core-framework 0.12.1__py3-none-any.whl → 0.12.3__py3-none-any.whl

core/__init__.py

@@ -20,7 +20,21 @@ Enterprise Features (v0.3.0+):
 
 from core.models import Model, Field, SoftDeleteMixin, SoftDeleteManager, TenantSoftDeleteManager
 from core.serializers import InputSchema, OutputSchema, Serializer
-from core.views import APIView, ViewSet, ModelViewSet, action
+from core.views import (
+    APIView,
+    ViewSet,
+    ModelViewSet,
+    ReadOnlyModelViewSet,
+    CreateModelViewSet,
+    ListModelViewSet,
+    ListCreateModelViewSet,
+    RetrieveUpdateModelViewSet,
+    RetrieveDestroyModelViewSet,
+    RetrieveUpdateDestroyModelViewSet,
+    SearchModelViewSet,
+    BulkModelViewSet,
+    action,
+)
 from core.routing import Router, AutoRouter
 from core.permissions import Permission, IsAuthenticated, AllowAny, IsAdmin, IsOwner, HasRole
 from core.dependencies import Depends, get_db, get_current_user
@@ -84,6 +98,25 @@ from core.datetime import (
     get_timezone,
 )
 
+# Middleware - Sistema Django-style
+from core.middleware import (
+    BaseMiddleware,
+    configure_middleware,
+    register_middleware,
+    apply_middlewares,
+    get_middleware_stack_info,
+    print_middleware_stack,
+    # Pre-built middlewares
+    TimingMiddleware,
+    RequestIDMiddleware,
+    LoggingMiddleware,
+    MaintenanceModeMiddleware,
+    SecurityHeadersMiddleware,
+)
+
+# Auth - ViewSet
+from core.auth.views import AuthViewSet
+
 # Auth - Sistema plugável de autenticação
 from core.auth import (
     # Config
@@ -123,6 +156,7 @@ from core.auth import (
     ObjectPermissionBackend,
     # Models
     AbstractUser,
+    AbstractUUIDUser,
     Group,
     Permission as AuthPermission,
     PermissionsMixin,
@@ -136,6 +170,9 @@ from core.auth import (
     require_staff,
     require_active,
     login_required,
+    # Middleware
+    AuthenticationMiddleware,
+    OptionalAuthenticationMiddleware,
 )
 
 # Migrations
@@ -241,7 +278,7 @@ from core.exceptions import (
     MissingDependency,
 )
 
-__version__ = "0.12.1"
+__version__ = "0.12.3"
 __all__ = [
     # Models
     "Model",
@@ -257,6 +294,15 @@ __all__ = [
     "APIView",
     "ViewSet",
     "ModelViewSet",
+    "ReadOnlyModelViewSet",
+    "CreateModelViewSet",
+    "ListModelViewSet",
+    "ListCreateModelViewSet",
+    "RetrieveUpdateModelViewSet",
+    "RetrieveDestroyModelViewSet",
+    "RetrieveUpdateDestroyModelViewSet",
+    "SearchModelViewSet",
+    "BulkModelViewSet",
     "action",
     # Routing
     "Router",
@@ -277,6 +323,18 @@ __all__ = [
     "get_settings",
     # App
     "CoreApp",
+    # Middleware
+    "BaseMiddleware",
+    "configure_middleware",
+    "register_middleware",
+    "apply_middlewares",
+    "get_middleware_stack_info",
+    "print_middleware_stack",
+    "TimingMiddleware",
+    "RequestIDMiddleware",
+    "LoggingMiddleware",
+    "MaintenanceModeMiddleware",
+    "SecurityHeadersMiddleware",
     # Advanced Fields
     "uuid7",
     "uuid7_str",
@@ -316,6 +374,8 @@ __all__ = [
     "configure_datetime",
     "get_datetime_config",
     "get_timezone",
+    # Auth - ViewSet
+    "AuthViewSet",
     # Auth - Config
     "AuthConfig",
     "configure_auth",
@@ -352,10 +412,14 @@ __all__ = [
     "ObjectPermissionBackend",
     # Auth - Models
     "AbstractUser",
+    "AbstractUUIDUser",
     "Group",
     "AuthPermission",
     "PermissionsMixin",
     "get_user_model",
+    # Auth - Middleware
+    "AuthenticationMiddleware",
+    "OptionalAuthenticationMiddleware",
     # Auth - Decorators
     "HasPermission",
     "IsInGroup",

core/app.py

@@ -34,7 +34,7 @@ class CoreApp:
     
