PyPI - zrb - Versions diffs - 1.0.0b10__py3-none-any.whl → 1.2.0__py3-none-any.whl - Mend

zrb 1.0.0b10py3-none-any.whl → 1.2.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (61) hide show

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/module/gateway/route.py CHANGED Viewed

@@ -1,18 +1,21 @@
-import os
+from typing import Annotated
-from fastapi import FastAPI, HTTPException, Request
+from fastapi import Depends, FastAPI, HTTPException, Request
 from fastapi.exception_handlers import http_exception_handler
-from fastapi.responses import HTMLResponse
+from fastapi.responses import HTMLResponse, RedirectResponse
 from my_app_name.common.app_factory import app
 from my_app_name.common.schema import BasicResponse
 from my_app_name.config import (
-    APP_GATEWAY_VIEW_PATH,
+    APP_AUTH_ACCESS_TOKEN_COOKIE_NAME,
     APP_MAIN_MODULE,
     APP_MODE,
     APP_MODULES,
 )
+from my_app_name.module.auth.client.auth_client_factory import auth_client
 from my_app_name.module.gateway.subroute.auth import serve_auth_route
-from my_app_name.module.gateway.util.view import render, render_error
+from my_app_name.module.gateway.util.auth import get_current_user
+from my_app_name.module.gateway.util.view import render_content, render_error
+from my_app_name.schema.user import AuthUserResponse
 def serve_route(app: FastAPI):
@@ -21,18 +24,48 @@ def serve_route(app: FastAPI):
     if APP_MODE == "monolith" or APP_MAIN_MODULE == "gateway":
         _serve_health_check(app)
         _serve_readiness_check(app)
-        _serve_homepage(app)
+        _serve_common_pages(app)
         _handle_404(app)
     # Serve auth routes
     serve_auth_route(app)
-def _serve_homepage(app: FastAPI):
+def _serve_common_pages(app: FastAPI):
     @app.get("/", include_in_schema=False)
-    def home_page():
-        return render(
-            view_path=os.path.join(APP_GATEWAY_VIEW_PATH, "content", "homepage.html")
+    def home_page(
+        current_user: Annotated[AuthUserResponse, Depends(get_current_user)],
+    ):
+        return render_content(
+            view_path="homepage.html",
+            current_user=current_user,
+            page_name="gateway.home",
+        )
+    @app.get("/login", include_in_schema=False)
+    def login_page(
+        current_user: Annotated[AuthUserResponse, Depends(get_current_user)],
+    ):
+        if not current_user.is_guest:
+            return RedirectResponse("/")
+        return render_content(
+            view_path="login.html",
+            current_user=current_user,
+            page_name="gateway.home",
+            partials={"show_user_info": False},
+        )
+    @app.get("/logout", include_in_schema=False)
+    def logout_page(
+        current_user: Annotated[AuthUserResponse, Depends(get_current_user)],
+    ):
+        if current_user is None:
+            return RedirectResponse("/")
+        return render_content(
+            view_path="logout.html",
+            current_user=current_user,
+            page_name="gateway.home",
+            partials={"show_user_info": False},
         )
@@ -60,7 +93,15 @@ def _handle_404(app: FastAPI):
         if request.url.path.startswith("/api"):
             # Re-raise the exception to let FastAPI handle it
             return await http_exception_handler(request, exc)
-        return render_error(error_message="Not found", status_code=404)
+        # Get current user by cookies
+        current_user = None
+        cookie_access_token = request.cookies.get(APP_AUTH_ACCESS_TOKEN_COOKIE_NAME)
+        if cookie_access_token is not None and cookie_access_token != "":
+            current_user = await auth_client.get_current_user(cookie_access_token)
+        # Show error page
+        return render_error(
+            error_message="Not found", status_code=404, current_user=current_user
+        )
 serve_route(app)

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/module/gateway/schema/navigation.py ADDED Viewed

