Secure registration and add login with and without OTP (#7)

* Refactor user registration to use PostgreSQL stored procedure and sanitize username input

* Refactor user registration to use UserRegister schema and remove UserCreate

* Refactor username sanitization: move sanitize_username function to string_utils and remove username.py

* Enhance user registration: add HTTPException for existing users and improve code structure

* Add docstring to user registration endpoint for clarity

* Fix attribute name in User model: update language_id to language_iso_code for clarity

* Refactor language preference handling: rename language_iso_code to language_id in User model and registration schema for consistency

* Implement email confirmation feature and login endpoint

* Enhance login endpoint

* Implement 2FA login flow and enhance user registration with OTP secret generation

* Move in-memory store declaration for clarity

* Bump version to 1.2.0 for API and 0.3.0 for application; update breaking change label in version bump workflow

* Refactor tasks.json to improve structure and remove unnecessary runOptions

* Add pyotp dependency for OTP functionality

* Update default email configuration values in send_email.py for better clarity

* Enhance documentation and restructure email utility modules for clarity and maintainability

* Update linter configuration and clean up unused init files

* Update permissions in super-linter.yml to allow write access for contents

* Super-Linter: Fix linting issues

* Refactor Super Linter configuration to simplify validation settings

* Super-Linter: Fix linting issues

* Cleanup: Remove obsolete Super Linter output files and update .gitignore

* Update .gitignore to include Super Linter output files

* docs: Update module docstring for clarity and formatting

* Add email confirmation tests

* Super-Linter: Fix linting issues

* Update dependency installation to use requirements-dev.txt

* Remove confirmation token from email response

* Refactor security utility functions and enhance test coverage with new fixtures and tests for email and phone encryption, hashing, and verification token generation.

* Add test for non-empty encrypted fields to ensure encryption integrity

* Enhance OTP verification function to support HOTP counter parameter

* Add test for hash field length to validate SHA-256 output

* Add unit tests for OTP verification functionality

* Refactor password verification function and add comprehensive tests for verification logic

* Refactor password verification tests to use fixtures for hashed and wrong passwords

* Refactor test client setup in API tests to use FastAPI app instances directly and remove utility functions for versioned requests.

* Implement session and refresh token management in authentication endpoints; add utility functions for token creation and hashing.

* Refactor authentication endpoints to improve device info handling and add payload generation fixtures for login and OTP tests

* Refactor authentication endpoints to streamline device info handling and remove unnecessary fields from login payloads in schemas and tests.

* Refactor login tests to simplify function signatures by removing unnecessary parameters.

* Refactor device info extraction and session creation in login endpoint for improved clarity and reusability.

* Add user agent handling to session token saving and login process

* Remove unused TODO functions as the Database will handle the removal of old session and refresh tokens

* Add user agent string to login OTP session and refresh token saving

* Add greenlet dependency to requirements for improved concurrency support

* Refactor session creation to include user agent string and update tests to remove user_id assertions

* Refactor test_login_2fa_required_returns_2fa_token to simplify patching of dependencies

* Update version constraints in requirements.txt for better dependency management

* Add unit tests for sanitize_username function to validate username sanitization logic

* Update version constraints in requirements-dev.txt for build and testing dependencies

Author: Vianpyro

.devcontainer/devcontainer.json

@@ -14,6 +14,9 @@
             ]
         }
     },
+    "otherPortsAttributes": {
+        "onAutoForward": "ignore"
+    },
     "postStartCommand": "pip3 install --user -r requirements-dev.txt",
     "postAttachCommand": "python3 -m pytest tests",
     "remoteUser": "vscode"

.github/workflows/run-unit-tests.yml

@@ -45,8 +45,8 @@ jobs:
 
       - name: Install dependencies
         run: |
-          pip install -r requirements.txt
-          pip install pytest pytest-cov
+          pip install -r requirements-dev.txt
+          pip install pytest-cov
 
       - name: Run Pytest (Linux/macOS)
         if: runner.os != 'Windows'

.github/workflows/suggest-version-bump.yml

@@ -51,7 +51,7 @@ jobs:
           BUMP="patch"
           echo "$LABELS" | grep -q 'type: feature' && BUMP="minor"
           echo "$LABELS" | grep -q 'type: security' && BUMP="minor"
-          echo "$LABELS" | grep -q 'type: breaking' && BUMP="major"
+          echo "$LABELS" | grep -q 'special: breaking change' && BUMP="major"
           echo "bump=$BUMP" >> "$GITHUB_OUTPUT"
 
       - name: Get latest tag

.github/workflows/super-linter.yml

@@ -2,7 +2,7 @@
 name: Lint
 
 permissions:
-  contents: read
+  contents: write
   packages: read
   statuses: write
 
