nlbone 0.7.2__py3-none-any.whl → 0.7.3__py3-none-any.whl

nlbone/adapters/auth/auth_service.py

@@ -0,0 +1,25 @@
+import requests
+
+from nlbone.config.settings import get_settings
+from nlbone.core.ports.auth import AuthService as BaseAuthService
+from nlbone.utils.http import normalize_https_base
+
+
+class AuthService(BaseAuthService):
+    def __init__(self):
+        s = get_settings()
+        self._base_url = normalize_https_base(s.AUTH_SERVICE_URL.unicode_string())
+        self._timeout = float(s.HTTP_TIMEOUT_SECONDS)
+        self._client =  requests.session()
+
+    def has_access(self, token: str, permissions: list[str]) -> bool: ...
+    def verify_token(self, token: str) -> dict | None:
+        url = f"{self._base_url}/introspect"
+        result = self._client.post(url, data={
+            "token": token
+        })
+        return result.json()
+    def get_client_token(self) -> dict | None: ...
+    def is_client_token(self, token: str, allowed_clients: set[str] | None = None) -> bool: ...
+    def client_has_access(self, token: str, perms: list[str], allowed_clients: set[str] | None = None) -> bool: ...
+    def get_permissions(self, token: str) -> list[str]: ...

nlbone/adapters/db/postgres/types.py

@@ -0,0 +1,21 @@
+from sqlalchemy.types import TypeDecorator, BigInteger
+
+class BaseIntegerIdType(TypeDecorator):
+    """Maps BaseId subclasses <-> BIGINT transparently (Infrastructure-only)."""
+    impl = BigInteger
+    cache_ok = True
+
+    def __init__(self, id_cls):
+        super().__init__()
+        self.id_cls = id_cls
+
+    def process_bind_param(self, value, dialect):
+        # Python -> DB
+        if value is None:
+            return None
+        return int(value)
+
+    def process_result_value(self, value, dialect):
+        if value is None:
+            return None
+        return self.id_cls(int(value))

nlbone/adapters/snowflake.py

@@ -0,0 +1,70 @@
+import threading
+import time
+from datetime import datetime, timezone
+
+from nlbone.config.settings import get_settings
+
+
+class Snowflake:
+    WORKER_ID_BITS = 5
+    DATACENTER_ID_BITS = 5
+    SEQUENCE_BITS = 12
+
+    MAX_WORKER_ID = (1 << WORKER_ID_BITS) - 1      # 31
+    MAX_DATACENTER_ID = (1 << DATACENTER_ID_BITS) - 1  # 31
+    SEQUENCE_MASK = (1 << SEQUENCE_BITS) - 1       # 4095
+
+    WORKER_ID_SHIFT = SEQUENCE_BITS
+    DATACENTER_ID_SHIFT = SEQUENCE_BITS + WORKER_ID_BITS
+    TIMESTAMP_SHIFT = SEQUENCE_BITS + WORKER_ID_BITS + DATACENTER_ID_BITS
+
+    EPOCH = int(datetime(2020, 1, 1, tzinfo=timezone.utc).timestamp() * 1000)
+
+    def __init__(self, datacenter_id: int, worker_id: int):
+        if not (0 <= worker_id <= self.MAX_WORKER_ID):
+            raise ValueError(f"worker_id must be 0..{self.MAX_WORKER_ID}")
+        if not (0 <= datacenter_id <= self.MAX_DATACENTER_ID):
+            raise ValueError(f"datacenter_id must be 0..{self.MAX_DATACENTER_ID}")
+
+        self.datacenter_id = datacenter_id
+        self.worker_id = worker_id
+        self.sequence = 0
+        self.last_ts = -1
+        self._lock = threading.Lock()
+
+    @staticmethod
+    def _timestamp_ms() -> int:
+        return int(time.time() * 1000)
+
+    def _wait_next_ms(self, last_ts: int) -> int:
+        ts = self._timestamp_ms()
+        while ts <= last_ts:
+            ts = self._timestamp_ms()
+        return ts
+
+    def next_id(self) -> int:
+        with self._lock:
+            ts = self._timestamp_ms()
+
+            if ts < self.last_ts:
+                ts = self._wait_next_ms(self.last_ts)
+
+            if ts == self.last_ts:
+                self.sequence = (self.sequence + 1) & self.SEQUENCE_MASK
+                if self.sequence == 0:
+                    ts = self._wait_next_ms(self.last_ts)
+            else:
+                self.sequence = 0
+
+            self.last_ts = ts
+
+            id64 = ((ts - self.EPOCH) << self.TIMESTAMP_SHIFT) | \
+                   (self.datacenter_id << self.DATACENTER_ID_SHIFT) | \
+                   (self.worker_id << self.WORKER_ID_SHIFT) | \
+                   self.sequence
+            return id64
+
+setting = get_settings()
+_DC_ID = int(setting.SNOWFLAKE_DATACENTER_ID)
+_WORKER_ID = int(setting.SNOWFLAKE_WORKER_ID)
+SNOWFLAKE = Snowflake(datacenter_id=_DC_ID, worker_id=_WORKER_ID)

