desdeo 1.1.3__py3-none-any.whl → 2.0.0__py3-none-any.whl

desdeo/api/routers/__init__.py

@@ -0,0 +1,5 @@
+"""Exports from routers."""
+
+__all__ = ["get_current_user"]
+
+from .user_authentication import get_current_user

desdeo/api/routers/problem.py

@@ -0,0 +1,110 @@
+"""Defines end-points to access and manage problems."""
+
+from typing import Annotated
+
+from fastapi import APIRouter, Depends, HTTPException, status
+from sqlmodel import Session
+
+from desdeo.api.db import get_session
+from desdeo.api.models import ProblemDB, ProblemGetRequest, ProblemInfo, ProblemInfoSmall, User, UserRole
+from desdeo.api.routers.user_authentication import get_current_user
+from desdeo.problem import Problem
+
+router = APIRouter(prefix="/problem")
+
+
+@router.get("/all")
+def get_problems(user: Annotated[User, Depends(get_current_user)]) -> list[ProblemInfoSmall]:
+    """Get information on all the current user's problems.
+
+    Args:
+        user (Annotated[User, Depends): the current user.
+
+    Returns:
+        list[ProblemInfoSmall]: a list of information on all the problems.
+    """
+    return user.problems
+
+
+@router.get("/all_info")
+def get_problems_info(user: Annotated[User, Depends(get_current_user)]) -> list[ProblemInfo]:
+    """Get detailed information on all the current user's problems.
+
+    Args:
+        user (Annotated[User, Depends): the current user.
+
+    Returns:
+        list[ProblemInfo]: a list of the detailed information on all the problems.
+    """
+    return user.problems
+
+
+@router.post("/get")
+def get_problem(
+    request: ProblemGetRequest,
+    user: Annotated[User, Depends(get_current_user)],
+    session: Annotated[Session, Depends(get_session)],
+) -> ProblemInfo:
+    """Get the model of a specific problem.
+
+    Args:
+        request (ProblemGetRequest): the request containing the problem's id `problem_id`.
+        user (Annotated[User, Depends): the current user.
+        session (Annotated[Session, Depends): the database session.
+
+    Raises:
+        HTTPException: could not find a problem with the given id.
+
+    Returns:
+        ProblemInfo: detailed information on the requested problem.
+    """
+    problem = session.get(ProblemDB, request.problem_id)
+
+    if problem is None:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail=f"The problem with the requested id={request.problem_id} was not found.",
+        )
+
+    return problem
+
+
+@router.post("/add")
+def add_problem(
+    request: Problem,
+    user: Annotated[User, Depends(get_current_user)],
+    session: Annotated[Session, Depends(get_session)],
+) -> ProblemInfo:
+    """Add a newly defined problem to the database.
+
+    Args:
+        request (Problem): the JSON representation of the problem.
+        user (Annotated[User, Depends): the current user.
+        session (Annotated[Session, Depends): the database session.
+
+    Note:
+        Users with the role 'guest' may not add new problems.
+
+    Raises:
+        HTTPException: when any issue with defining the problem arises.
+
+    Returns:
+        ProblemInfo: the information about the problem added.
+    """
+    if user.role == UserRole.guest:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED, detail="Guest users are not allowed to add new problems."
+        )
+    try:
+        problem_db = ProblemDB.from_problem(request, user=user)
+    except Exception as e:
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail=f"Could not add problem. Possible reason: {e!r}",
+        ) from e
+
+    session.add(problem_db)
+    session.commit()
+    session.refresh(problem_db)
+
+    return problem_db

