Merge pull request #40 from Zerohertz/issue#36/feat/google

[Feat] Google OAuth

Author: Zerohertz

app/api/v1/endpoints/admin/users.py

@@ -2,22 +2,28 @@
 from fastapi import Depends, status
 from fastapi.responses import JSONResponse
 
-from app.core.auth import AdminAuthDeps, GitHubOAuthDeps, PasswordOAuthDeps
+from app.core.auth import (
+    AdminAuthDeps,
+    GitHubOAuthDeps,
+    GoogleOAuthDeps,
+    PasswordOAuthDeps,
+)
 from app.core.container import Container
 from app.core.router import CoreAPIRouter
-from app.schemas.users import UserPatchRequest, UserRequest, UserResponse
+from app.schemas.users import UserOut, UserPasswordAdminRequest, UserRequest
+from app.services.auth import AuthService
 from app.services.users import UserService
 
 router = CoreAPIRouter(
     prefix="/user",
     tags=["admin"],
-    dependencies=[AdminAuthDeps, PasswordOAuthDeps, GitHubOAuthDeps],
+    dependencies=[AdminAuthDeps, PasswordOAuthDeps, GoogleOAuthDeps, GitHubOAuthDeps],
 )
 
 
 @router.get(
     "/",
-    response_model=list[UserResponse],
+    response_model=list[UserOut],
     response_class=JSONResponse,
     status_code=status.HTTP_200_OK,
     summary="",
@@ -32,7 +38,7 @@ async def get_users(
 
 @router.get(
     "/{id}",
-    response_model=UserResponse,
+    response_model=UserOut,
     response_class=JSONResponse,
     status_code=status.HTTP_200_OK,
     summary="",
@@ -43,12 +49,12 @@ async def get_user(
     id: int,
     service: UserService = Depends(Provide[Container.user_service]),
 ):
-    return await service.get_by_id(id)
+    return await service.get_by_id(id=id)
 
 
 @router.put(
     "/{id}",
-    response_model=UserResponse,
+    response_model=UserOut,
     response_class=JSONResponse,
     status_code=status.HTTP_200_OK,
     summary="",
@@ -57,15 +63,15 @@ async def get_user(
 @inject
 async def put_user(
     id: int,
-    user: UserRequest,
+    schema: UserRequest,
     service: UserService = Depends(Provide[Container.user_service]),
 ):
-    return await service.put_by_id(id=id, schema=user)
+    return await service.put_by_id(id=id, schema=schema)
 
 
 @router.patch(
     "/{id}",
-    response_model=UserResponse,
+    response_model=UserOut,
     response_class=JSONResponse,
     status_code=status.HTTP_200_OK,
     summary="",
@@ -74,15 +80,15 @@ async def put_user(
 @inject
 async def patch_user(
     id: int,
-    user: UserPatchRequest,
-    service: UserService = Depends(Provide[Container.user_service]),
+    schema: UserPasswordAdminRequest,
+    service: AuthService = Depends(Provide[Container.auth_service]),
 ):
-    return await service.patch_by_id(id=id, schema=user)
+    return await service.patch_password_by_id(user_id=id, schema=schema)
 
 
 @router.delete(
     "/{id}",
-    response_model=UserResponse,
+    response_model=UserOut,
     response_class=JSONResponse,
     status_code=status.HTTP_200_OK,
     summary="",
@@ -93,4 +99,4 @@ async def delete_user(
     id: int,
     service: UserService = Depends(Provide[Container.user_service]),
 ):
-    return await service.delete_by_id(id)
+    return await service.delete_by_id(id=id)

app/api/v1/endpoints/auth.py

@@ -4,18 +4,24 @@
 from fastapi import Depends, Form, status
 from fastapi.responses import JSONResponse
 
-from app.core.auth import GitHubOAuthDeps, PasswordOAuthDeps, UserAuthDeps
+from app.core.auth import (
+    GitHubOAuthDeps,
+    GoogleOAuthDeps,
+    PasswordOAuthDeps,
+    UserAuthDeps,
+)
 from app.core.container import Container
 from app.core.router import CoreAPIRouter
 from app.schemas.auth import (
     GitHubOAuthRequest,
+    GoogleOAuthRequest,
     JwtToken,
     PasswordOAuthReigsterRequest,
     PasswordOAuthRequest,
     RefreshOAuthRequest,
 )
 from app.schemas.users import UserOut, UserResponse
-from app.services.users import UserService
+from app.services.auth import AuthService
 
 router = CoreAPIRouter(prefix="/auth", tags=["auth"])
 
@@ -32,7 +38,7 @@
 @inject
 async def refresh(
     request: Annotated[RefreshOAuthRequest, Form(...)],
-    service: UserService = Depends(Provide[Container.user_service]),
+    service: AuthService = Depends(Provide[Container.auth_service]),
 ):
     return await service.refresh(request)
 