@@ -27,10 +27,7 @@ jobs:
         uses: super-linter/super-linter/slim@v7
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          VALIDATE_ALL_CODEBASE: false
-          FILTER_REGEX_EXCLUDE: '(.devcontainer/Dockerfile|.github/pull_request_template.md|.github/ISSUE_TEMPLATE/*.md)'
-          VALIDATE_PYTHON_ISORT: false
-          VALIDATE_PYTHON_MYPY: false
+          DISABLE_ERRORS: true
 
   fix-lint:
     name: Fix Lint
@@ -48,13 +45,18 @@ jobs:
           VALIDATE_ALL_CODEBASE: false
           FILTER_REGEX_EXCLUDE: '(.github/pull_request_template.md|.github/ISSUE_TEMPLATE/*.md)'
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          VALIDATE_DOCKERFILE_HADOLINT: false
           VALIDATE_PYTHON_ISORT: false
           VALIDATE_PYTHON_MYPY: false
+          VALIDATE_PYTHON_PYLINT: false
+          FIX_HTML_PRETTIER: true
+          FIX_JSON: true
           FIX_JSON_PRETTIER: true
           FIX_MARKDOWN: true
           FIX_MARKDOWN_PRETTIER: true
+          FIX_PYTHON_BLACK: true
+          FIX_PYTHON_RUFF: true
           FIX_YAML_PRETTIER: true
-          VALIDATE_DOCKERFILE_HADOLINT: false
 
       - name: Commit and push linting fixes
         if: >

.gitignore

@@ -187,3 +187,7 @@ cython_debug/
 #  refer to https://docs.cursor.com/context/ignore-files
 .cursorignore
 .cursorindexingignore
+
+# # Super Linter output
+github_conf/branch_protection_rules.json
+super-linter-output/super-linter-summary.md

.prettierrc

@@ -7,7 +7,11 @@
     "singleQuote": true,
     "overrides": [
         {
-            "files": ["*.yml", "*.yaml", "*.md"],
+            "files": [
+                "*.yml",
+                "*.yaml",
+                "*.md"
+            ],
             "options": {
                 "tabWidth": 2
             }

.vscode/settings.json

@@ -7,19 +7,19 @@
     "files.trimTrailingWhitespace": true,
     "files.exclude": {
         "**/__pycache__": true,
-        "**/.pytest_cache": true
+        "**/.pytest_cache": true,
+        "**/*.egg-info": true
     },
     "[python]": {
-        "editor.rulers": [88],
+        "editor.rulers": [80],
         "editor.defaultFormatter": "ms-python.black-formatter",
-        "editor.formatOnSave": true,
         "editor.codeActionsOnSave": {
-            "source.organizeImports": "explicit"
+            "source.organizeImports": "always"
         }
     },
     "isort.args": ["--profile", "black"],
     "triggerTaskOnSave.tasks": {
-        "Run on test file": ["tests/**/test_*.py"],
+        "Run file tests": ["tests/**/test_*.py"],
         "Run all tests": ["app/**/*.py", "!tests/**"]
     },
     "python.testing.unittestEnabled": false,

.vscode/tasks.json

@@ -5,64 +5,52 @@
             "label": "Delete old Git branches",
             "type": "shell",
             "command": "git fetch --prune && git fetch -p ; git branch -r | awk '{print $1}' | egrep -v -f /dev/fd/0 <(git branch -vv | grep origin) | awk '{print $1}' | xargs git branch -D",
-            "problemMatcher": [],
             "presentation": {
                 "showReuseMessage": false
-            }
+            },
+            "problemMatcher": []
         },
         {
             "label": "Package app",
             "type": "shell",
             "command": "rm -rf build dist *.egg-info && python -m build",
-            "problemMatcher": [],
-            "runOptions": {
-                "runOn": "default"
+            "group": {
+                "kind": "build",
+                "isDefault": true
             },
             "presentation": {
                 "panel": "dedicated"
             },
-            "group": {
-                "kind": "build",
-                "isDefault": true
-            }
+            "problemMatcher": []
         },
         {
             "label": "Run all tests",
             "type": "shell",
             "command": "python3 -m pytest tests",
             "group": "build",
-            "problemMatcher": [],
-            "runOptions": {
-                "runOn": "default"
-            }
+            "presentation": {
+                "close": true
+            },
+            "problemMatcher": []
         },
         {
-            "label": "Run on test file",
+            "label": "Run file tests",
             "type": "shell",
-            "command": "python3 -m pytest '${relativeFile}' -v -x",
+            "command": "python3 -m pytest '${file}' -v -x",
             "group": {
                 "kind": "test"
             },
-            "presentation": {
-                "close": true
-            },
-            "problemMatcher": [],
-            "runOptions": {
-                "runOn": "default",
-            }
+            "problemMatcher": []
         },
         {
             "label": "Start FastAPI server",
             "type": "shell",
             "command": "uvicorn app.main:app --reload",
-            "problemMatcher": [],
-            "runOptions": {
-                "runOn": "default"
-            },
             "presentation": {
                 "panel": "dedicated",
                 "close": true
-            }
+            },
+            "problemMatcher": []
         }
     ]
 }

app/routes/v1/__init__.py

@@ -5,13 +5,15 @@
 from fastapi import FastAPI
 
 from .endpoints.authentication import router as auth_router
+from .endpoints.email import router as email_router
 from .endpoints.orders import router as order_router
 from .endpoints.products import router as product_router
 
-__version__ = "1.1.0"
+__version__ = "1.2.0"
 
 api = FastAPI(title="ChocoMax Shop API", version=__version__)
 
 api.include_router(auth_router, prefix="/auth", tags=["Authentication"])
+api.include_router(email_router, prefix="/email", tags=["Email"])
 api.include_router(product_router, prefix="/products", tags=["Products"])
 api.include_router(order_router, prefix="/orders", tags=["Orders"])