     Encapsula FastAPI com configurações e lifecycle management.
     
-    Exemplo:
+    Exemplo básico:
         app = CoreApp(
             title="My API",
             settings=MySettings(),
@@ -45,6 +45,23 @@ class CoreApp:
         
         # Obtém a aplicação FastAPI
         fastapi_app = app.app
+    
+    Exemplo com middlewares Django-style:
+        app = CoreApp(
+            title="My API",
+            middleware=[
+                "core.middleware.TimingMiddleware",
+                "core.auth.AuthenticationMiddleware",
+                ("core.middleware.LoggingMiddleware", {"log_headers": True}),
+            ],
+        )
+    
+    Shortcuts disponíveis:
+        - "auth": AuthenticationMiddleware
+        - "timing": TimingMiddleware
+        - "request_id": RequestIDMiddleware
+        - "logging": LoggingMiddleware
+        - "security_headers": SecurityHeadersMiddleware
     """
     
     def __init__(
@@ -57,6 +74,7 @@ class CoreApp:
         on_startup: list[Callable] | None = None,
         on_shutdown: list[Callable] | None = None,
         middlewares: list[tuple[type, dict[str, Any]]] | None = None,
+        middleware: list[str | type | tuple] | None = None,
         exception_handlers: dict[type, Callable] | None = None,
         auto_create_tables: bool = True,
         **fastapi_kwargs: Any,
@@ -72,10 +90,19 @@ class CoreApp:
             routers: Lista de routers a incluir
             on_startup: Callbacks de startup
             on_shutdown: Callbacks de shutdown
-            middlewares: Lista de middlewares (classe, kwargs)
+            middlewares: Lista de middlewares formato antigo (classe, kwargs)
+            middleware: Lista de middlewares formato Django-style (strings/classes)
             exception_handlers: Handlers de exceção customizados
             auto_create_tables: Se True, cria tabelas automaticamente
             **fastapi_kwargs: Argumentos extras para FastAPI
+        
+        Middleware format (novo, Django-style):
+            middleware=[
+                "core.auth.AuthenticationMiddleware",  # String path
+                "auth",  # Shortcut
+                MyMiddleware,  # Classe direta
+                ("logging", {"log_body": True}),  # Com kwargs
+            ]
         """
         self.settings = settings or get_settings()
         self._on_startup = on_startup or []
@@ -100,7 +127,12 @@ class CoreApp:
         if self.settings.tenancy_enabled:
             self._setup_tenancy_middleware()
         
-        # Adiciona middlewares customizados
+        # Adiciona middlewares - formato novo Django-style (parâmetro ou settings)
+        middleware_list = middleware or getattr(self.settings, "middleware", None)
+        if middleware_list:
+            self._setup_django_style_middleware(middleware_list)
+        
+        # Adiciona middlewares - formato antigo (tuple)
         if middlewares:
             for middleware_class, middleware_kwargs in middlewares:
                 self.app.add_middleware(middleware_class, **middleware_kwargs)
@@ -206,6 +238,36 @@ class CoreApp:
             require_tenant=self.settings.tenancy_require,
         )
     
