Flowfile 0.5.1__py3-none-any.whl → 0.5.4__py3-none-any.whl

flowfile_core/flowfile/util/node_skipper.py

@@ -1,8 +1,8 @@
-from typing import List
 from flowfile_core.flowfile.flow_node.flow_node import FlowNode
 
-def determine_nodes_to_skip(nodes : List[FlowNode]) -> List[FlowNode]:
-    """ Finds nodes to skip on the execution step. """
+
+def determine_nodes_to_skip(nodes: list[FlowNode]) -> list[FlowNode]:
+    """Finds nodes to skip on the execution step."""
     skip_nodes = [node for node in nodes if not node.is_correct]
     skip_nodes.extend([lead_to_node for node in skip_nodes for lead_to_node in node.leads_to_nodes])
-    return skip_nodes
+    return skip_nodes

flowfile_core/flowfile/utils.py

@@ -1,15 +1,13 @@
-import os
+import datetime
+import hashlib
 import json
+import os
+import random
 import shutil
-
-import datetime
-from typing import List
-from decimal import Decimal
+import socket
 import time
-import random
 import uuid
-import socket
-import hashlib
+from decimal import Decimal
 
 
 def generate_sha256_hash(data: bytes):
@@ -25,25 +23,25 @@ def create_directory_if_not_exists(directory: str):
 
 def snake_case_to_camel_case(text: str) -> str:
     # Split the text by underscores, capitalize each piece, and join them together
-    transformed_text = ''.join(word.capitalize() for word in text.split('_'))
+    transformed_text = "".join(word.capitalize() for word in text.split("_"))
     return transformed_text
 
 
 def json_default(val):
     if isinstance(val, datetime.datetime):
-        return val.isoformat(timespec='microseconds')
+        return val.isoformat(timespec="microseconds")
     elif isinstance(val, datetime.date):
         return val.isoformat()
     elif isinstance(val, datetime.time):
         return val.isoformat()
-    elif hasattr(val, '__dict__'):
+    elif hasattr(val, "__dict__"):
         return val.__dict__
     elif isinstance(val, Decimal):
         if val.as_integer_ratio()[1] == 1:
             return int(val)
         return float(val)
     else:
-        raise Exception('Value is not serializable')
+        raise Exception("Value is not serializable")
 
 
 def json_dumps(thing) -> str:
@@ -53,22 +51,22 @@ def json_dumps(thing) -> str:
         ensure_ascii=False,
         sort_keys=True,
         indent=None,
-        separators=(',', ':'),
+        separators=(",", ":"),
     )
 
 
 def get_hash(val):
-    if hasattr(val, 'overridden_hash') and val.overridden_hash():
+    if hasattr(val, "overridden_hash") and val.overridden_hash():
         val = hash(val)
-    elif hasattr(val, '__dict__'):
-        val = {k: v for k, v in val.__dict__.items() if k not in {'pos_x', 'pos_y', 'description'}}
-    elif hasattr(val, 'json'):
+    elif hasattr(val, "__dict__"):
+        val = {k: v for k, v in val.__dict__.items() if k not in {"pos_x", "pos_y", "description"}}
+    elif hasattr(val, "json"):
         pass
-    return generate_sha256_hash(json_dumps(val).encode('utf-8'))
+    return generate_sha256_hash(json_dumps(val).encode("utf-8"))
 
 
-def cleanup(start_location: str = 'temp_storage'):
-    def get_all_files_and_folders(_start_location) -> List[str]:
+def cleanup(start_location: str = "temp_storage"):
+    def get_all_files_and_folders(_start_location) -> list[str]:
         inspect_items = [_start_location]
         output = []
         while len(inspect_items) > 0:
@@ -107,7 +105,7 @@ def cleanup(start_location: str = 'temp_storage'):
             shutil.rmtree(_f)
 
 
-def batch_generator(input_list: List, batch_size: int = 10000):
+def batch_generator(input_list: list, batch_size: int = 10000):
     run: bool = True
     while run:
         if len(input_list) > batch_size:

flowfile_core/main.py

@@ -7,27 +7,34 @@ import uvicorn
 from fastapi import FastAPI
 from fastapi.middleware.cors import CORSMiddleware
 
