starred/Stagnum
1
0
Fork 0
mirror of https://github.com/EddieTheCubeHead/Stagnum.git synced 2026-04-26 06:05:49 +03:00
Code Issues 25 Projects Releases Packages Wiki Activity

[PR #55] [MERGED] 43 create login routes and auth functionality for backend #258

New issue
Closed
opened 2026-02-27 19:17:29 +03:00 by kerem · 0 comments
kerem commented 2026-02-27 19:17:29 +03:00
Owner
Copy link

📋 Pull Request Information

Original PR: https://github.com/EddieTheCubeHead/Stagnum/pull/55
Author: @EddieTheCubeHead
Created: 2/4/2024
Status: Merged
Merged: 2/6/2024
Merged by: @EddieTheCubeHead

Base: masterHead: 43-create-login-routes-and-auth-functionality-for-backend

📝 Commits (10+)

  • 160c199 43 Test configuring and fixture creation
  • 592df05 Tests and functionality for including state in login redirect
  • 41f91cc 43 database objects now have creation timestamp + tests
  • 50dd9d5 43 refactoring database testing
  • 1646d70 43 More test refactoring
  • 7bb2650 43 Test for storing login state in database
  • f520d9d Merge branch 'master' into 43-create-login-routes-and-auth-functionality-for-backend
  • 46efc68 43 remove redundant dependency holder
  • 32ac906 43 Test for getting redirect uri from client
  • 077a09a 43 Get spotify client id from env test and functionality

📊 Changes

23 files changed (+772 additions, -63 deletions)

View changed files

📝 server/README.md (+36 -15)
📝 server/requirements.txt (+3 -1)
server/src/alembic/versions/149e2197ecff_add_data_required_for_login_and_auth_.py (+33 -0)
📝 server/src/alembic/versions/af9978211950_add_user_table.py (+2 -2)
📝 server/src/api/application.py (+11 -9)
📝 server/src/api/auth/__init__.py (+1 -0)
server/src/api/auth/dependencies.py (+42 -0)
📝 server/src/api/auth/models.py (+1 -1)
📝 server/src/api/auth/routes.py (+43 -5)
server/src/api/auth/scheduler.py (+29 -0)
server/src/api/common/dependencies.py (+102 -0)
📝 server/src/api/common/models.py (+7 -0)
📝 server/src/database/database_connection.py (+22 -2)
📝 server/src/database/entities.py (+11 -2)
📝 server/src/main.py (+3 -2)
server/test/auth_features/__init__.py (+0 -0)
server/test/auth_features/auth_login_callback_features.py (+213 -0)
server/test/auth_features/auth_login_features.py (+84 -0)
server/test/auth_features/cleanup_state_strings_features.py (+46 -0)
server/test/auth_features/conftest.py (+20 -0)

...and 3 more files

📄 Description

There's a lot here. I will walk the team through what's happening tomorrow in the weekly as well but trying to communicate the most important points:

FastAPI dependency system and tests

We can use FastAPI dependencies to both easily serve required functionality to routes and mock said functionality during testing if needed (database, connection to spotify). For seeing how dependencies work check the FastAPI docs. For a code example, see server/src/api/common/dependencies.

We're grouping dependencies by where they are needed. We should not cross-import dependencies from a feature folder in api. Place shared dependencies in the common folder.

See test/conftest for mocking dependencies. Generally we want all test setup to happen through fixtures, as it both makes it easy to serve setup code to tests and ensures the scopes stay correct (no global state).

Login functionality

We implement two routes for login functionality:

  • /login/auth
    • Serves a redirect url to the client.
    • Saves state in database for validation to prevent cross-site forgery.
    • States are deleted 15 minutes after creation
  • /login/auth/callback
    • Callback to OAuth flow. Should be called by client with correct data (see docs)
    • Checks that state is correct
    • Uses data provided to perform the final login
    • Gets user data from spotify if login is successful
    • Stores/updates user data into database so we don't need to call spotify constantly for that
    • Stores token in local memory for authentication
    • Returns token so client can included it

Also added a scheduled task for deleting state (see src/api/auth/routes), and a FastAPI dependency for validating tokens (see src/api/common/dependencies).