desdeo/api/routers/reference_point_method.py

@@ -0,0 +1,117 @@
+"""Defines end-points to access functionalities related to the reference point method."""
+
+from typing import Annotated
+
+from fastapi import APIRouter, Depends, HTTPException, status
+from sqlmodel import Session, select
+
+from desdeo.api.db import get_session
+from desdeo.api.models import (
+    InteractiveSessionDB,
+    PreferenceDB,
+    ProblemDB,
+    RPMSolveRequest,
+    RPMState,
+    StateDB,
+    User,
+)
+from desdeo.api.routers.user_authentication import get_current_user
+from desdeo.mcdm import rpm_solve_solutions
+from desdeo.problem import Problem
+from desdeo.tools import SolverResults
+
+router = APIRouter(prefix="/method/rpm")
+
+
+@router.post("/solve")
+def solve_solutions(
+    request: RPMSolveRequest,
+    user: Annotated[User, Depends(get_current_user)],
+    session: Annotated[Session, Depends(get_session)],
+) -> RPMState:
+    """."""
+
+    if request.session_id is not None:
+        statement = select(InteractiveSessionDB).where(InteractiveSessionDB.id == request.session_id)
+        interactive_session = session.exec(statement)
+
+        if interactive_session is None:
+            raise HTTPException(
+                status_code=status.HTTP_404_NOT_FOUND,
+                detail=f"Could not find interactive session with id={request.session_id}.",
+            )
+    else:
+        # request.session_id is None:
+        # use active session instead
+        statement = select(InteractiveSessionDB).where(InteractiveSessionDB.id == user.active_session_id)
+
+        interactive_session = session.exec(statement).first()
+
+    # fetch the problem from the DB
+    statement = select(ProblemDB).where(ProblemDB.user_id == user.id, ProblemDB.id == request.problem_id)
+    problem_db = session.exec(statement).first()
+
+    if problem_db is None:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND, detail=f"Problem with id={request.problem_id} could not be found."
+        )
+
+    problem = Problem.from_problemdb(problem_db)
+
+    # optimize for solutions
+    solver_results: list[SolverResults] = rpm_solve_solutions(
+        problem,
+        request.preference.aspiration_levels,
+        request.scalarization_options,
+        request.solver,
+        request.solver_options,
+    )
+
+    # create DB preference
+    preference_db = PreferenceDB(user_id=user.id, problem_id=problem_db.id, preference=request.preference)
+
+    session.add(preference_db)
+    session.commit()
+    session.refresh(preference_db)
+
+    # fetch parent state
+    if request.parent_state_id is None:
+        # parent state is assumed to be the last sate added to the session.
+        parent_state = (
+            interactive_session.states[-1]
+            if (interactive_session is not None and len(interactive_session.states) > 0)
+            else None
+        )
+
+    else:
+        # request.parent_state_id is not None
+        statement = session.select(StateDB).where(StateDB.id == request.parent_state_id)
+        parent_state = session.exec(statement).first()
+
+        if parent_state is None:
+            raise HTTPException(
+                status_code=status.HTTP_404_NOT_FOUND, detail=f"Could not find state with id={request.parent_state_id}"
+            )
+
+    # create state and add to DB
+    rpm_state = RPMState(
+        scalarization_options=request.scalarization_options,
+        solver=request.solver,
+        solver_options=request.solver_options,
+        solver_results=solver_results,
+    )
+
+    # create DB state and add it to the DB
+    state = StateDB(
+        problem_id=problem_db.id,
+        preference_id=preference_db.id,
+        session_id=interactive_session.id if interactive_session is not None else None,
+        parent_id=parent_state.id if parent_state is not None else None,
+        state=rpm_state,
+    )
+
+    session.add(state)
+    session.commit()
+    session.refresh(state)
+
+    return rpm_state

desdeo/api/routers/session.py

@@ -0,0 +1,76 @@
+"""Defines end-points to access and manage interactive sessions."""
+
+from typing import Annotated
+
+from fastapi import APIRouter, Depends, HTTPException, status
+from sqlmodel import Session, select
+
+from desdeo.api.db import get_session
+from desdeo.api.models import (
+    CreateSessionRequest,
+    GetSessionRequest,
+    InteractiveSessionDB,
+    InteractiveSessionInfo,
+    User,
+)
+from desdeo.api.routers.user_authentication import get_current_user
+
+router = APIRouter(prefix="/session")
+
+
+@router.post("/new")
+def create_new_session(
+    request: CreateSessionRequest,
+    user: Annotated[User, Depends(get_current_user)],
+    session: Annotated[Session, Depends(get_session)],
+) -> InteractiveSessionInfo:
+    """."""
+    interactive_session = InteractiveSessionDB(user_id=user.id, info=request.info)
+
+    session.add(interactive_session)
+    session.commit()
+    session.refresh(interactive_session)
+
+    user.active_session_id = interactive_session.id
+
+    session.add(user)
+    session.commit()
+    session.refresh(interactive_session)
+
+    return interactive_session
+
+
+@router.post("/get")
+def get_session(
+    request: GetSessionRequest,
+    user: Annotated[User, Depends(get_current_user)],
+    session: Annotated[Session, Depends(get_session)],
+) -> InteractiveSessionInfo:
+    """Return an interactive session with a given id for the current user.
+
+    Args:
+        request (GetSessionRequest): a request containing the id of the session.
+        user (Annotated[User, Depends): the current user.
+        session (Annotated[Session, Depends): the database session.
+
+    Raises:
+        HTTPException: could not find an interactive session with the given id
+            for the current user.
+
+    Returns:
+        InteractiveSessionInfo: info on the requested interactive session.
+    """
+    statement = select(InteractiveSessionDB).where(
+        InteractiveSessionDB.id == request.session_id, InteractiveSessionDB.user_id == user.id
+    )
+    result = session.exec(statement)
+
+    interactive_session = result.first()
+
+    if interactive_session is None:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail=f"Could not find interactive session with id={request.session_id}.",
+        )
+
+    return interactive_session

