ohmyapi 0.1.7__tar.gz → 0.1.8__tar.gz

{ohmyapi-0.1.7 → ohmyapi-0.1.8}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: ohmyapi
-Version: 0.1.7
+Version: 0.1.8
 Summary: A Django-like but async web-framework based on FastAPI and TortoiseORM.
 License-Expression: MIT
 Keywords: fastapi,tortoise,orm,async,web-framework
@@ -32,26 +32,32 @@ Description-Content-Type: text/markdown
 
 # OhMyAPI
 
-> Think: Micro-Django, but API-first, less clunky and 100% async.
+> Think: Django RestFramework, but less clunky and 100% async.
 
 OhMyAPI is a Django-flavored web-application scaffolding framework and management layer.
 Built around FastAPI and TortoiseORM, it is 100% async.
 
-It is ***blazingly fast***, ***fun*** to use and comes with ***batteries included***!
+It is ***blazingly fast***, ***fun to use*** and comes with ***batteries included***!
 
 **Features**
 
 - Django-like project-layout and -structure
-- Django-like prject-level settings.py
+- Django-like project-level settings.py
 - Django-like models via TortoiseORM
 - Django-like `Model.Meta` class for model configuration
 - Easily convert your query results to `pydantic` models via `Model.Schema`
-- Django-like migrations (makemigrations & migrate) via Aerich
+- Django-like migrations (`makemigrations` & `migrate`) via Aerich
 - Django-like CLI tooling (`startproject`, `startapp`, `shell`, `serve`, etc)
 - Various optional builtin apps you can hook into your project
 - Highly configurable and customizable
 - 100% async
 
+OhMyAPI aims to:
+
+- combine FastAPI, TortoiseORM and Aerich migrations into a high-productivity web-application framework
+- tying everything neatly together into a project structure consisting of apps with models and a router
+- while ***AVOIDING*** to introduce any additional abstractions ontop of Tortoise's model-system or FastAPI's routing
+
 ---
 
 ## Getting started
@@ -114,7 +120,7 @@ from ohmyapi.db import Model, field
 
 
 class Tournament(Model):
-    id = field.IntField(primary_key=True)
+    id = field.data.UUIDField(primary_key=True)
     name = field.TextField()
     created = field.DatetimeField(auto_now_add=True)
 
@@ -123,7 +129,7 @@ class Tournament(Model):
 
 
 class Event(Model):
-    id = field.IntField(primary_key=True)
+    id = field.data.UUIDField(primary_key=True)
     name = field.TextField()
     tournament = field.ForeignKeyField('tournament.Tournament', related_name='events')
     participants = field.ManyToManyField('torunament.Team', related_name='events', through='event_team')
@@ -135,7 +141,7 @@ class Event(Model):
 
 
 class Team(Model):
-    id = field.IntField(primary_key=True)
+    id = field.data.UUIDField(primary_key=True)
     name = field.TextField()
 
     def __str__(self):
@@ -162,7 +168,7 @@ async def list():
 
 
 @router.get("/:id")
-async def get(id: int):
+async def get(id: str):
     try:
         queryset = Tournament.get(pk=id)
         return await Tournament.Schema.one(queryset)
@@ -289,7 +295,7 @@ async def list(user: auth.User = Depends(permissions.require_authenticated)):
 
