karrio-server-core 2025.5rc31__py3-none-any.whl → 2026.1.1__py3-none-any.whl

karrio/server/core/authentication.py

@@ -1,6 +1,5 @@
 import yaml  # type: ignore
 import pydoc
-import logging
 import functools
 from django.db.utils import ProgrammingError
 from django.conf import settings
@@ -23,8 +22,8 @@ from oauth2_provider.contrib.rest_framework import (
     OAuth2Authentication as BaseOAuth2Authentication,
 )
 from django_otp.middleware import OTPMiddleware
+from karrio.server.core.logging import logger
 
-logger = logging.getLogger(__name__)
 UserModel = get_user_model()
 AUTHENTICATION_CLASSES = getattr(settings, "AUTHENTICATION_CLASSES", [])
 
@@ -155,13 +154,17 @@ class OAuth2Authentication(BaseOAuth2Authentication):
             if user is None:
                 # For client credentials flow, the user might be None from the base class
                 # but our custom validator should have set it on the request
-                if hasattr(request, 'user') and request.user and not request.user.is_anonymous:
+                if (
+                    hasattr(request, "user")
+                    and request.user
+                    and not request.user.is_anonymous
+                ):
                     user = request.user
-                elif hasattr(request, 'oauth_user'):
+                elif hasattr(request, "oauth_user"):
                     user = request.oauth_user
                 # If we still don't have a user, try to get it from the OAuth application
-                elif hasattr(token, 'application') and token.application:
-                    user = getattr(token.application, 'user', None)
+                elif hasattr(token, "application") and token.application:
+                    user = getattr(token.application, "user", None)
 
             # Set request context
             request.user = user or request.user
@@ -170,13 +173,17 @@ class OAuth2Authentication(BaseOAuth2Authentication):
 
             # Enhanced organization context for OAuth apps
             default_org = None
-            if hasattr(token, 'application') and hasattr(token.application, 'oauth_app'):
+            if hasattr(token, "application") and hasattr(
+                token.application, "oauth_app"
+            ):
                 # If this is an OAuth app token, use the app owner's organization
                 oauth_app = token.application.oauth_app
-                if hasattr(oauth_app, 'created_by') and oauth_app.created_by:
+                if hasattr(oauth_app, "created_by") and oauth_app.created_by:
                     app_owner = oauth_app.created_by
-                    if hasattr(app_owner, 'organizations'):
-                        default_org = app_owner.organizations.filter(is_active=True).first()
+                    if hasattr(app_owner, "organizations"):
+                        default_org = app_owner.organizations.filter(
+                            is_active=True
+                        ).first()
 
             request.org = SimpleLazyObject(
                 functools.partial(
@@ -199,7 +206,11 @@ class AccessMixin(mixins.AccessMixin):
     """Verify that the current user is authenticated."""
 
     def dispatch(self, request, *args, **kwargs):
-        if not hasattr(request, 'user') or request.user is None or not request.user.is_authenticated:
+        if (
+            not hasattr(request, "user")
+            or request.user is None
+            or not request.user.is_authenticated
+        ):
             authenticate_user(request)
 
         request.user = SimpleLazyObject(
@@ -240,7 +251,11 @@ class AuthenticationMiddleware(BaseAuthenticationMiddleware):
 def authenticate_user(request):
     def authenticate(request, authenticator):
         # Check if user exists and is not authenticated
-        if not hasattr(request, 'user') or request.user is None or not getattr(request.user, 'is_authenticated', False):
+        if (
+            not hasattr(request, "user")
+            or request.user is None
+            or not getattr(request.user, "is_authenticated", False)
+        ):
             logger.debug(f"Trying authenticator: {authenticator}")
             try:
                 auth_instance = pydoc.locate(authenticator)()
@@ -250,11 +265,12 @@ def authenticate_user(request):
                     user, token = auth
                     request.user = user
                     request.token = token
-                    logger.info(f"Authentication successful with: {authenticator}")
             except AttributeError as e:
                 # Skip SessionAuthentication if it fails with _request attribute error
                 if "'WSGIRequest' object has no attribute '_request'" in str(e):
-                    logger.debug(f"Skipping {authenticator} - incompatible with middleware context")
+                    logger.debug(
+                        f"Skipping {authenticator} - incompatible with middleware context"
+                    )
                 else:
                     raise
             except exceptions.AuthenticationFailed:
@@ -282,13 +298,15 @@ def get_request_org(request, user, org_id: str = None, default_org=None):
 
             if default_org is not None:
                 org = default_org
-            elif user and hasattr(user, 'id') and user.id:
+            elif user and hasattr(user, "id") and user.id:
                 orgs = Organization.objects.filter(users__id=user.id)
-                org = (
-                    orgs.filter(id=org_id).first()
-                    if org_id is not None and orgs.filter(id=org_id).exists()
-                    else orgs.filter(is_active=True).first()
-                )
+                org = None
+
+                if org_id is not None:
+                    org = orgs.filter(id=org_id).first()
+
+                if org is None:
+                    org = orgs.filter(is_active=True).first()
             else:
                 org = None
 