-from shared.storage_config import storage
-
 from flowfile_core import ServerRun
-from flowfile_core.configs.settings import (SERVER_HOST, SERVER_PORT, WORKER_HOST, WORKER_PORT, WORKER_URL,)
-
+from flowfile_core.configs.flow_logger import clear_all_flow_logs
+from flowfile_core.configs.settings import (
+    SERVER_HOST,
+    SERVER_PORT,
+    WORKER_HOST,
+    WORKER_PORT,
+    WORKER_URL,
+)
 from flowfile_core.routes.auth import router as auth_router
-from flowfile_core.routes.secrets import router as secrets_router
-from flowfile_core.routes.routes import router
-from flowfile_core.routes.public import router as public_router
-from flowfile_core.routes.logs import router as logs_router
 from flowfile_core.routes.cloud_connections import router as cloud_connections_router
+from flowfile_core.routes.logs import router as logs_router
+from flowfile_core.routes.public import router as public_router
+from flowfile_core.routes.routes import router
+from flowfile_core.routes.secrets import router as secrets_router
 from flowfile_core.routes.user_defined_components import router as user_defined_components_router
+from shared.storage_config import storage
 
-from flowfile_core.configs.flow_logger import clear_all_flow_logs
 storage.cleanup_directories()
 
-os.environ["FLOWFILE_MODE"] = "electron"
+# Set default mode to electron if not already set (allows Docker mode override)
+if "FLOWFILE_MODE" not in os.environ:
+    os.environ["FLOWFILE_MODE"] = "electron"
 
 should_exit = False
 server_instance = None
 
+
 @asynccontextmanager
 async def shutdown_handler(app: FastAPI):
     """Handles the graceful startup and shutdown of the FastAPI application.
@@ -35,11 +42,11 @@ async def shutdown_handler(app: FastAPI):
     This context manager ensures that resources, such as log files, are cleaned
     up properly when the application is terminated.
     """
-    print('Starting core application...')
+    print("Starting core application...")
     try:
         yield
     finally:
-        print('Shutting down core application...')
+        print("Shutting down core application...")
         print("Cleaning up core service resources...")
         clear_all_flow_logs()
         await asyncio.sleep(0.1)  # Give a moment for cleanup
@@ -47,10 +54,10 @@ async def shutdown_handler(app: FastAPI):
 
 # Initialize FastAPI with metadata
 app = FastAPI(
-    title='Flowfile Backend',
-    version='0.1',
-    description='Backend for the Flowfile application',
-    lifespan=shutdown_handler
+    title="Flowfile Backend",
+    version="0.1",
+    description="Backend for the Flowfile application",
+    lifespan=shutdown_handler,
 )
 
 # Configure CORS
@@ -63,7 +70,7 @@ origins = [
     "http://localhost:4173",
     "http://localhost:4174",
     "http://localhost:63578",
-    "http://127.0.0.1:63578"
+    "http://127.0.0.1:63578",
 ]
 
 app.add_middleware(
@@ -148,8 +155,8 @@ def run(host: str = None, port: int = None):
     server = uvicorn.Server(config)
     server_instance = server  # Store server instance globally
 
-    print('Starting core server...')
-    print('Core server started')
+    print("Starting core server...")
+    print("Core server started")
 
     try:
         server.run()

flowfile_core/routes/auth.py

@@ -1,34 +1,307 @@
 # app_routes/auth.py
 
 import os
+from typing import Optional, List
 
-from fastapi import APIRouter, Depends, HTTPException, status, Request
+from fastapi import APIRouter, Depends, HTTPException, status, Request, Form
 from sqlalchemy.orm import Session
 
-from flowfile_core.auth.jwt import get_current_active_user, create_access_token
-from flowfile_core.auth.models import Token, User
+from flowfile_core.auth.jwt import get_current_active_user, get_current_admin_user, create_access_token
+from flowfile_core.auth.models import Token, User, UserCreate, UserUpdate, ChangePassword
+from flowfile_core.auth.password import verify_password, get_password_hash, validate_password, PASSWORD_REQUIREMENTS
 from flowfile_core.database.connection import get_db
+from flowfile_core.database import models as db_models
 
 router = APIRouter()
 