+    def _setup_django_style_middleware(
+        self,
+        middleware_list: list[str | type | tuple],
+    ) -> None:
+        """
+        Configura middlewares no estilo Django.
+        
+        Args:
+            middleware_list: Lista de middlewares
+                - String: path do middleware (ex: "core.auth.AuthenticationMiddleware")
+                - String shortcut: nome curto (ex: "auth", "timing")
+                - Classe: classe do middleware diretamente
+                - Tuple: (middleware, kwargs) para passar configurações
+        
+        Example:
+            middleware_list = [
+                "core.middleware.TimingMiddleware",
+                "auth",  # shortcut para AuthenticationMiddleware
+                MyCustomMiddleware,
+                ("logging", {"log_body": True}),
+            ]
+        """
+        from core.middleware import configure_middleware, apply_middlewares
+        
+        # Configura no registry global
+        configure_middleware(middleware_list, clear_existing=True)
+        
+        # Aplica ao app
+        apply_middlewares(self.app)
+    
     def _setup_exception_handlers(
         self,
         custom_handlers: dict[type, Callable] | None = None,

core/auth/__init__.py

@@ -43,8 +43,13 @@ from core.auth.base import (
     # Config
     AuthConfig,
     AuthConfigurationError,
+    ConfigurationWarning,
     configure_auth,
     get_auth_config,
+    # Validation helpers (preventive)
+    validate_auth_configuration,
+    check_middleware_configured,
+    get_auth_setup_checklist,
 )
 
 # Default implementations
@@ -76,10 +81,12 @@ from core.auth.permissions import (
 # Models
 from core.auth.models import (
     AbstractUser,
+    AbstractUUIDUser,
     PermissionsMixin,
     Group,
     Permission,
     get_user_model,
+    clear_association_table_cache,
 )
 
 # Decorators and dependencies
@@ -107,7 +114,14 @@ from core.auth.schemas import (
 
 # Views
 from core.auth.views import (
-    CoreAuthViewSet,
+    AuthViewSet,
+)
+
+# Middleware (Bug #8 Fix)
+from core.auth.middleware import (
+    AuthenticationMiddleware,
+    OptionalAuthenticationMiddleware,
+    ensure_auth_middleware,
 )
 
 __all__ = [
@@ -128,8 +142,13 @@ __all__ = [
     # Config
     "AuthConfig",
     "AuthConfigurationError",
+    "ConfigurationWarning",
     "configure_auth",
     "get_auth_config",
+    # Validation helpers
+    "validate_auth_configuration",
+    "check_middleware_configured",
+    "get_auth_setup_checklist",
     # Hashers
     "PBKDF2Hasher",
     "Argon2Hasher",
@@ -149,10 +168,12 @@ __all__ = [
     "ObjectPermissionBackend",
     # Models
     "AbstractUser",
+    "AbstractUUIDUser",
     "PermissionsMixin",
     "Group",
     "Permission",
     "get_user_model",
+    "clear_association_table_cache",
     # Decorators
     "HasPermission",
     "IsInGroup",
@@ -171,5 +192,9 @@ __all__ = [
     "BaseUserOutput",
     "MessageResponse",
     # Views
-    "CoreAuthViewSet",
+    "AuthViewSet",
+    # Middleware
+    "AuthenticationMiddleware",
+    "OptionalAuthenticationMiddleware",
+    "ensure_auth_middleware",
 ]

core/auth/base.py

@@ -485,6 +485,10 @@ class AuthConfig:
     password_require_lowercase: bool = False
     password_require_digit: bool = False
     password_require_special: bool = False
+    
+    # Middleware automático (Bug #8 preventive)
+    # Se True, emite warning se middleware não estiver configurado
+    warn_missing_middleware: bool = True
 