@@ -0,0 +1,95 @@
+from my_app_name.schema.user import AuthUserResponse
+from pydantic import BaseModel
+class Page(BaseModel):
+    name: str
+    caption: str
+    url: str
+    permission: str | None = None
+class AccessiblePage(BaseModel):
+    name: str
+    caption: str
+    url: str
+    active: bool
+class PageGroup(BaseModel):
+    name: str
+    caption: str
+    pages: list[Page] = []
+    def append_page(self, submenu: Page) -> Page:
+        self.pages.append(submenu)
+        return submenu
+    def get_accessible_pages(
+        self, submenu_name: str | None = None, user: AuthUserResponse | None = None
+    ) -> list[AccessiblePage]:
+        return [
+            AccessiblePage(
+                name=page.name,
+                caption=page.caption,
+                url=page.url,
+                active=page.name == submenu_name,
+            )
+            for page in self.pages
+            if _has_permission(user, page.permission)
+        ]
+class AccessiblePageGroup(BaseModel):
+    name: str
+    caption: str
+    pages: list[AccessiblePage]
+    active: bool
+class Navigation(BaseModel):
+    items: list[PageGroup | Page] = []
+    def append_page_group(self, page_group: PageGroup) -> PageGroup:
+        self.items.append(page_group)
+        return page_group
+    def append_page(self, page: Page) -> Page:
+        self.items.append(page)
+        return page
+    def get_accessible_items(
+        self, page_name: str | None, user: AuthUserResponse | None
+    ) -> list[AccessiblePageGroup | AccessiblePage]:
+        accessible_items = []
+        for item in self.items:
+            if isinstance(item, Page) and _has_permission(user, item.permission):
+                accessible_items.append(
+                    AccessiblePage(
+                        name=item.name,
+                        caption=item.caption,
+                        url=item.url,
+                        active=item.name == page_name,
+                    )
+                )
+                continue
+            accessible_submenus = item.get_accessible_pages(page_name, user)
+            if accessible_submenus:
+                active = any(submenu.active for submenu in accessible_submenus)
+                accessible_items.append(
+                    AccessiblePageGroup(
+                        name=item.name,
+                        caption=item.caption,
+                        pages=accessible_submenus,
+                        active=active,
+                    )
+                )
+        return accessible_items
+def _has_permission(user: AuthUserResponse | None, permission: str | None):
+    if permission is None:
+        return True
+    if user is not None:
+        return user.has_permission(permission)
+    return False

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/module/gateway/subroute/auth.py CHANGED Viewed