 
 @router.post("/token", response_model=Token)
-async def login_for_access_token(request: Request, db: Session = Depends(get_db)):
+async def login_for_access_token(
+    request: Request,
+    db: Session = Depends(get_db),
+    username: Optional[str] = Form(None),
+    password: Optional[str] = Form(None)
+):
     # In Electron mode, auto-authenticate without requiring form data
-    if os.environ.get("FLOWFILE_MODE") == "electron" or 1 == 1:
+    if os.environ.get("FLOWFILE_MODE") == "electron":
         access_token = create_access_token(data={"sub": "local_user"})
         return {"access_token": access_token, "token_type": "bearer"}
     else:
         # In Docker mode, authenticate against database
-        # Would typically process form data here
-        raise HTTPException(
-            status_code=status.HTTP_401_UNAUTHORIZED,
-            detail="Docker mode authentication not implemented yet",
-            headers={"WWW-Authenticate": "Bearer"},
-        )
+        if not username or not password:
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                detail="Incorrect username or password",
+                headers={"WWW-Authenticate": "Bearer"},
+            )
+
+        user = db.query(db_models.User).filter(
+            db_models.User.username == username
+        ).first()
+
+        if not user or not verify_password(password, user.hashed_password):
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                detail="Incorrect username or password",
+                headers={"WWW-Authenticate": "Bearer"},
+            )
+
+        access_token = create_access_token(data={"sub": user.username})
+        return {"access_token": access_token, "token_type": "bearer"}
 