desdeo/api/routers/test.py

@@ -0,0 +1,16 @@
+"""A test router for the DESDEO API."""
+
+from typing import Annotated
+
+from fastapi import APIRouter, Depends
+
+from desdeo.api.routers.user_authentication import get_current_user
+from desdeo.api.schema import User
+
+router = APIRouter(prefix="/test")
+
+
+@router.get("/userdetails")
+def get_user(current_user: Annotated[User, Depends(get_current_user)]) -> User:
+    """Get information about the current user."""
+    return current_user

desdeo/api/routers/user_authentication.py

@@ -0,0 +1,366 @@
+"""This module contains the functions for user authentication."""
+
+import uuid
+from datetime import UTC, datetime, timedelta
+from typing import Annotated
+
+import bcrypt
+from fastapi import APIRouter, Cookie, Depends, HTTPException, Response, status
+from fastapi.responses import JSONResponse
+from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
+from jose import JWTError, jwt
+from pydantic import BaseModel
+from sqlmodel import Session, select
+
+from desdeo.api import SettingsConfig
+from desdeo.api.db import get_session
+from desdeo.api.models import User, UserPublic
+
+# AuthConfig
+if SettingsConfig.debug:
+    from desdeo.api import AuthDebugConfig
+
+    AuthConfig = AuthDebugConfig
+else:
+    pass
+
+router = APIRouter()
+
+
+class Tokens(BaseModel):
+    """A model for the authentication token."""
+
+    access_token: str
+    refresh_token: str
+    token_type: str
+
+
+# OAuth2PasswordBearer is a class that creates a dependency that will be used to get the token from the request.
+# The token will be used to authenticate the user.
+oauth2_scheme = OAuth2PasswordBearer(tokenUrl="login")
+
+
+def verify_password(plain_password: str, hashed_password: str) -> bool:
+    """Check if a password matches a hash.
+
+    Args:
+        plain_password (str): the plain password.
+        hashed_password (str): the hashed password.
+
+    Returns:
+        bool: whether the plain password matches the hashed one.
+    """
+    password_byte_enc = plain_password.encode("utf-8")
+
+    return bcrypt.checkpw(password=password_byte_enc, hashed_password=hashed_password.encode("utf-8"))
+
+
+def get_password_hash(password: str) -> str:
+    """Hash a password.
+
+    Args:
+        password (str): the password to be hashed.
+
+    Returns:
+        str: the hashed password.
+    """
+    pwd_bytes = password.encode("utf-8")
+
+    return bcrypt.hashpw(password=pwd_bytes, salt=bcrypt.gensalt()).decode("utf-8")
+
+
+def get_user(session: Session, username: str) -> User | None:
+    """Get the current user.
+
+    Get the current user based on the username. If no user if found,
+    return None.
+
+    Args:
+        session (Session): database session.
+        username (str): the username of the user.
+
+    Returns:
+        User | None: the User. If no user is found, returns None.
+    """
+    statement = select(User).where(User.username == username)
+    return session.exec(statement).first()
+
+
+def authenticate_user(session: Session, username: str, password: str) -> User | None:
+    """Check if a user exists and the password is correct.
+
+    Check if a user exists and the password is correct. If the user exists and the password
+    is correct, returns the user.
+
+    Args:
+        session (Session): database session.
+        username (str): the username of the user.
+        password (str): password set for the user.
+
+    Returns:
+        User | None: the User. If no user if found, returns None.
+    """
+    user = get_user(session, username)
+
+    if not user or not verify_password(password, user.password_hash):
+        return None
+
+    return user
+
+
+def get_current_user(
+    token: Annotated[str, Depends(oauth2_scheme)],
+    session: Annotated[Session, Depends(get_session)],
+) -> User:
+    """Get the current user based on a JWT token.
+
+    This function is a dependency for other functions that need to get the current user.
+
+    Args:
+        token (Annotated[str, Depends(oauth2_scheme)]): The authentication token.
+        session (Annotated[Session, Depends(get_db)]): A database session.
