From 7b69852accdd9c4bd7bbde950c7f9dc2af279c27 Mon Sep 17 00:00:00 2001 From: Stefan Stammberger Date: Sat, 11 Sep 2021 15:18:09 +0200 Subject: [PATCH] fix: make check_user_exists() work with FastAPI --- docs/guide/fastapi_transition.md | 51 ++++++++++++++++++++++++++++++++ lnbits/decorators.py | 40 ++++++++++--------------- 2 files changed, 66 insertions(+), 25 deletions(-) diff --git a/docs/guide/fastapi_transition.md b/docs/guide/fastapi_transition.md index d4688154c..6ae179e24 100644 --- a/docs/guide/fastapi_transition.md +++ b/docs/guide/fastapi_transition.md @@ -1,3 +1,21 @@ +## Check if a user exists and access user object +**old:** +```python +# decorators +@check_user_exists() +async def do_routing_stuff(): + pass +``` + +**new:** +If user doesn't exist, `Depends(check_user_exists)` will raise an exception. +If user exists, `user` will be the user object +```python +# depends calls +@core_html_routes.get("/my_route") +async def extensions(user: User = Depends(check_user_exists)): + pass +``` ## Returning data from API calls **old:** ```python @@ -48,6 +66,39 @@ raise HTTPException( detail=f"Failed to connect to {domain}." ) ``` + +## Extensions +**old:** +```python +from quart import Blueprint + +amilk_ext: Blueprint = Blueprint( + "amilk", __name__, static_folder="static", template_folder="templates" +) +``` + +**new:** +```python +from fastapi import APIRouter +from lnbits.jinja2_templating import Jinja2Templates +from lnbits.helpers import template_renderer +from fastapi.staticfiles import StaticFiles + +offlineshop_ext: APIRouter = APIRouter( + prefix="/Extension", + tags=["Offlineshop"] +) + +offlineshop_ext.mount( + "lnbits/extensions/offlineshop/static", + StaticFiles("lnbits/extensions/offlineshop/static") +) + +offlineshop_rndr = template_renderer([ + "lnbits/extensions/offlineshop/templates", +]) +``` + ## Possible optimizations ### Use Redis as a cache server Instead of hitting the database over and over again, we can store a short lived object in [Redis](https://redis.io) for an arbitrary key. diff --git a/lnbits/decorators.py b/lnbits/decorators.py index a1ced0ca1..ff42d0fd5 100644 --- a/lnbits/decorators.py +++ b/lnbits/decorators.py @@ -2,7 +2,8 @@ from functools import wraps from http import HTTPStatus from fastapi.security import api_key -from lnbits.core.models import Wallet +from pydantic.types import UUID4 +from lnbits.core.models import User, Wallet from typing import List, Union from uuid import UUID @@ -138,29 +139,18 @@ def api_validate_post_request(*, schema: dict): return wrap -def check_user_exists(param: str = "usr"): - def wrap(view): - @wraps(view) - async def wrapped_view(**kwargs): - g().user = await get_user(request.args.get(param, type=str)) - if not g().user: - raise HTTPException( - status_code=HTTPStatus.NOT_FOUND, - detail="User does not exist." - ) - - if LNBITS_ALLOWED_USERS and g().user.id not in LNBITS_ALLOWED_USERS: - raise HTTPException( - status_code=HTTPStatus.UNAUTHORIZED, - detail="User not authorized." - ) - - - return await view(**kwargs) - - return wrapped_view - - return wrap - +async def check_user_exists(usr: UUID4) -> User: + g().user = await get_user(usr.hex) + if not g().user: + raise HTTPException( + status_code=HTTPStatus.NOT_FOUND, + detail="User does not exist." + ) + if LNBITS_ALLOWED_USERS and g().user.id not in LNBITS_ALLOWED_USERS: + raise HTTPException( + status_code=HTTPStatus.UNAUTHORIZED, + detail="User not authorized." + ) + return g().user