@@ -49,7 +55,7 @@ async def refresh(
 @inject
 async def register_password(
     request: Annotated[PasswordOAuthReigsterRequest, Form(...)],
-    service: UserService = Depends(Provide[Container.user_service]),
+    service: AuthService = Depends(Provide[Container.auth_service]),
 ):
     return await service.register(request)
 
@@ -67,11 +73,28 @@ async def register_password(
 async def log_in_password(
     # NOTE: OAuth2PasswordRequestForm
     request: Annotated[PasswordOAuthRequest, Form(...)],
-    service: UserService = Depends(Provide[Container.user_service]),
+    service: AuthService = Depends(Provide[Container.auth_service]),
 ):
     return await service.log_in_password(schema=request)
 
 
+@router.post(
+    "/token/google",
+    response_model=JwtToken,
+    response_class=JSONResponse,
+    status_code=status.HTTP_200_OK,
+    summary="Obtain an access token via Google OAuth",
+    description="- Authenticate using Google OAuth and receive an access token.<br/>\n"
+    "- The client must provide an authorization code obtained from Google.",
+)
+@inject
+async def log_in_google(
+    request: Annotated[GoogleOAuthRequest, Form()],
+    service: AuthService = Depends(Provide[Container.auth_service]),
+):
+    return await service.log_in_google(request)
+
+
 @router.post(
     "/token/github",
     response_model=JwtToken,
@@ -84,7 +107,7 @@ async def log_in_password(
 @inject
 async def log_in_github(
     request: Annotated[GitHubOAuthRequest, Form()],
-    service: UserService = Depends(Provide[Container.user_service]),
+    service: AuthService = Depends(Provide[Container.auth_service]),
 ):
     return await service.log_in_github(request)
 
@@ -94,7 +117,7 @@ async def log_in_github(
     response_model=UserOut,
     response_class=JSONResponse,
     status_code=status.HTTP_200_OK,
-    dependencies=[PasswordOAuthDeps, GitHubOAuthDeps],
+    dependencies=[PasswordOAuthDeps, GoogleOAuthDeps, GitHubOAuthDeps],
     summary="Retrieve the current authenticated user's information",
     description="- Returns the authenticated user's details based on the provided access token.</br>\n"
     "- Requires a valid token obtained via password authentication or GitHub OAuth.",

app/api/v1/endpoints/shields.py

@@ -1,12 +1,12 @@
 from datetime import datetime
 
-from fastapi import APIRouter
 from fastapi.responses import JSONResponse
 
+from app.core.router import CoreAPIRouter
 from app.schemas.shields import Shields
 from app.utils.shields import dday
 
-router = APIRouter(prefix="/shields", tags=["shields.io"])
+router = CoreAPIRouter(prefix="/shields", tags=["shields.io"])
 
 
 @router.get(

app/api/v1/endpoints/users.py

@@ -4,10 +4,16 @@
 from fastapi import Depends, status
 from fastapi.responses import JSONResponse
 
-from app.core.auth import GitHubOAuthDeps, PasswordOAuthDeps, UserAuthDeps
+from app.core.auth import (
+    GitHubOAuthDeps,
+    GoogleOAuthDeps,
+    PasswordOAuthDeps,
+    UserAuthDeps,
+)
 from app.core.container import Container
 from app.core.router import CoreAPIRouter
-from app.schemas.users import UserOut, UserPatchRequest, UserRequest, UserResponse
+from app.schemas.users import UserOut, UserPasswordRequest, UserRequest, UserResponse
+from app.services.auth import AuthService
 from app.services.users import UserService
 
 router = CoreAPIRouter(prefix="/user", tags=["user"])
@@ -18,7 +24,7 @@
     response_model=UserResponse,
     response_class=JSONResponse,
     status_code=status.HTTP_200_OK,
-    dependencies=[PasswordOAuthDeps, GitHubOAuthDeps],
+    dependencies=[PasswordOAuthDeps, GoogleOAuthDeps, GitHubOAuthDeps],
     summary="",
     description="",
 )
@@ -36,25 +42,25 @@ async def put_user(
     response_model=UserResponse,
     response_class=JSONResponse,
     status_code=status.HTTP_200_OK,
-    dependencies=[PasswordOAuthDeps, GitHubOAuthDeps],
+    dependencies=[PasswordOAuthDeps, GoogleOAuthDeps, GitHubOAuthDeps],
     summary="",
     description="",
 )
 @inject
 async def patch_user(
-    schema: UserPatchRequest,
+    schema: UserPasswordRequest,
     user: Annotated[UserOut, UserAuthDeps],
-    service: UserService = Depends(Provide[Container.user_service]),
+    service: AuthService = Depends(Provide[Container.auth_service]),
 ):
-    return await service.patch_by_id(id=user.id, schema=schema)
+    return await service.patch_password_by_id(user_id=user.id, schema=schema)
 