+
+    Returns:
+        User: The information of the current user.
+
+    Raises:
+        HTTPException: If the token is invalid.
+    """
+    credentials_exception = HTTPException(
+        status_code=status.HTTP_401_UNAUTHORIZED,
+        detail="Could not validate credentials",
+        headers={"WWW-Authenticate": "Bearer"},
+    )
+    try:
+        payload = jwt.decode(token, AuthConfig.authjwt_secret_key, algorithms=[AuthConfig.authjwt_algorithm])
+        username = payload.get("sub")
+        expire_time: datetime = payload.get("exp")
+
+        if username is None or expire_time is None or expire_time < datetime.now(UTC).timestamp():
+            raise credentials_exception
+
+    except jwt.exceptions.ExpiredSignatureError:
+        raise credentials_exception from None
+
+    except JWTError:
+        raise credentials_exception from JWTError
+
+    user = get_user(session, username=username)
+
+    if user is None:
+        raise credentials_exception
+
+    return user
+
+
+def create_jwt_token(
+    data: dict,
+    expires_delta: timedelta,
+    algorithm: str = AuthConfig.authjwt_algorithm,
+    secret_key: str = AuthConfig.authjwt_secret_key,
+) -> str:
+    """Creates an JWT Token with `data` and `expire_delta`.
+
+    Args:
+        data (dict): The data to encode in the token.
+        expires_delta (timedelta): The time after which the token will expire.
+        algorithm (str): the algorithms to encode the JWT token.
+            Defaults to `AuthConfig.authjwt_algorithm`.
+        secret_key (str): the secret key used in encoding the JWT token.
+            Defaults to `AuthConfig.authjwt_secret_key`.
+
+    Returns:
+        str: the JWT token.
+    """
+    data = data.copy()
+    expire = datetime.now(UTC) + expires_delta
+    data.update({"exp": expire, "jti": str(uuid.uuid4())})
+    # jti adds an unique identifier so that life is easier
+
+    return jwt.encode(data, secret_key, algorithm=algorithm)
+
+
+def create_access_token(data: dict, expiration_time: int = AuthConfig.authjwt_access_token_expires) -> str:
+    """Creates a JWT access token.
+
+    Creates a JWT access token with `data`, and an
+    expiration time.
+
+    Args:
+        data (dict): the data to encode in the token.
+        expiration_time (int): the expiration time of the access token
+            in minutes. Defaults to `AuthConfig.authjwt_access_token_expires`.
+
+    Returns:
+        str: the JWT access token.
+    """
+    return create_jwt_token(data, timedelta(minutes=expiration_time))
+
+
+def create_refresh_token(data: dict, expiration_time: int = AuthConfig.authjwt_refresh_token_expires) -> str:
+    """Creates a JTW refresh token.
+
+    Creates a JWT refresh token with `data and an expiration time.
+
+    Args:
+        data (dict): The data to encode in the token.
+        expiration_time (int): the expiration time of the refresh token
+         in minutes. Defaults to `AuthConfig.authjwt_refresh_token_expires`.
+
+    Returns:
+        str: the JWT refresh token.
+    """
+    refresh_token: str = create_jwt_token(data, timedelta(minutes=expiration_time))
+
+    return refresh_token
+
+
+def generate_tokens(data: dict) -> Tokens:
+    """Generates a and refresh Tokens with `data`.
+
+    Note:
+        The expiration times of the tokens in defined in
+        `AuthConfig`.
+
+    Args:
+        data (dict): The data to encode in the token.
+
+    Returns:
+        Tokens: the access and refresh tokens.
+    """
+    access_token = create_access_token(data)
+    refresh_token = create_refresh_token(data)
+    return Tokens(access_token=access_token, refresh_token=refresh_token, token_type="bearer")  # noqa: S106
+
+
+def validate_refresh_token(
+    refresh_token: str,
+    session: Annotated[Session, Depends(get_session)],
+    algorithm: str = AuthConfig.authjwt_algorithm,
+    secret_key: str = AuthConfig.authjwt_secret_key,
+) -> User:
+    """Validate a refresh token and return the associated user if valid.
+
+    Args:
+        refresh_token (str): The refresh token to validate.
+        session (Annotated[Session, Depends(get_db)]): The database session.