nlbone/config/settings.py

@@ -43,6 +43,9 @@ class Settings(BaseSettings):
     LOG_LEVEL: Literal["CRITICAL", "ERROR", "WARNING", "INFO", "DEBUG"] = Field(default="INFO")
     LOG_JSON: bool = Field(default=True)
 
+    SNOWFLAKE_WORKER_ID : int = Field(default=1)
+    SNOWFLAKE_DATACENTER_ID: int = Field(default=1)
+
     AUDIT_DEFAULT_ENABLE: bool = False
 
     # ---------------------------
@@ -58,6 +61,8 @@ class Settings(BaseSettings):
     KEYCLOAK_CLIENT_ID: str = Field(default="nlbone")
     KEYCLOAK_CLIENT_SECRET: SecretStr = Field(default=SecretStr("dev-secret"))
 
+    AUTH_SERVICE_URL:  AnyHttpUrl = Field(default="https://auth.numberland.ir")
+
     # ---------------------------
     # Database
     # ---------------------------

nlbone/core/domain/base.py

@@ -3,11 +3,13 @@ from __future__ import annotations
 from dataclasses import dataclass
 from datetime import datetime, timezone
 from enum import Enum
-from typing import Any, Generic, List, TypeVar
+from typing import Any, Generic, List, TypeVar, Callable, ClassVar
 from uuid import uuid4
 
 from pydantic import BaseModel
 
+from nlbone.adapters.snowflake import SNOWFLAKE
+
 TId = TypeVar("TId")
 
 
@@ -70,3 +72,37 @@ class AggregateRoot(Entity[TId]):
 
 class BaseEnum(Enum):
     pass
+
+
+
+ID = TypeVar("ID", bound="BaseId")
+
+@dataclass(frozen=True)
+class BaseId(ValueObject):
+    value: int
+
+    _generator: ClassVar[Callable[[], int]] = lambda: SNOWFLAKE.next_id()
+
+    def __post_init__(self):
+        if not isinstance(self.value, int):
+            raise TypeError("BaseId.value must be int")
+        if self.value <= 0:
+            raise ValueError("BaseId must be a positive integer")
+
+    def __int__(self) -> int:
+        return self.value
+
+    def __str__(self) -> str:
+        return str(self.value)
+
+    @classmethod
+    def set_generator(cls, gen: Callable[[], int]) -> None:
+        cls._generator = gen
+
+    @classmethod
+    def new(cls: type[ID]) -> ID:
+        return cls(cls._generator())
+
+    @classmethod
+    def from_int(cls: type[ID], v: int) -> ID:
+        return cls(v)

nlbone/interfaces/api/middleware/authentication.py

@@ -3,6 +3,8 @@ from typing import Callable, Optional, Union
 from fastapi import Request
 from starlette.middleware.base import BaseHTTPMiddleware
 