 
 @router.delete(
     "/",
     response_model=UserResponse,
     response_class=JSONResponse,
     status_code=status.HTTP_200_OK,
-    dependencies=[PasswordOAuthDeps, GitHubOAuthDeps],
+    dependencies=[PasswordOAuthDeps, GoogleOAuthDeps, GitHubOAuthDeps],
     summary="",
     description="",
 )

app/core/auth.py

@@ -1,4 +1,4 @@
-from typing import Annotated, Optional
+from typing import Annotated
 
 from dependency_injector.wiring import Provide, inject
 from fastapi import Depends, HTTPException, Request
@@ -14,16 +14,16 @@
 from app.models.enums import Role
 from app.schemas.auth import JwtAccessToken
 from app.schemas.users import UserOut
-from app.services.users import UserService
+from app.services.auth import AuthService
 
 
 class JwtBearer(HTTPBearer):
     def __init__(
         self,
         *,
-        bearerFormat: Optional[str] = None,
-        scheme_name: Optional[str] = None,
-        description: Optional[str] = None,
+        bearerFormat: str | None = None,
+        scheme_name: str | None = None,
+        description: str | None = None,
     ):
         super().__init__(
             bearerFormat=bearerFormat,
@@ -48,7 +48,7 @@ async def __call__(self, request: Request) -> str:  # type: ignore[override]
 @inject
 async def get_current_user(
     access_token: Annotated[str, Depends(jwt_bearer)],
-    service: UserService = Depends(Provide[Container.user_service]),
+    service: AuthService = Depends(Provide[Container.auth_service]),
 ) -> UserOut:
     schema = JwtAccessToken(access_token=access_token)
     return await service.verify(schema=schema)
@@ -70,6 +70,18 @@ async def get_admin_user(user: Annotated[UserOut, UserAuthDeps]) -> UserOut:
         tokenUrl=oauth_endpoints.PASSWORD, scheme_name="Password OAuth"
     )
 )
+GoogleOAuthDeps = Depends(
+    OAuth2AuthorizationCodeBearer(
+        authorizationUrl=f"https://accounts.google.com/o/oauth2/v2/auth?client_id={configs.GOOGLE_OAUTH_CLIENT_ID}",
+        tokenUrl=oauth_endpoints.GOOGLE,
+        refreshUrl=None,
+        scheme_name="Google OAuth",
+        scopes={
+            "email": "Google Email",
+            "profile": "Google Profile",
+        },
+    )
+)
 GitHubOAuthDeps = Depends(
     OAuth2AuthorizationCodeBearer(
         authorizationUrl=f"https://github.com/login/oauth/authorize?client_id={configs.GITHUB_OAUTH_CLIENT_ID}",

app/core/configs.py

@@ -33,6 +33,8 @@ class Configs(BaseSettings):
     DB_TABLE_CREATE: bool = True
 
     # --------- AUTH SETTINGS --------- #
+    GOOGLE_OAUTH_CLIENT_ID: str
+    GOOGLE_OAUTH_CLIENT_SECRET: str
     GITHUB_OAUTH_CLIENT_ID: str
     GITHUB_OAUTH_CLIENT_SECRET: str
     # openssl rand -hex 32
@@ -72,6 +74,7 @@ def DATABASE_URI(self) -> str:
 
 class OAuthEndpoints(BaseSettings):
     PASSWORD: str = f"{configs.PREFIX}/v1/auth/token/password"
+    GOOGLE: str = f"{configs.PREFIX}/v1/auth/token/google"
     GITHUB: str = f"{configs.PREFIX}/v1/auth/token/github"
 
 

app/core/container.py

@@ -1,7 +1,10 @@
 from dependency_injector.containers import DeclarativeContainer, WiringConfiguration
 from dependency_injector.providers import Factory
 
+from app.repositories.auth import AuthRepository
 from app.repositories.users import UserRepository
+from app.services.auth import AuthService, JwtService
+from app.services.security import CryptService
 from app.services.users import UserService
 
 
@@ -16,5 +19,15 @@ class Container(DeclarativeContainer):
     )
 
     user_repository = Factory(UserRepository)
+    auth_repository = Factory(AuthRepository)
 
+    jwt_service = Factory(JwtService)
+    crypt_service = Factory(CryptService)
     user_service = Factory(UserService, user_repository=user_repository)
+    auth_service = Factory(
+        AuthService,
+        auth_repository=auth_repository,
+        user_repository=user_repository,
+        jwt_service=jwt_service,
+        crypt_service=crypt_service,
+    )