This repository was archived by the owner on Jan 1, 2026. It is now read-only.
Commit d9c3b7e
authored
Secure registration and add login with and without OTP (#7)
* Refactor user registration to use PostgreSQL stored procedure and sanitize username input
* Refactor user registration to use UserRegister schema and remove UserCreate
* Refactor username sanitization: move sanitize_username function to string_utils and remove username.py
* Enhance user registration: add HTTPException for existing users and improve code structure
* Add docstring to user registration endpoint for clarity
* Fix attribute name in User model: update language_id to language_iso_code for clarity
* Refactor language preference handling: rename language_iso_code to language_id in User model and registration schema for consistency
* Implement email confirmation feature and login endpoint
* Enhance login endpoint
* Implement 2FA login flow and enhance user registration with OTP secret generation
* Move in-memory store declaration for clarity
* Bump version to 1.2.0 for API and 0.3.0 for application; update breaking change label in version bump workflow
* Refactor tasks.json to improve structure and remove unnecessary runOptions
* Add pyotp dependency for OTP functionality
* Update default email configuration values in send_email.py for better clarity
* Enhance documentation and restructure email utility modules for clarity and maintainability
* Update linter configuration and clean up unused init files
* Update permissions in super-linter.yml to allow write access for contents
* Super-Linter: Fix linting issues
* Refactor Super Linter configuration to simplify validation settings
* Super-Linter: Fix linting issues
* Cleanup: Remove obsolete Super Linter output files and update .gitignore
* Update .gitignore to include Super Linter output files
* docs: Update module docstring for clarity and formatting
* Add email confirmation tests
* Super-Linter: Fix linting issues
* Update dependency installation to use requirements-dev.txt
* Remove confirmation token from email response
* Refactor security utility functions and enhance test coverage with new fixtures and tests for email and phone encryption, hashing, and verification token generation.
* Add test for non-empty encrypted fields to ensure encryption integrity
* Enhance OTP verification function to support HOTP counter parameter
* Add test for hash field length to validate SHA-256 output
* Add unit tests for OTP verification functionality
* Refactor password verification function and add comprehensive tests for verification logic
* Refactor password verification tests to use fixtures for hashed and wrong passwords
* Refactor test client setup in API tests to use FastAPI app instances directly and remove utility functions for versioned requests.
* Implement session and refresh token management in authentication endpoints; add utility functions for token creation and hashing.
* Refactor authentication endpoints to improve device info handling and add payload generation fixtures for login and OTP tests
* Refactor authentication endpoints to streamline device info handling and remove unnecessary fields from login payloads in schemas and tests.
* Refactor login tests to simplify function signatures by removing unnecessary parameters.
* Refactor device info extraction and session creation in login endpoint for improved clarity and reusability.
* Add user agent handling to session token saving and login process
* Remove unused TODO functions as the Database will handle the removal of old session and refresh tokens
* Add user agent string to login OTP session and refresh token saving
* Add greenlet dependency to requirements for improved concurrency support
* Refactor session creation to include user agent string and update tests to remove user_id assertions
