From 7af3c11c6abd19852323a0a342d2b470418352fe Mon Sep 17 00:00:00 2001 From: Your Name Date: Thu, 31 Oct 2024 15:14:03 +0530 Subject: [PATCH 01/10] Update is_guest field logic in 01_create_tables.sql --- sql/01_create_tables.sql | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/sql/01_create_tables.sql b/sql/01_create_tables.sql index f4b1719..55846bb 100644 --- a/sql/01_create_tables.sql +++ b/sql/01_create_tables.sql @@ -10,6 +10,13 @@ CREATE TABLE users ( updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ); +-- Set is_guest field for users with NULL emails or emails containing 'guest' +UPDATE users +SET is_guest = CASE + WHEN email IS NULL OR email ILIKE '%guest%' THEN TRUE + ELSE FALSE +END; + CREATE TABLE preferences ( id SERIAL PRIMARY KEY, user_id INTEGER NOT NULL, From 444b7a0eab14598768a824df05c879e034ec1b6a Mon Sep 17 00:00:00 2001 From: Your Name Date: Fri, 1 Nov 2024 14:50:51 +0530 Subject: [PATCH 02/10] Implement logic for is_guest field in main_api.py and ansari_db.py, add 08_update_guest_users.sql --- sql/08_update_guest_users.sql | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 sql/08_update_guest_users.sql diff --git a/sql/08_update_guest_users.sql b/sql/08_update_guest_users.sql new file mode 100644 index 0000000..33e3950 --- /dev/null +++ b/sql/08_update_guest_users.sql @@ -0,0 +1,6 @@ +-- Set is_guest field for users with NULL emails or emails containing 'guest' +UPDATE users +SET is_guest = CASE + WHEN email IS NULL OR email ILIKE '%guest%' THEN TRUE + ELSE FALSE +END; From 6cdf8197f4010967df7f61e33fdeb720469d7169 Mon Sep 17 00:00:00 2001 From: Your Name Date: Fri, 1 Nov 2024 16:18:45 +0530 Subject: [PATCH 03/10] Implement logic for is_guest field in main_api.py and ansari_db.py --- main_api.py | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/main_api.py b/main_api.py index 32d2c94..4248f1a 100644 --- a/main_api.py +++ b/main_api.py @@ -73,33 +73,32 @@ class RegisterRequest(BaseModel): @app.post("/api/v2/users/register") async def register_user(req: RegisterRequest, cors_ok: bool = Depends(validate_cors)): - """Register a new user. + """Register a new user. If the user exists, returns 403. Returns 200 on success. Returns 400 if the password is too weak. Will include suggestions for a stronger password. """ - password_hash = db.hash_password(req.password) - logger.info( - f"Received request to create account: {req.email} {password_hash} {req.first_name} {req.last_name}" - ) + logger.info(f"Received request to create account: {req.email} {password_hash} {req.first_name} {req.last_name}") try: - # Check if account exists if db.account_exists(req.email): raise HTTPException(status_code=403, detail="Account already exists") + passwd_quality = zxcvbn(req.password) if passwd_quality["score"] < 2: raise HTTPException( status_code=400, - detail="Password is too weak. Suggestions: " - + ",".join(passwd_quality["feedback"]["suggestions"]), + detail="Password is too weak. Suggestions: " + ",".join(passwd_quality["feedback"]["suggestions"]), ) - return db.register(req.email, req.first_name, req.last_name, password_hash) + + is_guest = True if "guest" in req.email else False + return db.register(req.email, req.first_name, req.last_name, password_hash, is_guest) except psycopg2.Error as e: print(f"Error: {e}") raise HTTPException(status_code=500, detail="Database error") + class LoginRequest(BaseModel): email: str password: str From 1cd1041ce4c4371b64ebb991f1bada7abaa79f22 Mon Sep 17 00:00:00 2001 From: Your Name Date: Fri, 1 Nov 2024 20:37:15 +0530 Subject: [PATCH 04/10] Implement logic for is_guest field in ansari_db.py --- ansari_db.py | 55 ++++++++++++++++++++++++++-------------------------- 1 file changed, 28 insertions(+), 27 deletions(-) diff --git a/ansari_db.py b/ansari_db.py index d8a351e..37a1479 100644 --- a/ansari_db.py +++ b/ansari_db.py @@ -155,19 +155,18 @@ def validate_reset_token(self, token: str) -> dict[str, str]: logger.info(f"Payload is {payload}") return payload - def register(self, email, first_name, last_name, password_hash): - try: - with self.get_connection() as conn: - with conn.cursor() as cur: - insert_cmd = """INSERT INTO users (email, password_hash, first_name, last_name) values (%s, %s, %s, %s);""" - cur.execute( - insert_cmd, (email, password_hash, first_name, last_name) - ) - conn.commit() - return {"status": "success"} - except Exception as e: - logger.warning(f"Error is {e}") - return {"status": "failure", "error": str(e)} + def register(self, email, first_name, last_name, password_hash, is_guest): + try: + with self.get_connection() as conn: + with conn.cursor() as cur: + insert_cmd = """INSERT INTO users (email, password_hash, first_name, last_name, is_guest) values (%s, %s, %s, %s, %s);""" + cur.execute(insert_cmd, (email, password_hash, first_name, last_name, is_guest)) + conn.commit() + return {"status": "success"} + except Exception as e: + logger.warning(f"Error is {e}") + return {"status": "failure", "error": str(e)} + def account_exists(self, email): try: @@ -232,20 +231,22 @@ def save_reset_token(self, user_id, token): return {"status": "failure", "error": str(e)} def retrieve_user_info(self, email): - try: - with self.get_connection() as conn: - with conn.cursor() as cur: - select_cmd = "SELECT id, password_hash, first_name, last_name FROM users WHERE email = %s;" - cur.execute(select_cmd, (email,)) - result = cur.fetchone() - user_id = result[0] - existing_hash = result[1] - first_name = result[2] - last_name = result[3] - return user_id, existing_hash, first_name, last_name - except Exception as e: - logger.warning(f"Error is {e}") - return None, None, None, None + try: + with self.get_connection() as conn: + with conn.cursor() as cur: + select_cmd = "SELECT id, password_hash, first_name, last_name, is_guest FROM users WHERE email = %s;" + cur.execute(select_cmd, (email,)) + result = cur.fetchone() + user_id = result[0] + existing_hash = result[1] + first_name = result[2] + last_name = result[3] + is_guest = result[4] + return user_id, existing_hash, first_name, last_name, is_guest + except Exception as e: + logger.warning(f"Error is {e}") + return None, None, None, None, None + def add_feedback(self, user_id, thread_id, message_id, feedback_class, comment): try: From 94d5220b3cd2e6ed72bbcd9e52b58e798890eb1e Mon Sep 17 00:00:00 2001 From: Your Name Date: Sun, 3 Nov 2024 12:01:35 +0530 Subject: [PATCH 05/10] Implement logic for is_guest field in main_api.py --- main_api.py | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/main_api.py b/main_api.py index 4248f1a..8b5ec50 100644 --- a/main_api.py +++ b/main_api.py @@ -73,28 +73,35 @@ class RegisterRequest(BaseModel): @app.post("/api/v2/users/register") async def register_user(req: RegisterRequest, cors_ok: bool = Depends(validate_cors)): - """Register a new user. + """Register a new user. If the user exists, returns 403. Returns 200 on success. Returns 400 if the password is too weak. Will include suggestions for a stronger password. """ + password_hash = db.hash_password(req.password) - logger.info(f"Received request to create account: {req.email} {password_hash} {req.first_name} {req.last_name}") + logger.info( + f"Received request to create account: {req.email} {password_hash} {req.first_name} {req.last_name}" + ) try: + # Check if account exists if db.account_exists(req.email): raise HTTPException(status_code=403, detail="Account already exists") - passwd_quality = zxcvbn(req.password) if passwd_quality["score"] < 2: raise HTTPException( status_code=400, - detail="Password is too weak. Suggestions: " + ",".join(passwd_quality["feedback"]["suggestions"]), + detail="Password is too weak. Suggestions: " + + ",".join(passwd_quality["feedback"]["suggestions"]), ) + + is_guest = False + if req.email.startswith('guest_') and req.email.endswith('@endeavorpal.com') and req.first_name == 'Welcome' and req.last_name == 'Guest': + is_guest = True - is_guest = True if "guest" in req.email else False return db.register(req.email, req.first_name, req.last_name, password_hash, is_guest) except psycopg2.Error as e: - print(f"Error: {e}") + logger.error(f"Error: {e}") raise HTTPException(status_code=500, detail="Database error") From a7a394121f2da5d4d29285f88a6e6d409efec82e Mon Sep 17 00:00:00 2001 From: Your Name Date: Sun, 3 Nov 2024 12:02:42 +0530 Subject: [PATCH 06/10] Implement logic for is_guest field in ansari_db.py --- ansari_db.py | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/ansari_db.py b/ansari_db.py index 37a1479..4128fb0 100644 --- a/ansari_db.py +++ b/ansari_db.py @@ -155,12 +155,14 @@ def validate_reset_token(self, token: str) -> dict[str, str]: logger.info(f"Payload is {payload}") return payload - def register(self, email, first_name, last_name, password_hash, is_guest): + def register(self, email, first_name, last_name, password_hash, is_guest: bool): try: with self.get_connection() as conn: with conn.cursor() as cur: insert_cmd = """INSERT INTO users (email, password_hash, first_name, last_name, is_guest) values (%s, %s, %s, %s, %s);""" - cur.execute(insert_cmd, (email, password_hash, first_name, last_name, is_guest)) + cur.execute( + insert_cmd, (email, password_hash, first_name, last_name, is_guest) + ) conn.commit() return {"status": "success"} except Exception as e: @@ -231,22 +233,20 @@ def save_reset_token(self, user_id, token): return {"status": "failure", "error": str(e)} def retrieve_user_info(self, email): - try: - with self.get_connection() as conn: - with conn.cursor() as cur: - select_cmd = "SELECT id, password_hash, first_name, last_name, is_guest FROM users WHERE email = %s;" - cur.execute(select_cmd, (email,)) - result = cur.fetchone() - user_id = result[0] - existing_hash = result[1] - first_name = result[2] - last_name = result[3] - is_guest = result[4] - return user_id, existing_hash, first_name, last_name, is_guest - except Exception as e: - logger.warning(f"Error is {e}") - return None, None, None, None, None - + try: + with self.get_connection() as conn: + with conn.cursor() as cur: + select_cmd = "SELECT id, password_hash, first_name, last_name FROM users WHERE email = %s;" + cur.execute(select_cmd, (email,)) + result = cur.fetchone() + user_id = result[0] + existing_hash = result[1] + first_name = result[2] + last_name = result[3] + return user_id, existing_hash, first_name, last_name + except Exception as e: + logger.warning(f"Error is {e}") + return None, None, None, None def add_feedback(self, user_id, thread_id, message_id, feedback_class, comment): try: From 21ab962c61e80c775a76aeefe0010011150f2ef7 Mon Sep 17 00:00:00 2001 From: Abdullah Al Nahas Date: Sun, 3 Nov 2024 11:38:27 +0300 Subject: [PATCH 07/10] undo changes to 01_create_tables.sql put the logic in a different file --- sql/01_create_tables.sql | 7 ------- 1 file changed, 7 deletions(-) diff --git a/sql/01_create_tables.sql b/sql/01_create_tables.sql index 55846bb..f4b1719 100644 --- a/sql/01_create_tables.sql +++ b/sql/01_create_tables.sql @@ -10,13 +10,6 @@ CREATE TABLE users ( updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ); --- Set is_guest field for users with NULL emails or emails containing 'guest' -UPDATE users -SET is_guest = CASE - WHEN email IS NULL OR email ILIKE '%guest%' THEN TRUE - ELSE FALSE -END; - CREATE TABLE preferences ( id SERIAL PRIMARY KEY, user_id INTEGER NOT NULL, From a4371ba33723a2ff001d84e0076a0537f9792d6d Mon Sep 17 00:00:00 2001 From: Abdullah Al Nahas Date: Sun, 3 Nov 2024 11:39:20 +0300 Subject: [PATCH 08/10] Update and rename 08_update_guest_users.sql to 09_update_guest_users.sql --- sql/08_update_guest_users.sql | 6 ------ sql/09_update_guest_users.sql | 8 ++++++++ 2 files changed, 8 insertions(+), 6 deletions(-) delete mode 100644 sql/08_update_guest_users.sql create mode 100644 sql/09_update_guest_users.sql diff --git a/sql/08_update_guest_users.sql b/sql/08_update_guest_users.sql deleted file mode 100644 index 33e3950..0000000 --- a/sql/08_update_guest_users.sql +++ /dev/null @@ -1,6 +0,0 @@ --- Set is_guest field for users with NULL emails or emails containing 'guest' -UPDATE users -SET is_guest = CASE - WHEN email IS NULL OR email ILIKE '%guest%' THEN TRUE - ELSE FALSE -END; diff --git a/sql/09_update_guest_users.sql b/sql/09_update_guest_users.sql new file mode 100644 index 0000000..0189547 --- /dev/null +++ b/sql/09_update_guest_users.sql @@ -0,0 +1,8 @@ +UPDATE users +SET + is_guest = TRUE, + updated_at = CURRENT_TIMESTAMP +WHERE + email LIKE 'guest_%@endeavorpal.com' + AND first_name = 'Welcome' + AND last_name = 'Guest'; From 895e53dae51acc7dd2039905a314ba1842102117 Mon Sep 17 00:00:00 2001 From: Abdullah Al Nahas Date: Sun, 3 Nov 2024 11:43:37 +0300 Subject: [PATCH 09/10] fix(ansari_db.py): indentation error --- ansari_db.py | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/ansari_db.py b/ansari_db.py index 4128fb0..7ddeae7 100644 --- a/ansari_db.py +++ b/ansari_db.py @@ -156,18 +156,18 @@ def validate_reset_token(self, token: str) -> dict[str, str]: return payload def register(self, email, first_name, last_name, password_hash, is_guest: bool): - try: - with self.get_connection() as conn: - with conn.cursor() as cur: - insert_cmd = """INSERT INTO users (email, password_hash, first_name, last_name, is_guest) values (%s, %s, %s, %s, %s);""" - cur.execute( - insert_cmd, (email, password_hash, first_name, last_name, is_guest) - ) - conn.commit() - return {"status": "success"} - except Exception as e: - logger.warning(f"Error is {e}") - return {"status": "failure", "error": str(e)} + try: + with self.get_connection() as conn: + with conn.cursor() as cur: + insert_cmd = """INSERT INTO users (email, password_hash, first_name, last_name, is_guest) values (%s, %s, %s, %s, %s);""" + cur.execute( + insert_cmd, (email, password_hash, first_name, last_name, is_guest) + ) + conn.commit() + return {"status": "success"} + except Exception as e: + logger.warning(f"Error is {e}") + return {"status": "failure", "error": str(e)} def account_exists(self, email): From c859984c70678c657cd25b2df93fd6e18ccc9963 Mon Sep 17 00:00:00 2001 From: Abdullah Al Nahas Date: Wed, 13 Nov 2024 23:53:06 +0300 Subject: [PATCH 10/10] Rename 09_update_guest_users.sql to 10_update_guest_users.sql --- sql/{09_update_guest_users.sql => 10_update_guest_users.sql} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename sql/{09_update_guest_users.sql => 10_update_guest_users.sql} (100%) diff --git a/sql/09_update_guest_users.sql b/sql/10_update_guest_users.sql similarity index 100% rename from sql/09_update_guest_users.sql rename to sql/10_update_guest_users.sql