 
 _auth_config: AuthConfig | None = None
@@ -599,3 +603,145 @@ def get_auth_config() -> AuthConfig:
     if _auth_config is None:
         _auth_config = AuthConfig()
     return _auth_config
+
+
+# =============================================================================
+# Configuration Validation (Preventive measures)
+# =============================================================================
+
+class ConfigurationWarning(UserWarning):
+    """Warning for potential configuration issues."""
+    pass
+
+
+def validate_auth_configuration() -> list[str]:
+    """
+    Validate current auth configuration and return list of issues.
+    
+    This is a preventive measure to catch common configuration mistakes.
+    
+    Returns:
+        List of warning messages
+    """
+    issues = []
+    config = get_auth_config()
+    
+    # Check secret key
+    if config.secret_key == "change-me-in-production":
+        issues.append(
+            "Using default SECRET_KEY. Set a secure key in production: "
+            "configure_auth(secret_key='your-secure-key-256-bits')"
+        )
+    
+    # Check if user_model is configured
+    if config.user_model is None:
+        issues.append(
+            "No user_model configured. Authentication endpoints may not work. "
+            "Use: configure_auth(user_model=YourUserClass)"
+        )
+    
+    # Check if user_model has UUID PK and warn about PermissionsMixin
+    if config.user_model is not None:
+        try:
+            from sqlalchemy.dialects.postgresql import UUID as PG_UUID
+            from sqlalchemy import Uuid
+            
+            if hasattr(config.user_model, "__table__"):
+                pk_cols = [c for c in config.user_model.__table__.columns if c.primary_key]
+                if pk_cols and isinstance(pk_cols[0].type, (PG_UUID, Uuid)):
+                    # Has UUID PK - check if PermissionsMixin is used
+                    from core.auth.models import PermissionsMixin
+                    if issubclass(config.user_model, PermissionsMixin):
+                        # This is now handled, but inform the user
+                        pass  # Silently pass, we fixed the issue
+        except Exception:
+            pass
+    
+    return issues
+
+
+def emit_configuration_warnings() -> None:
+    """
+    Emit warnings for configuration issues.
+    
+    Called automatically when using authentication features.
+    """
+    import warnings
+    
+    issues = validate_auth_configuration()
+    for issue in issues:
+        warnings.warn(issue, ConfigurationWarning, stacklevel=3)
+
+
+def check_middleware_configured(app: Any = None) -> bool:
+    """
+    Check if AuthenticationMiddleware is configured on the app.
+    
+    Args:
+        app: FastAPI or CoreApp instance (optional)
+        
+    Returns:
+        True if middleware appears to be configured
+    """
+    if app is None:
+        return False
+    
+    # Check if app has our middleware
+    try:
+        if hasattr(app, "app"):
+            # CoreApp wrapping FastAPI
+            fastapi_app = app.app
+        else:
+            fastapi_app = app
+        
+        if hasattr(fastapi_app, "middleware_stack"):
+            # Check middleware stack for our middleware
+            stack = fastapi_app.middleware_stack
+            while stack is not None:
+                if hasattr(stack, "app"):
+                    if "AuthenticationMiddleware" in type(stack.app).__name__:
+                        return True
+                    stack = getattr(stack, "app", None)
+                else:
+                    break
+    except Exception:
+        pass
+    
+    return False
+
+
+def get_auth_setup_checklist() -> str:
+    """
+    Return a checklist of auth setup steps.
+    
+    Useful for documentation and debugging.
+    
+    Returns:
+        Formatted checklist string
+    """
+    config = get_auth_config()
+    
+    checklist = []
+    checklist.append("## Auth Setup Checklist\n")
+    
+    # 1. User model
+    if config.user_model:
+        checklist.append(f" User model configured: {config.user_model.__name__}")
+    else:
+        checklist.append("X User model NOT configured")
+        checklist.append("   -> configure_auth(user_model=YourUserClass)")
+    
+    # 2. Secret key
+    if config.secret_key != "change-me-in-production":
+        checklist.append(" Secret key configured")
+    else:
+        checklist.append("!  Using default secret key (OK for development)")
+        checklist.append("   -> configure_auth(secret_key='secure-key') for production")
+    
+    # 3. Middleware
+    checklist.append("")
+    checklist.append("[!] Don't forget to add AuthenticationMiddleware:")
+    checklist.append("   from core.auth import AuthenticationMiddleware")
+    checklist.append("   app = CoreApp(middlewares=[(AuthenticationMiddleware, {})])")
+    
+    return "\n".join(checklist)