* Refactor test_login_2fa_required_returns_2fa_token to simplify patching of dependencies
* Update version constraints in requirements.txt for better dependency management
* Add unit tests for sanitize_username function to validate username sanitization logic
* Update version constraints in requirements-dev.txt for build and testing dependencies1 parent 9fedd95 commit d9c3b7e
39 files changed
Lines changed: 1717 additions & 172 deletions
File tree
- .devcontainer
- .github/workflows
- .vscode
- app
- routes/v1
- endpoints
- schemas
- email
- user
- templates
- utility
- email
- tests
- test_routes/v1
- test_utility
- utils
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
14 | 14 | | |
15 | 15 | | |
16 | 16 | | |
| 17 | + | |
| 18 | + | |
| 19 | + | |
17 | 20 | | |
18 | 21 | | |
19 | 22 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
45 | 45 | | |
46 | 46 | | |
47 | 47 | | |
48 | | - | |
49 | | - | |
| 48 | + | |
| 49 | + | |
50 | 50 | | |
51 | 51 | | |
52 | 52 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
51 | 51 | | |
52 | 52 | | |
53 | 53 | | |
54 | | - | |
| 54 | + | |
55 | 55 | | |
56 | 56 | | |
57 | 57 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
2 | 2 | | |
3 | 3 | | |
4 | 4 | | |
5 | | - | |
| 5 | + | |
6 | 6 | | |
7 | 7 | | |
8 | 8 | | |
| |||
27 | 27 | | |
28 | 28 | | |
29 | 29 | | |
30 | | - | |
31 | | - | |
32 | | - | |
33 | | - | |
| 30 | + | |
34 | 31 | | |
35 | 32 | | |
36 | 33 | | |
| |||
48 | 45 | | |
49 | 46 | | |
50 | 47 | | |
| 48 | + | |
51 | 49 | | |
52 | 50 | | |
| 51 | + | |
| 52 | + | |
| 53 | + | |
53 | 54 | | |
54 | 55 | | |
55 | 56 | | |
| 57 | + | |
| 58 | + | |
56 | 59 | | |
57 | | - | |
58 | 60 | | |
59 | 61 | | |
60 | 62 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
187 | 187 | | |
188 | 188 | | |
189 | 189 | | |
| 190 | + | |
| 191 | + | |
| 192 | + | |
| 193 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
7 | 7 | | |
8 | 8 | | |
9 | 9 | | |
10 | | - | |
| 10 | + | |
| 11 | + | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
11 | 15 | | |
12 | 16 | | |
13 | 17 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
7 | 7 | | |
8 | 8 | | |
9 | 9 | | |
10 | | - | |
| 10 | + | |
| 11 | + | |
11 | 12 | | |
12 | 13 | | |
13 | | - | |
| 14 | + | |
14 | 15 | | |
15 | | - | |
16 | 16 | | |
17 | | - | |
| 17 | + | |
18 | 18 | | |
19 | 19 | | |
20 | 20 | | |
21 | 21 | | |
22 | | - | |
| 22 | + | |
23 | 23 | | |
24 | 24 | | |
25 | 25 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
5 | 5 | | |
6 | 6 | | |
7 | 7 | | |
8 | | - | |
9 | 8 | | |
10 | 9 | | |
11 | | - | |
| 10 | + | |
| 11 | + | |
12 | 12 | | |
13 | 13 | | |
14 | 14 | | |
15 | 15 | | |
16 | 16 | | |
17 | | - | |
18 | | - | |
19 | | - | |
| 17 | + | |
| 18 | + | |
| 19 | + | |
20 | 20 | | |
21 | 21 | | |
22 | 22 | | |
23 | 23 | | |
24 | | - | |
25 | | - | |
26 | | - | |
27 | | - | |
| 24 | + | |
28 | 25 | | |
29 | 26 | | |
30 | 27 | | |
31 | 28 | | |
32 | 29 | | |
33 | 30 | | |
34 | | - | |
35 | | - | |
36 | | - | |
37 | | - | |
| 31 | + | |
| 32 | + | |
| 33 | + | |
| 34 | + | |
38 | 35 | | |
39 | 36 | | |
40 | | - | |
| 37 | + | |
41 | 38 | | |
42 | | - | |
| 39 | + | |
43 | 40 | | |
44 | 41 | | |
45 | 42 | | |
46 | | - | |
47 | | - | |
48 | | - | |
49 | | - | |
50 | | - | |
51 | | - | |
52 | | - | |
| 43 | + | |
53 | 44 | | |
54 | 45 | | |
55 | 46 | | |
56 | 47 | | |
57 | 48 | | |
58 | | - | |
59 | | - | |
60 | | - | |
61 | | - | |
62 | 49 | | |
63 | 50 | | |
64 | 51 | | |
65 | | - | |
| 52 | + | |
| 53 | + | |
66 | 54 | | |
67 | 55 | | |
68 | 56 | | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
5 | 5 | | |
6 | 6 | | |
7 | 7 | | |
| 8 | + | |
8 | 9 | | |
9 | 10 | | |
10 | 11 | | |
11 | | - | |
| 12 | + | |
12 | 13 | | |
13 | 14 | | |
14 | 15 | | |
15 | 16 | | |
| 17 | + | |
16 | 18 | | |
17 | 19 | | |
0 commit comments