 ### Model-Level Permissions
 
-Use Tortoise's `Manager` to implement model-layer permissions.
+Use Tortoise's `Manager` to implement model-level permissions.
 
 ```python
 from ohmyapi.db import Manager
@@ -297,7 +303,7 @@ from typing import Callable
 
 
 class TeamManager(Manager):
-    async def for_user(self, user):
+    async def for_user(self, user: ohmyapi_auth.models.User):
         return await self.filter(members=user).all()
 
 

{ohmyapi-0.1.7 → ohmyapi-0.1.8}/README.md

@@ -1,25 +1,31 @@
 # OhMyAPI
 
-> Think: Micro-Django, but API-first, less clunky and 100% async.
+> Think: Django RestFramework, but less clunky and 100% async.
 
 OhMyAPI is a Django-flavored web-application scaffolding framework and management layer.
 Built around FastAPI and TortoiseORM, it is 100% async.
 
-It is ***blazingly fast***, ***fun*** to use and comes with ***batteries included***!
+It is ***blazingly fast***, ***fun to use*** and comes with ***batteries included***!
 
 **Features**
 
 - Django-like project-layout and -structure
-- Django-like prject-level settings.py
+- Django-like project-level settings.py
 - Django-like models via TortoiseORM
 - Django-like `Model.Meta` class for model configuration
 - Easily convert your query results to `pydantic` models via `Model.Schema`
-- Django-like migrations (makemigrations & migrate) via Aerich
+- Django-like migrations (`makemigrations` & `migrate`) via Aerich
 - Django-like CLI tooling (`startproject`, `startapp`, `shell`, `serve`, etc)
 - Various optional builtin apps you can hook into your project
 - Highly configurable and customizable
 - 100% async
 
+OhMyAPI aims to:
+
+- combine FastAPI, TortoiseORM and Aerich migrations into a high-productivity web-application framework
+- tying everything neatly together into a project structure consisting of apps with models and a router
+- while ***AVOIDING*** to introduce any additional abstractions ontop of Tortoise's model-system or FastAPI's routing
+
 ---
 
 ## Getting started
@@ -82,7 +88,7 @@ from ohmyapi.db import Model, field
 
 
 class Tournament(Model):
-    id = field.IntField(primary_key=True)
+    id = field.data.UUIDField(primary_key=True)
     name = field.TextField()
     created = field.DatetimeField(auto_now_add=True)
 
@@ -91,7 +97,7 @@ class Tournament(Model):
 
 
 class Event(Model):
-    id = field.IntField(primary_key=True)
+    id = field.data.UUIDField(primary_key=True)
     name = field.TextField()
     tournament = field.ForeignKeyField('tournament.Tournament', related_name='events')
     participants = field.ManyToManyField('torunament.Team', related_name='events', through='event_team')
@@ -103,7 +109,7 @@ class Event(Model):
 
 
 class Team(Model):
-    id = field.IntField(primary_key=True)
+    id = field.data.UUIDField(primary_key=True)
     name = field.TextField()
 
     def __str__(self):
@@ -130,7 +136,7 @@ async def list():
 
 
 @router.get("/:id")
-async def get(id: int):
+async def get(id: str):
     try:
         queryset = Tournament.get(pk=id)
         return await Tournament.Schema.one(queryset)
@@ -257,7 +263,7 @@ async def list(user: auth.User = Depends(permissions.require_authenticated)):
 
 ### Model-Level Permissions
 
-Use Tortoise's `Manager` to implement model-layer permissions.
+Use Tortoise's `Manager` to implement model-level permissions.
 
 ```python
 from ohmyapi.db import Manager
@@ -265,7 +271,7 @@ from typing import Callable
 
 
 class TeamManager(Manager):
-    async def for_user(self, user):
+    async def for_user(self, user: ohmyapi_auth.models.User):
         return await self.filter(members=user).all()
 
 

{ohmyapi-0.1.7 → ohmyapi-0.1.8}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "ohmyapi"
-version = "0.1.7"
+version = "0.1.8"
 description = "A Django-like but async web-framework based on FastAPI and TortoiseORM."
 license = "MIT"
 keywords = ["fastapi", "tortoise", "orm", "async", "web-framework"]

{ohmyapi-0.1.7 → ohmyapi-0.1.8}/src/ohmyapi/builtin/auth/models.py

@@ -7,12 +7,12 @@ pwd_context = CryptContext(schemes=["argon2"], deprecated="auto")
 
 
 class Group(Model):
-    id = field.IntField(pk=True)
+    id = field.data.UUIDField(pk=True)
     name = field.CharField(max_length=42, index=True)
 
 
 class User(Model):
-    id = field.IntField(pk=True)
+    id = field.data.UUIDField(pk=True)
     email = field.CharField(max_length=255, unique=True, index=True)
     username = field.CharField(max_length=150, unique=True)
     password_hash = field.CharField(max_length=128)

{ohmyapi-0.1.7 → ohmyapi-0.1.8}/src/ohmyapi/builtin/auth/permissions.py

@@ -1,4 +1,5 @@
 from .routes import (
+    get_token,
     get_current_user,
     require_authenticated,
     require_admin,