 
 # Get current user endpoint
 @router.get("/users/me", response_model=User)
 async def read_users_me(current_user=Depends(get_current_active_user)):
     return current_user
+
+
+# ============= Admin User Management Endpoints =============
+
+@router.get("/users", response_model=List[User])
+async def list_users(
+    current_user: User = Depends(get_current_admin_user),
+    db: Session = Depends(get_db)
+):
+    """List all users (admin only)"""
+    users = db.query(db_models.User).all()
+    return [
+        User(
+            username=u.username,
+            id=u.id,
+            email=u.email,
+            full_name=u.full_name,
+            disabled=u.disabled,
+            is_admin=u.is_admin,
+            must_change_password=u.must_change_password
+        )
+        for u in users
+    ]
+
+
+@router.post("/users", response_model=User)
+async def create_user(
+    user_data: UserCreate,
+    current_user: User = Depends(get_current_admin_user),
+    db: Session = Depends(get_db)
+):
+    """Create a new user (admin only)"""
+    # Check if username already exists
+    existing_user = db.query(db_models.User).filter(
+        db_models.User.username == user_data.username
+    ).first()
+    if existing_user:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Username already exists"
+        )
+
+    # Check if email already exists (if provided)
+    if user_data.email:
+        existing_email = db.query(db_models.User).filter(
+            db_models.User.email == user_data.email
+        ).first()
+        if existing_email:
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail="Email already exists"
+            )
+
+    # Validate password requirements
+    is_valid, error_message = validate_password(user_data.password)
+    if not is_valid:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail=error_message
+        )
+
+    # Create new user with must_change_password=True
+    hashed_password = get_password_hash(user_data.password)
+    new_user = db_models.User(
+        username=user_data.username,
+        email=user_data.email or f"{user_data.username}@flowfile.app",
+        full_name=user_data.full_name,
+        hashed_password=hashed_password,
+        is_admin=user_data.is_admin,
+        must_change_password=True
+    )
+    db.add(new_user)
+    db.commit()
+    db.refresh(new_user)
+
+    return User(
+        username=new_user.username,
+        id=new_user.id,
+        email=new_user.email,
+        full_name=new_user.full_name,
+        disabled=new_user.disabled,
+        is_admin=new_user.is_admin,
+        must_change_password=new_user.must_change_password
+    )
+
+
+@router.put("/users/{user_id}", response_model=User)
+async def update_user(
+    user_id: int,
+    user_data: UserUpdate,
+    current_user: User = Depends(get_current_admin_user),
+    db: Session = Depends(get_db)
+):
+    """Update a user (admin only)"""
+    user = db.query(db_models.User).filter(db_models.User.id == user_id).first()
+    if not user:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="User not found"
+        )
+
+    # Prevent admin from disabling themselves
+    if user.id == current_user.id and user_data.disabled:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Cannot disable your own account"
+        )
+
+    # Prevent admin from removing their own admin status
+    if user.id == current_user.id and user_data.is_admin is False:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Cannot remove your own admin privileges"
+        )
+
+    # Update fields
+    if user_data.email is not None:
+        # Check if email already exists for another user
+        existing_email = db.query(db_models.User).filter(
+            db_models.User.email == user_data.email,
+            db_models.User.id != user_id
+        ).first()
+        if existing_email:
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail="Email already exists"
+            )
+        user.email = user_data.email
+
+    if user_data.full_name is not None:
+        user.full_name = user_data.full_name
+
+    if user_data.disabled is not None:
+        user.disabled = user_data.disabled
+
+    if user_data.is_admin is not None:
+        user.is_admin = user_data.is_admin
+
+    if user_data.password is not None:
+        # Validate password requirements
+        is_valid, error_message = validate_password(user_data.password)
+        if not is_valid:
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail=error_message
+            )
+        user.hashed_password = get_password_hash(user_data.password)
+        # Reset must_change_password when admin sets a new password
+        user.must_change_password = True
+
+    if user_data.must_change_password is not None:
+        user.must_change_password = user_data.must_change_password
+
+    db.commit()
+    db.refresh(user)
+
+    return User(
+        username=user.username,
+        id=user.id,
+        email=user.email,
+        full_name=user.full_name,
+        disabled=user.disabled,
+        is_admin=user.is_admin,
+        must_change_password=user.must_change_password
+    )
+
+
+@router.delete("/users/{user_id}")
+async def delete_user(
+    user_id: int,
+    current_user: User = Depends(get_current_admin_user),
+    db: Session = Depends(get_db)
+):
+    """Delete a user (admin only)"""
+    user = db.query(db_models.User).filter(db_models.User.id == user_id).first()
+    if not user:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="User not found"
+        )
+
+    # Prevent admin from deleting themselves
+    if user.id == current_user.id:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Cannot delete your own account"
+        )
+
+    # Delete user's secrets and connections first (cascade)
+    db.query(db_models.Secret).filter(db_models.Secret.user_id == user_id).delete()
+    db.query(db_models.DatabaseConnection).filter(db_models.DatabaseConnection.user_id == user_id).delete()
+    db.query(db_models.CloudStorageConnection).filter(db_models.CloudStorageConnection.user_id == user_id).delete()
+
+    db.delete(user)
+    db.commit()
+
+    return {"message": f"User '{user.username}' deleted successfully"}
+
+
+# ============= User Self-Service Endpoints =============
+
+@router.post("/users/me/change-password", response_model=User)
+async def change_own_password(
+    password_data: ChangePassword,
+    current_user: User = Depends(get_current_active_user),
+    db: Session = Depends(get_db)
+):
+    """Change the current user's password"""
+    user = db.query(db_models.User).filter(db_models.User.id == current_user.id).first()
+    if not user:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="User not found"
+        )
+
+    # Verify current password
+    if not verify_password(password_data.current_password, user.hashed_password):
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Current password is incorrect"
+        )
+
+    # Validate new password requirements
+    is_valid, error_message = validate_password(password_data.new_password)
+    if not is_valid:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail=error_message
+        )
+
+    # Update password and clear must_change_password flag
+    user.hashed_password = get_password_hash(password_data.new_password)
+    user.must_change_password = False
+    db.commit()
+    db.refresh(user)
+
+    return User(
+        username=user.username,
+        id=user.id,
+        email=user.email,
+        full_name=user.full_name,
+        disabled=user.disabled,
+        is_admin=user.is_admin,
+        must_change_password=user.must_change_password
+    )
+
+
+@router.get("/password-requirements")
+async def get_password_requirements():
+    """Get password requirements for client-side validation"""
+    return PASSWORD_REQUIREMENTS

flowfile_core/routes/cloud_connections.py

@@ -1,16 +1,17 @@
-from typing import List
-
-from fastapi import HTTPException, Depends, APIRouter
+from fastapi import APIRouter, Depends, HTTPException
 from sqlalchemy.orm import Session
 