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/EddieTheCubeHead/Stagnum/pull/55 **Author:** [@EddieTheCubeHead](https://github.com/EddieTheCubeHead) **Created:** 2/4/2024 **Status:** ✅ Merged **Merged:** 2/6/2024 **Merged by:** [@EddieTheCubeHead](https://github.com/EddieTheCubeHead) **Base:** `master` ← **Head:** `43-create-login-routes-and-auth-functionality-for-backend` --- ### 📝 Commits (10+) - [`160c199`](https://github.com/EddieTheCubeHead/Stagnum/commit/160c199f2a77ad1155d691f619f5c46870fe6d04) 43 Test configuring and fixture creation - [`592df05`](https://github.com/EddieTheCubeHead/Stagnum/commit/592df058446cdd988d30b64b40e99173a7c7c4b5) Tests and functionality for including state in login redirect - [`41f91cc`](https://github.com/EddieTheCubeHead/Stagnum/commit/41f91cc6a4d7cbc7f18af4a84d8c8eca4d7e4794) 43 database objects now have creation timestamp + tests - [`50dd9d5`](https://github.com/EddieTheCubeHead/Stagnum/commit/50dd9d5bd2a25ca47fd55bb47664d68b298b8fa2) 43 refactoring database testing - [`1646d70`](https://github.com/EddieTheCubeHead/Stagnum/commit/1646d704bdba5e270ea942ad3c33200661171a19) 43 More test refactoring - [`7bb2650`](https://github.com/EddieTheCubeHead/Stagnum/commit/7bb26506103f0ff086cf9500e58e096f275dfad6) 43 Test for storing login state in database - [`f520d9d`](https://github.com/EddieTheCubeHead/Stagnum/commit/f520d9d936b6feedbea3ce77331a16cc13c97978) Merge branch 'master' into 43-create-login-routes-and-auth-functionality-for-backend - [`46efc68`](https://github.com/EddieTheCubeHead/Stagnum/commit/46efc68b94f7e2ca4fe96c69e8c6d98732768b9d) 43 remove redundant dependency holder - [`32ac906`](https://github.com/EddieTheCubeHead/Stagnum/commit/32ac9063c2b9874cfd77684228f6f83fac336b03) 43 Test for getting redirect uri from client - [`077a09a`](https://github.com/EddieTheCubeHead/Stagnum/commit/077a09a10c7d1277f605b78a826d501374770112) 43 Get spotify client id from env test and functionality ### 📊 Changes **23 files changed** (+772 additions, -63 deletions) <details> <summary>View changed files</summary> 📝 `server/README.md` (+36 -15) 📝 `server/requirements.txt` (+3 -1) ➕ `server/src/alembic/versions/149e2197ecff_add_data_required_for_login_and_auth_.py` (+33 -0) 📝 `server/src/alembic/versions/af9978211950_add_user_table.py` (+2 -2) 📝 `server/src/api/application.py` (+11 -9) 📝 `server/src/api/auth/__init__.py` (+1 -0) ➕ `server/src/api/auth/dependencies.py` (+42 -0) 📝 `server/src/api/auth/models.py` (+1 -1) 📝 `server/src/api/auth/routes.py` (+43 -5) ➕ `server/src/api/auth/scheduler.py` (+29 -0) ➕ `server/src/api/common/dependencies.py` (+102 -0) 📝 `server/src/api/common/models.py` (+7 -0) 📝 `server/src/database/database_connection.py` (+22 -2) 📝 `server/src/database/entities.py` (+11 -2) 📝 `server/src/main.py` (+3 -2) ➕ `server/test/auth_features/__init__.py` (+0 -0) ➕ `server/test/auth_features/auth_login_callback_features.py` (+213 -0) ➕ `server/test/auth_features/auth_login_features.py` (+84 -0) ➕ `server/test/auth_features/cleanup_state_strings_features.py` (+46 -0) ➕ `server/test/auth_features/conftest.py` (+20 -0) _...and 3 more files_ </details> ### 📄 Description There's a lot here. I will walk the team through what's happening tomorrow in the weekly as well but trying to communicate the most important points: **FastAPI dependency system and tests** We can use FastAPI dependencies to both easily serve required functionality to routes _and_ mock said functionality during testing if needed (database, connection to spotify). For seeing how dependencies work check the [FastAPI docs](https://fastapi.tiangolo.com/tutorial/dependencies/). For a code example, see server/src/api/common/dependencies. We're grouping dependencies by where they are needed. We should not cross-import dependencies from a feature folder in api. Place shared dependencies in the common folder. See test/conftest for mocking dependencies. Generally we want **all** test setup to happen through fixtures, as it both makes it easy to serve setup code to tests and ensures the scopes stay correct (no global state). **Login functionality** We implement two routes for login functionality: - /login/auth - Serves a redirect url to the client. - Saves state in database for validation to prevent cross-site forgery. - States are deleted 15 minutes after creation - /login/auth/callback - Callback to OAuth flow. Should be called by client with correct data (see docs) - Checks that state is correct - Uses data provided to perform the final login - Gets user data from spotify if login is successful - Stores/updates user data into database so we don't need to call spotify constantly for that - Stores token in local memory for authentication - Returns token so client can included it Also added a scheduled task for deleting state (see src/api/auth/routes), and a FastAPI dependency for validating tokens (see src/api/common/dependencies). --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
kerem 2026-02-27 19:17:29 +03:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
445-convert-all-frontend-tests-to-use-testapp-and-msw
No results found.
Labels
Clear labels   
bug

   
bug

   
client

   
design

   
documentation

   
feature

   
feature

   
infrastructure

   
pull-request

Mirrored from GitHub Pull Request

  
ready for development

   
server

   
server

   
spike

   
technical work
No labels
bug
bug
client
design
documentation
feature
feature
infrastructure
pull-request
ready for development
server
server
spike
technical work
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/Stagnum#258
No description provided.