
            "grant_type": "password",
-            "username": "kot",
-            "password": "P@ssw0rd",
+            "username": username,
+            "password": password,
        },
    )
-    assert result.status_code == 200
-    assert result.json().get("access_token")
+    assert result.status_code == expected_status
+    if expected_status == 200:
+        assert result.json().get("access_token") is not None
+    else:
+        json_response = result.json()
+        if expected_status == 422:
+            assert "detail" in json_response
Author	SHA1	Message	Date
IluaAir	67a570ceac	format and login exception	2025-09-27 12:07:31 +03:00
IluaAir	966b59ff20	fix max age	2025-09-27 12:00:17 +03:00
IluaAir	b87c37b149	add test fingerprint	2025-09-27 11:52:55 +03:00