+from nlbone.adapters.auth.auth_service import AuthService
+
 try:
     from dependency_injector import providers
 
@@ -10,10 +12,10 @@ try:
 except Exception:
     ProviderType = object
 
-from nlbone.core.ports.auth import AuthService
+from nlbone.core.ports.auth import AuthService as BaseAuthService
 
 
-def _to_factory(auth: Union[AuthService, Callable[[], AuthService], ProviderType]):
+def _to_factory(auth: Union[BaseAuthService, Callable[[], BaseAuthService], ProviderType]):
     try:
         from dependency_injector import providers as _p  # type: ignore
 
@@ -26,8 +28,43 @@ def _to_factory(auth: Union[AuthService, Callable[[], AuthService], ProviderType
     return lambda: auth
 
 
+def authenticate_admin_user(request, auth_service):
+    token: Optional[str] = None
+    authz = request.headers.get("Authorization")
+    if authz:
+        try:
+            scheme, token = authz.split(" ", 1)
+            if scheme.lower() != "bearer":
+                token = None
+        except ValueError:
+            token = None
+
+    if token:
+        request.state.token = token
+        try:
+            service: BaseAuthService = auth_service()
+            data = service.verify_token(token)
+            if data:
+                request.state.user_id = data.get("user_id")
+        except Exception:
+            pass
+
+def authenticate_user(request):
+    token = request.cookies.get("access_token") or request.cookies.get("j_token")
+
+    if token:
+        request.state.token = token
+        try:
+            service: BaseAuthService = AuthService()
+            data = service.verify_token(token)
+            if data:
+                request.state.user_id = data.get("sub")
+        except Exception:
+            pass
+
+
 class AuthenticationMiddleware(BaseHTTPMiddleware):
-    def __init__(self, app, auth: Union[AuthService, Callable[[], AuthService], ProviderType]):
+    def __init__(self, app, auth: Union[BaseAuthService, Callable[[], BaseAuthService], ProviderType]):
         super().__init__(app)
         self._get_auth = _to_factory(auth)
 
@@ -35,25 +72,9 @@ class AuthenticationMiddleware(BaseHTTPMiddleware):
         request.state.client_id = request.headers.get("X-Client-Id")
         request.state.user_id = None
         request.state.token = None
-
-        token: Optional[str] = None
-        authz = request.headers.get("Authorization")
-        if authz:
-            try:
-                scheme, token = authz.split(" ", 1)
-                if scheme.lower() != "bearer":
-                    token = None
-            except ValueError:
-                token = None
-
-        if token:
-            request.state.token = token
-            try:
-                service: AuthService = self._get_auth()
-                data = service.verify_token(token)
-                if data:
-                    request.state.user_id = data.get("user_id")
-            except Exception:
-                pass
+        if request.cookies.get("access_token"):
+            authenticate_user(request)
+        elif request.headers.get("Authorization"):
+            authenticate_admin_user(request, auth_service=self._get_auth)
 
         return await call_next(request)

{nlbone-0.7.2.dist-info → nlbone-0.7.3.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: nlbone
-Version: 0.7.2
+Version: 0.7.3
 Summary: Backbone package for interfaces and infrastructure in Python projects
 Author-email: Amir Hosein Kahkbazzadeh <a.khakbazzadeh@gmail.com>
 License: MIT