@@ -1,14 +1,17 @@
+import os
 from typing import Annotated
-from fastapi import Depends, FastAPI, Response
+from fastapi import Depends, FastAPI, Request, Response
 from fastapi.security import OAuth2PasswordRequestForm
-from my_app_name.common.error import ForbiddenError
+from my_app_name.common.error import ForbiddenError, NotFoundError
 from my_app_name.module.auth.client.auth_client_factory import auth_client
 from my_app_name.module.gateway.util.auth import (
     get_current_user,
+    get_refresh_token,
     set_user_session_cookie,
     unset_user_session_cookie,
 )
+from my_app_name.module.gateway.util.view import render_content, render_error
 from my_app_name.schema.permission import (
     MultiplePermissionResponse,
     PermissionCreate,
@@ -49,22 +52,56 @@ def serve_auth_route(app: FastAPI):
     @app.put("/api/v1/user-sessions", response_model=UserSessionResponse)
     async def update_user_session(
-        response: Response, refresh_token: str
+        request: Request, response: Response, refresh_token: str | None = None
     ) -> UserSessionResponse:
-        user_session = await auth_client.update_user_session(refresh_token)
+        actual_refresh_token = get_refresh_token(request, refresh_token)
+        if actual_refresh_token is None:
+            raise ForbiddenError("Refresh token needed")
+        try:
+            user_session = await auth_client.update_user_session(actual_refresh_token)
+        except NotFoundError:
+            raise ForbiddenError("Session not found")
         set_user_session_cookie(response, user_session)
         return user_session
     @app.delete("/api/v1/user-sessions", response_model=UserSessionResponse)
     async def delete_user_session(
-        response: Response, refresh_token: str
+        request: Request, response: Response, refresh_token: str | None = None
     ) -> UserSessionResponse:
-        user_session = await auth_client.delete_user_session(refresh_token)
-        unset_user_session_cookie(response)
-        return user_session
+        try:
+            actual_refresh_token = get_refresh_token(request, refresh_token)
+            if actual_refresh_token is None:
+                raise ForbiddenError("Refresh token needed")
+            user_session = await auth_client.delete_user_session(actual_refresh_token)
+            return user_session
+        finally:
+            unset_user_session_cookie(response)
     # Permission routes
+    @app.get("/auth/permissions", include_in_schema=False)
+    def permissions_crud_ui(
+        current_user: Annotated[AuthUserResponse, Depends(get_current_user)],
+        page: int = 1,
+        page_size: int = 10,
+        sort: str | None = None,
+        filter: str | None = None,
+    ):
+        if not current_user.has_permission("permission:read"):
+            return render_error(error_message="Access denied", status_code=403)
+        return render_content(
+            view_path=os.path.join("auth", "permission.html"),
+            current_user=current_user,
+            page_name="auth.permission",
+            page=page,
+            page_size=page_size,
+            sort=sort,
+            filter=filter,
+            allow_create=current_user.has_permission("permission:create"),
+            allow_update=current_user.has_permission("permission:update"),
+            allow_delete=current_user.has_permission("permission:delete"),
+        )
     @app.get("/api/v1/permissions", response_model=MultiplePermissionResponse)
     async def get_permissions(
         current_user: Annotated[AuthUserResponse, Depends(get_current_user)],
@@ -176,6 +213,29 @@ def serve_auth_route(app: FastAPI):
     # Role routes
+    @app.get("/auth/roles", include_in_schema=False)
+    def roles_crud_ui(
+        current_user: Annotated[AuthUserResponse, Depends(get_current_user)],
+        page: int = 1,
+        page_size: int = 10,
+        sort: str | None = None,
+        filter: str | None = None,
+    ):
+        if not current_user.has_permission("role:read"):
+            return render_error(error_message="Access denied", status_code=403)
+        return render_content(
+            view_path=os.path.join("auth", "role.html"),
+            current_user=current_user,
+            page_name="auth.role",
+            page=page,
+            page_size=page_size,
+            sort=sort,
+            filter=filter,
+            allow_create=current_user.has_permission("role:create"),
+            allow_update=current_user.has_permission("role:update"),
+            allow_delete=current_user.has_permission("role:delete"),
+        )
     @app.get("/api/v1/roles", response_model=MultipleRoleResponse)
     async def get_roles(
         current_user: Annotated[AuthUserResponse, Depends(get_current_user)],
@@ -283,6 +343,29 @@ def serve_auth_route(app: FastAPI):
     # User routes
+    @app.get("/auth/users", include_in_schema=False)
+    def users_crud_ui(
+        current_user: Annotated[AuthUserResponse, Depends(get_current_user)],
+        page: int = 1,
+        page_size: int = 10,
+        sort: str | None = None,
+        filter: str | None = None,
+    ):
+        if not current_user.has_permission("user:read"):
+            return render_error(error_message="Access denied", status_code=403)
+        return render_content(
+            view_path=os.path.join("auth", "user.html"),
+            current_user=current_user,
+            page_name="auth.user",
+            page=page,
+            page_size=page_size,
+            sort=sort,
+            filter=filter,
+            allow_create=current_user.has_permission("user:create"),
+            allow_update=current_user.has_permission("user:update"),
+            allow_delete=current_user.has_permission("user:delete"),
+        )
     @app.get("/api/v1/users", response_model=MultipleUserResponse)
     async def get_users(
         current_user: Annotated[AuthUserResponse, Depends(get_current_user)],

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/module/gateway/util/auth.py CHANGED Viewed

@@ -15,6 +15,15 @@ from typing_extensions import Annotated
 oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/v1/user-sessions", auto_error=False)
+def get_refresh_token(request: Request, refresh_token: str | None) -> str | None:
+    if refresh_token is not None and refresh_token != "":
+        return refresh_token
+    cookie_refresh_token = request.cookies.get(APP_AUTH_REFRESH_TOKEN_COOKIE_NAME)
+    if cookie_refresh_token is not None and cookie_refresh_token != "":
+        return cookie_refresh_token
+    return None
 async def get_current_user(
     request: Request,
     response: Response,

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/module/gateway/util/view.py CHANGED Viewed