 # Core modules
 from flowfile_core.auth.jwt import get_current_active_user
 from flowfile_core.configs import logger
 from flowfile_core.database.connection import get_db
-from flowfile_core.flowfile.database_connection_manager.db_connections import (store_cloud_connection,
-                                                                               get_cloud_connection_schema,
-                                                                               get_all_cloud_connections_interface,
-                                                                               delete_cloud_connection)
+from flowfile_core.flowfile.database_connection_manager.db_connections import (
+    delete_cloud_connection,
+    get_all_cloud_connections_interface,
+    get_cloud_connection_schema,
+    store_cloud_connection,
+)
+
 # Schema and models
 from flowfile_core.schemas.cloud_storage_schemas import FullCloudStorageConnection, FullCloudStorageConnectionInterface
 
@@ -19,11 +20,12 @@ from flowfile_core.schemas.cloud_storage_schemas import FullCloudStorageConnecti
 router = APIRouter()
 
 
-@router.post("/cloud_connection", tags=['cloud_connections'])
-def create_cloud_storage_connection(input_connection: FullCloudStorageConnection,
-                                    current_user=Depends(get_current_active_user),
-                                    db: Session = Depends(get_db)
-                                    ):
+@router.post("/cloud_connection", tags=["cloud_connections"])
+def create_cloud_storage_connection(
+    input_connection: FullCloudStorageConnection,
+    current_user=Depends(get_current_active_user),
+    db: Session = Depends(get_db),
+):
     """
     Create a new cloud storage connection.
     Parameters
@@ -33,38 +35,36 @@ def create_cloud_storage_connection(input_connection: FullCloudStorageConnection
     Returns
         Dict with a success message
     """
-    logger.info(f'Create cloud connection {input_connection.connection_name}')
+    logger.info(f"Create cloud connection {input_connection.connection_name}")
     try:
         store_cloud_connection(db, input_connection, current_user.id)
     except ValueError:
-        raise HTTPException(422, 'Connection name already exists')
+        raise HTTPException(422, "Connection name already exists")
     except Exception as e:
         logger.error(e)
         raise HTTPException(422, str(e))
     return {"message": "Cloud connection created successfully"}
 
 
-@router.delete('/cloud_connection', tags=['cloud_connections'])
-def delete_cloud_connection_with_connection_name(connection_name: str,
-                                                 current_user=Depends(get_current_active_user),
-                                                 db: Session = Depends(get_db)
-                                                 ):
+@router.delete("/cloud_connection", tags=["cloud_connections"])
+def delete_cloud_connection_with_connection_name(
+    connection_name: str, current_user=Depends(get_current_active_user), db: Session = Depends(get_db)
+):
     """
     Delete a cloud connection.
     """
-    logger.info(f'Deleting cloud connection {connection_name}')
+    logger.info(f"Deleting cloud connection {connection_name}")
     cloud_storage_connection = get_cloud_connection_schema(db, connection_name, current_user.id)
     if cloud_storage_connection is None:
-        raise HTTPException(404, 'Cloud connection connection not found')
+        raise HTTPException(404, "Cloud connection connection not found")
     delete_cloud_connection(db, connection_name, current_user.id)
     return {"message": "Cloud connection deleted successfully"}
 
 
-@router.get('/cloud_connections', tags=['cloud_connection'],
-            response_model=List[FullCloudStorageConnectionInterface])
+@router.get("/cloud_connections", tags=["cloud_connection"], response_model=list[FullCloudStorageConnectionInterface])
 def get_cloud_connections(
-        db: Session = Depends(get_db),
-        current_user=Depends(get_current_active_user)) -> List[FullCloudStorageConnectionInterface]:
+    db: Session = Depends(get_db), current_user=Depends(get_current_active_user)
+) -> list[FullCloudStorageConnectionInterface]:
     """
     Get all cloud storage connections for the current user.
     Parameters