{nlbone-0.7.2.dist-info → nlbone-0.7.3.dist-info}/RECORD

@@ -2,7 +2,9 @@ nlbone/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 nlbone/container.py,sha256=I3Ev5L-CvfOquR4cyueIiplRriZ-_q_QlH_Xne9lA0k,2698
 nlbone/types.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 nlbone/adapters/__init__.py,sha256=NzUmk4XPyp3GJOw7VSE86xkQMZLtG3MrOoXLeoB551M,41
+nlbone/adapters/snowflake.py,sha256=lmq7vi6HdX9hEuTW6BlTEAy91wmrA4Bx3tvGoagHTW4,2315
 nlbone/adapters/auth/__init__.py,sha256=hkDHvsFhw_UiOHG9ZSMqjiAhK4wumEforitveSZswVw,42
+nlbone/adapters/auth/auth_service.py,sha256=HoRaEOcab5DFmHi4yAudtwJDhaofRyqMVvnq65a3sqg,1062
 nlbone/adapters/auth/keycloak.py,sha256=IhEriaFl5mjIGT6ZUCU9qROd678ARchvWgd4UJ6zH7s,4925
 nlbone/adapters/auth/token_provider.py,sha256=vL2Hk6HXnBbpk40Tq1wpqak5QQ7KEQf3nRquT0N8V4Q,1433
 nlbone/adapters/cache/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -18,6 +20,7 @@ nlbone/adapters/db/postgres/engine.py,sha256=UCegauVB1gvo42ThytYnn5VIcQBwR-5xhcX
 nlbone/adapters/db/postgres/query_builder.py,sha256=Qv_2oZ5OxZwtN3Ts-jaAX_8sLBzb1mpGBhlNF7aR6Wk,12543
 nlbone/adapters/db/postgres/repository.py,sha256=n01TAzdKd-UbOhirE6KMosuvRdJG2l1cszwVHjTM-Ks,10345
 nlbone/adapters/db/postgres/schema.py,sha256=NlE7Rr8uXypsw4oWkdZhZwcIBHQEPIpoHLxcUo98i6s,1039
+nlbone/adapters/db/postgres/types.py,sha256=OXra45PL8Umrqj6Pul_8ZlYRGIWQE36jvBXxui_u6hs,600
 nlbone/adapters/db/postgres/uow.py,sha256=2vRp4RBkh9RVniEY6CMXNHt-XXK9W2CDNKR1upT5EJE,3788
 nlbone/adapters/db/redis/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 nlbone/adapters/db/redis/client.py,sha256=5SUnwP2-GrueSFimUbiqDvrQsumvIE2aeozk8l-vOfQ,466
@@ -40,7 +43,7 @@ nlbone/adapters/ticketing/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJW
 nlbone/adapters/ticketing/client.py,sha256=V5_u7cxV67eAG4jj4vUD23VWGiMXIXSAU362pNS6hYU,1289
 nlbone/config/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 nlbone/config/logging.py,sha256=Ot6Ctf7EQZlW8YNB-uBdleqI6wixn5fH0Eo6QRgNkQk,4358
-nlbone/config/settings.py,sha256=E67FOUgPH9prp5WQzGtOIDbVe0DTr_3WziBIh27SEvM,4324
+nlbone/config/settings.py,sha256=o5kJBHuv-XKFOe_yQtkR0YrEbI2uZ89JpGjzDYhE7o4,4507
 nlbone/core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 nlbone/core/application/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 nlbone/core/application/base_worker.py,sha256=5brIToSd-vi6tw0ukhHnUZGZhOLq1SQ-NRRy-kp6D24,1193
@@ -50,7 +53,7 @@ nlbone/core/application/registry.py,sha256=dTqV_4bkMsLJ60CesZuEel5xO36cD1qikiaCL
 nlbone/core/application/use_case.py,sha256=3GMQZ3CFK5cbLoBNBgohPft6GBq2j9_wr8iKRq_osQA,247