{ohmyapi-0.1.7 → ohmyapi-0.1.8}/src/ohmyapi/builtin/auth/routes.py

@@ -1,12 +1,13 @@
 import time
-from typing import Dict
+from enum import Enum
+from typing import Any, Dict, List
 
 import jwt
 from fastapi import APIRouter, Body, Depends, Header, HTTPException, status
 from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
 from pydantic import BaseModel
 
-from ohmyapi.builtin.auth.models import User
+from ohmyapi.builtin.auth.models import User, Group
 
 import settings
 
@@ -40,14 +41,39 @@ def decode_token(token: str) -> Dict:
         raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid token")
 
 
+class TokenType(str, Enum):
+    """
+    Helper for indicating the token type when generating claims.
+    """
+    access = "access"
+    refresh = "refresh"
+
+
+def claims(token_type: TokenType, user: User, groups: List[Group] = []) -> Dict[str, Any]:
+    return {
+        'type': token_type,
+        'sub': str(user.id),
+        'user': {
+            'username': user.username,
+            'email': user.email,
+        },
+        'roles': [g.name for g in groups]
+    }
+
+async def get_token(token: str = Depends(oauth2_scheme)) -> Dict:
+    """Dependency: token introspection"""
+    payload = decode_token(token)
+    return payload
+
+
 async def get_current_user(token: str = Depends(oauth2_scheme)) -> User:
     """Dependency: extract user from access token."""
     payload = decode_token(token)
-    username = payload.get("sub")
-    if username is None:
+    user_id = payload.get("sub")
+    if user_id is None:
         raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid token payload")
 
-    user = await User.filter(username=username).first()
+    user = await User.filter(id=user_id).first()
     if not user:
         raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="User not found")
     return user
@@ -100,8 +126,8 @@ async def login(form_data: LoginRequest = Body(...)):
     if not user:
         raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid credentials")
 
-    access_token = create_token({"sub": user.username, "type": "access"}, ACCESS_TOKEN_EXPIRE_SECONDS)
-    refresh_token = create_token({"sub": user.username, "type": "refresh"}, REFRESH_TOKEN_EXPIRE_SECONDS)
+    access_token = create_token(claims(TokenType.access, user), ACCESS_TOKEN_EXPIRE_SECONDS)
+    refresh_token = create_token(claims(TokenType.refresh, user), REFRESH_TOKEN_EXPIRE_SECONDS)
 
     return {
         "access_token": access_token,
@@ -117,20 +143,26 @@ async def refresh_token(refresh_token: str):
     if payload.get("type") != "refresh":
         raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid refresh token")
 
-    username = payload.get("sub")
-    user = await User.filter(username=username).first()
+    user_id = payload.get("sub")
+    user = await User.filter(id=user_id).first()
     if not user:
         raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="User not found")
 
-    new_access = create_token({"sub": user.username, "type": "access"}, ACCESS_TOKEN_EXPIRE_SECONDS)
+    new_access = create_token(claims(TokenType.access, user), ACCESS_TOKEN_EXPIRE_SECONDS)
     return {"access_token": new_access, "token_type": "bearer"}
 
 
 @router.get("/me")
-async def me(current_user: User = Depends(get_current_user)):
+async def me(user: User = Depends(get_current_user)):
     """Return the currently authenticated user."""
     return {
-        "username": current_user.username,
-        "is_admin": current_user.is_admin,
-        "is_staff": current_user.is_staff,
+        "email": user.email,
+        "username": user.username,
+        "is_admin": user.is_admin,
+        "is_staff": user.is_staff,
     }
+
+
+@router.get("/introspect")
+async def introspect(token: Dict = Depends(get_token)):
+    return token

{ohmyapi-0.1.7 → ohmyapi-0.1.8}/src/ohmyapi/cli.py

@@ -101,9 +101,10 @@ def createsuperuser(root: str = "."):
 
     import asyncio
     import ohmyapi_auth
+    email = input("E-Mail: ")
     username = input("Username: ")
     password = getpass("Password: ")
-    user = ohmyapi_auth.models.User(username=username, is_staff=True, is_admin=True)
+    user = ohmyapi_auth.models.User(email=email, username=username, is_staff=True, is_admin=True)
     user.set_password(password)
     asyncio.run(project.init_orm())
     asyncio.run(user.save())