+        algorithm (str): the algorithm used to decode the JWT token.
+            Defaults to `AuthConfig.authjwt_algorithm`.
+        secret_key (str): the secret key used to decode the JWT token.
+            Defaults to `AuthConfig.authjwt_secret_key`.
+
+    Returns:
+        UserModel: The user associated with the valid refresh token.
+
+    Raises:
+        HTTPException: If the refresh token is invalid or expired.
+    """
+    credentials_exception = HTTPException(
+        status_code=status.HTTP_401_UNAUTHORIZED,
+        detail="Invalid or expired refresh token",
+        headers={"WWW-Authenticate": "Bearer"},
+    )
+
+    try:
+        # Decode the refresh token
+        payload = jwt.decode(refresh_token, secret_key, algorithms=[algorithm])
+        username = payload.get("sub")
+        expire_time: datetime = payload.get("exp")
+
+    except Exception as _:
+        raise credentials_exception from None
+
+    if username is None or expire_time is None or expire_time < datetime.now(UTC).timestamp():
+        raise credentials_exception
+
+    # Validate the user from the database
+    user = get_user(session, username=username)
+    if user is None:
+        raise credentials_exception
+
+    return user
+
+
+@router.get("/user_info")
+def get_current_user_info(user: Annotated[User, Depends(get_current_user)]) -> UserPublic:
+    """Return information about the current user.
+
+    Args:
+        user (Annotated[User, Depends): user dependency, handled by `get_current_user`.
+
+    Returns:
+        UserPublic: public information about the current user.
+    """
+    return user
+
+
+@router.post("/login")
+def login(
+    form_data: Annotated[OAuth2PasswordRequestForm, Depends()],
+    session: Annotated[Session, Depends(get_session)],
+    cookie_max_age: int = AuthConfig.authjwt_refresh_token_expires,
+):
+    """Login to get an authentication token.
+
+    Return an access token in the response and a cookie storing a refresh token.
+
+    Args:
+        form_data (Annotated[OAuth2PasswordRequestForm, Depends()]):
+            The form data to authenticate the user.
+        session (Annotated[Session, Depends(get_db)]): The database session.
+        cookie_max_age (int): the lifetime of the cookie storing the refresh token.
+
+    """
+    user = authenticate_user(session, form_data.username, form_data.password)
+    if user is None:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Incorrect username or password",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+
+    tokens = generate_tokens({"id": user.id, "sub": user.username})
+
+    response = JSONResponse(content={"access_token": tokens.access_token})
+    response.set_cookie(
+        key="refresh_token",
+        value=tokens.refresh_token,
+        httponly=True,  # HTTP only cookie, more secure than storing the refresh token in the frontend code.
+        secure=False,  # allow http
+        samesite="lax",  # cross-origin requests
+        max_age=cookie_max_age * 60,  # convert to minutes
+    )
+
+    return response
+
+
+@router.post("/refresh")
+def refresh_access_token(
+    request: Response,
+    session: Annotated[Session, Depends(get_session)],
+    refresh_token: Annotated[str | None, Cookie()] = None,
+):
+    """Refresh the access token using the refresh token stored in the cookie.
+
+    Args:
+        request (Request): The request containing the cookie.
+        session (Annotated[Session, Depends(get_db)]): the database session.
+        refresh_token (Annotated[Str | None, Cookie()]): the refresh
+            token, which is fetched from a cookie included in the response.
+
+    Returns:
+        dict: A dictionary containing the new access token.
+    """
+    if not refresh_token:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Missing refresh token.",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+
+    user = validate_refresh_token(refresh_token, session)
+
+    # Generate a new access token for the user
+    access_token = create_access_token({"id": user.id, "sub": user.username})
+
+    return {"access_token": access_token}