 nlbone/core/application/services/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 nlbone/core/domain/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-nlbone/core/domain/base.py,sha256=6C_wsn4CfFlW7n6ACsyA4r-ZciF4xUv18y0LzhCqMq4,1434
+nlbone/core/domain/base.py,sha256=EpjTDjSFV3or26_4qWh96JQ2hEIyStymhp16L9cuxJ4,2309
 nlbone/core/domain/models.py,sha256=VEIfzruBXcF5XrDrWEvh9q-Ba9-9x_JG20wZsBF5thc,3270
 nlbone/core/ports/__init__.py,sha256=syJg3fAjQALD5Rjfm9wi9bQpkIvNTWjE9AURBmy587o,132
 nlbone/core/ports/auth.py,sha256=C-GmUqHNx4bAku6KbW_OTpPXCEfurBWWyDi9KxpTi9M,553
@@ -80,7 +83,7 @@ nlbone/interfaces/api/dependencies/uow.py,sha256=QfLEvLYLNWZJQN1k-0q0hBVtUld3D75
 nlbone/interfaces/api/middleware/__init__.py,sha256=zbX2vaEAfxRMIYwO2MVY_2O6bqG5H9o7HqGpX14U3Is,158
 nlbone/interfaces/api/middleware/access_log.py,sha256=vIkxxxfy2HcjqqKb8XCfGCcSrivAC8u6ie75FMq5x-U,1032
 nlbone/interfaces/api/middleware/add_request_context.py,sha256=av-qs0biOYuF9R6RJOo2eYsFqDL9WRYWcjVakFhbt-w,1834
-nlbone/interfaces/api/middleware/authentication.py,sha256=ze7vCm492QsX9nPL6A-PqZCmC1C5ZgUE-OWI6fCLpsU,1809
+nlbone/interfaces/api/middleware/authentication.py,sha256=NmCkN_PXBIMJ8tgKJU4C4JHq_9Ohe_-fwgiuv5uWlIk,2497
 nlbone/interfaces/api/pagination/__init__.py,sha256=pA1uC4rK6eqDI5IkLVxmgO2B6lExnOm8Pje2-hifJZw,431
 nlbone/interfaces/api/pagination/offset_base.py,sha256=65UgQZ70IlWUbP9Usd--IxVYW_V0hQLoyXHVffnLFZ0,3940
 nlbone/interfaces/api/schema/__init__.py,sha256=LAqgynfupeqOQ6u0I5ucrcYnojRMZUg9yW8IjKSQTNI,119
@@ -104,8 +107,8 @@ nlbone/utils/http.py,sha256=UXUoXgQdTRNT08ho8zl-C5ekfDsD8uf-JiMQ323ooqw,872
 nlbone/utils/normalize_mobile.py,sha256=sGH4tV9gX-6eVKozviNWJhm1DN1J28Nj-ERldCYkS_E,732
 nlbone/utils/redactor.py,sha256=-V4HrHmHwPi3Kez587Ek1uJlgK35qGSrwBOvcbw8Jas,1279
 nlbone/utils/time.py,sha256=DjjyQ9GLsfXoT6NK8RDW2rOlJg3e6sF04Jw6PBUrSvg,1268
-nlbone-0.7.2.dist-info/METADATA,sha256=KqXtF5AV-X4TaqT1Gouy9CUMa0JZAy0R2fq5a6zeBeA,2294
-nlbone-0.7.2.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-nlbone-0.7.2.dist-info/entry_points.txt,sha256=CpIL45t5nbhl1dGQPhfIIDfqqak3teK0SxPGBBr7YCk,59
-nlbone-0.7.2.dist-info/licenses/LICENSE,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-nlbone-0.7.2.dist-info/RECORD,,
+nlbone-0.7.3.dist-info/METADATA,sha256=oE6yopvG_cQ_3S7k4a2WqDnaMnDmH6ZiY4oYUiRzCRA,2294
+nlbone-0.7.3.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+nlbone-0.7.3.dist-info/entry_points.txt,sha256=CpIL45t5nbhl1dGQPhfIIDfqqak3teK0SxPGBBr7YCk,59
+nlbone-0.7.3.dist-info/licenses/LICENSE,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+nlbone-0.7.3.dist-info/RECORD,,