karrio/server/core/config.py

@@ -0,0 +1,31 @@
+"""Karrio server system configuration adapter."""
+
+import typing
+import karrio.lib as lib
+
+
+class ConstanceConfig(lib.AbstractSystemConfig):
+    """Django constance configuration adapter.
+
+    Provides access to runtime configuration values stored
+    in Django constance (database-backed settings).
+    """
+
+    def get(self, key: str, default: typing.Any = None) -> typing.Any:
+        from constance import config as constance_config
+
+        return getattr(constance_config, key, default)
+
+    def __getitem__(self, key: str) -> typing.Any:
+        from constance import config as constance_config
+
+        return getattr(constance_config, key)
+
+    def __contains__(self, key: str) -> bool:
+        from constance import config as constance_config
+
+        return hasattr(constance_config, key)
+
+
+# Singleton instance for use across the server
+config = ConstanceConfig()

karrio/server/core/datatypes.py

@@ -23,13 +23,24 @@ from karrio.core.models import (
     PickupCancelRequest as BasePickupCancelRequest,
     ConfirmationDetails as Confirmation,
     TrackingEvent,
-    TrackingDetails,
     TrackingInfo,
+    ManifestDocument,
+    TrackingDetails,
     DocumentFile,
     DocumentUploadRequest,
     ManifestRequest,
     ManifestDetails,
-    ManifestDocument,
+    RequestPayload,
+    OAuthAuthorizePayload,
+    OAuthAuthorizeRequest,
+    WebhookEventDetails,
+    WebhookRegistrationDetails,
+    WebhookDeregistrationRequest,
+    WebhookRegistrationRequest,
+    DutiesCalculationRequest,
+    DutiesCalculationDetails,
+    InsuranceRequest,
+    InsuranceDetails,
 )
 
 
@@ -106,7 +117,9 @@ class Address(BaseAddress):
     residential: bool = False
 
     address_line1: str = ""
-    address_line2: str = ""
+    address_line2: str = None
+    street_number: str = None
+    suite: str = None
 
     federal_tax_id: str = None
     state_tax_id: str = None
@@ -362,8 +375,21 @@ class ManifestResponse:
     manifest: Manifest = jstruct.JStruct[Manifest]
 
 
+@attr.s(auto_attribs=True)
+class DutiesResponse:
+    messages: typing.List[Message] = jstruct.JList[Message]
+    duties: DutiesCalculationDetails = jstruct.JStruct[DutiesCalculationDetails]
+
+
+@attr.s(auto_attribs=True)
+class InsuranceResponse:
+    messages: typing.List[Message] = jstruct.JList[Message]
+    insurance: InsuranceDetails = jstruct.JStruct[InsuranceDetails]
+
+
 @attr.s(auto_attribs=True)
 class Error:
-    message: str = None
     code: str = None
+    message: str = None
+    level: str = None
     details: typing.Dict = None

karrio/server/core/dataunits.py

@@ -1,4 +1,3 @@
-import logging
 from constance import config
 from django.urls import reverse
 from rest_framework.request import Request
@@ -7,6 +6,7 @@ import karrio.lib as lib
 import karrio.references as ref
 import karrio.core.units as units
 import karrio.server.conf as conf
+import karrio.server.core.utils as utils
 
 
 PACKAGE_MAPPERS = ref.collect_providers_data()
@@ -31,8 +31,6 @@ NON_HUBS_CARRIERS = [
     carrier_name for carrier_name in CARRIER_NAMES if carrier_name not in CARRIER_HUBS
 ]
 
-LOGGER = logging.getLogger(__name__)
-
 
 def contextual_metadata(request: Request):
     # Detect HTTPS from headers (for proxied environments like Caddy/ALB)
@@ -66,6 +64,30 @@ def contextual_metadata(request: Request):
         else getattr(config, "APP_WEBSITE", None) or conf.settings.APP_WEBSITE
     )
 
+    # Batch fetch all feature flags
+    flag_names = [flag for flag, _ in conf.settings.FEATURE_FLAGS]
+
+    if conf.settings.MULTI_TENANTS:
+        # In multi-tenancy mode, feature flags come from tenant.feature_flags (JSON field)
+        # No N+1 issue since it's a single field access on an already-loaded tenant object
+        tenant = conf.settings.tenant
+        tenant_flags = getattr(tenant, "feature_flags", {}) if tenant else {}
+        feature_flags = {
+            flag: tenant_flags.get(flag, getattr(conf.settings, flag, None))
+            for flag in flag_names
+        }
+    else:
+        # In single-tenant mode, batch fetch from Constance to avoid N+1 queries
+        constance_values = utils.batch_get_constance_values(flag_names)
+        feature_flags = {
+            flag: (
+                constance_values.get(flag)
+                if flag in constance_values
+                else getattr(conf.settings, flag, None)
+            )
+            for flag in flag_names
+        }
+
     return {
         "VERSION": conf.settings.VERSION,
         "APP_NAME": name,
@@ -74,10 +96,7 @@ def contextual_metadata(request: Request):
         "ADMIN": f"{host}/admin",
         "GRAPHQL": f"{host}/graphql",
         "OPENAPI": f"{host}/openapi",
-        **{
-            flag: getattr(conf.settings, flag, None)
-            for flag, _ in conf.settings.FEATURE_FLAGS
-        },
+        **feature_flags,
     }