@@ -1,18 +1,24 @@
 import os
 from typing import Any
+import my_app_name.config as CFG
 from fastapi.responses import HTMLResponse
 from my_app_name.common.util.view import render_page, render_str
 from my_app_name.config import (
+    APP_AUTH_ACCESS_TOKEN_EXPIRE_MINUTES,
     APP_GATEWAY_CSS_PATH_LIST,
     APP_GATEWAY_FAVICON_PATH,
+    APP_GATEWAY_FOOTER,
     APP_GATEWAY_JS_PATH_LIST,
     APP_GATEWAY_LOGO_PATH,
+    APP_GATEWAY_PICO_CSS_PATH,
     APP_GATEWAY_SUBTITLE,
     APP_GATEWAY_TITLE,
     APP_GATEWAY_VIEW_DEFAULT_TEMPLATE_PATH,
     APP_GATEWAY_VIEW_PATH,
 )
+from my_app_name.module.gateway.config.navigation import APP_NAVIGATION
+from my_app_name.schema.user import AuthUserResponse
 _DEFAULT_TEMPLATE_PATH = os.path.join(
     APP_GATEWAY_VIEW_PATH, APP_GATEWAY_VIEW_DEFAULT_TEMPLATE_PATH
@@ -24,32 +30,47 @@ _DEFAULT_ERROR_TEMPLATE_PATH = os.path.join(
 _DEFAULT_PARTIALS = {
     "title": APP_GATEWAY_TITLE,
     "subtitle": APP_GATEWAY_SUBTITLE,
+    "footer": APP_GATEWAY_FOOTER,
     "logo_path": APP_GATEWAY_LOGO_PATH,
     "favicon_path": APP_GATEWAY_FAVICON_PATH,
+    "pico_css_path": APP_GATEWAY_PICO_CSS_PATH,
     "css_path_list": APP_GATEWAY_CSS_PATH_LIST,
     "js_path_list": APP_GATEWAY_JS_PATH_LIST,
+    "show_user_info": True,
+    "should_refresh_session": True,
+    "refresh_session_interval_seconds": f"{APP_AUTH_ACCESS_TOKEN_EXPIRE_MINUTES * 60 / 3}",
 }
-def render(
+def render_content(
     view_path: str,
     template_path: str = _DEFAULT_TEMPLATE_PATH,
     status_code: int = 200,
-    headers: dict[str, str] = None,
+    headers: dict[str, str] | None = None,
     media_type: str | None = None,
+    current_user: AuthUserResponse | None = None,
+    page_name: str | None = None,
     partials: dict[str, Any] = {},
-    **data: Any
+    **data: Any,
 ) -> HTMLResponse:
     rendered_partials = {key: val for key, val in _DEFAULT_PARTIALS.items()}
     for key, val in partials.items():
         rendered_partials[key] = val
+    rendered_partials["page_name"] = page_name
+    rendered_partials["current_user"] = current_user
+    rendered_partials["navigations"] = APP_NAVIGATION.get_accessible_items(
+        page_name, current_user
+    )
     return render_page(
         template_path=template_path,
         status_code=status_code,
         headers=headers,
         media_type=media_type,
-        partials=rendered_partials,
-        content=render_str(template_path=view_path, **data),
+        content=render_str(
+            template_path=os.path.join(APP_GATEWAY_VIEW_PATH, "content", view_path),
+            **data,
+        ),
+        **rendered_partials,
     )
@@ -58,17 +79,21 @@ def render_error(
     status_code: int = 500,
     view_path: str = _DEFAULT_ERROR_TEMPLATE_PATH,
     template_path: str = _DEFAULT_TEMPLATE_PATH,
-    headers: dict[str, str] = None,
+    headers: dict[str, str] | None = None,
     media_type: str | None = None,
+    current_user: AuthUserResponse | None = None,
+    page_name: str | None = None,
     partials: dict[str, Any] = {},
 ):
-    return render(
+    return render_content(
         view_path=view_path,
         template_path=template_path,
         status_code=status_code,
         headers=headers,
         media_type=media_type,
-        partials=partials,
+        current_user=current_user,
+        page_name=page_name,
+        partials={"show_user_info": False, **partials},
         error_status_code=status_code,
         error_message=error_message,
     )

zrb 1.0.0b10__py3-none-any.whl → 1.2.0__py3-none-any.whl

zrb 1.0.0b10py3-none-any.whl → 1.2.0py3-none-any.whl