sergio/saladeaula.digital
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add forgot endpoint

Browse Source
This commit is contained in:
Sérgio Rafael Siqueira
2025-12-04 15:39:44 -03:00
parent c3917addfa
commit d29ad3ceb6
14 changed files with 267 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
id.saladeaula.digital/app/routes/authentication.py
View File

@@ -17,13 +17,10 @@ from layercake.dynamodb import DynamoDBPersistenceLayer, KeyPair, SortKey
from passlib.hash import pbkdf2_sha256
from boto3clients import dynamodb_client, idp_client
from config import (
OAUTH2_TABLE,
SESSION_EXPIRES_IN,
)
from config import SESSION_EXPIRES_IN, USER_TABLE
router = Router()
dyn = DynamoDBPersistenceLayer(OAUTH2_TABLE, dynamodb_client)
dyn = DynamoDBPersistenceLayer(USER_TABLE, dynamodb_client)
class InvalidCredentialsError(UnauthorizedError): ...

4
id.saladeaula.digital/app/routes/authorize.py
View File

@@ -12,13 +12,13 @@ from joserfc.errors import JoseError
from layercake.dynamodb import DynamoDBPersistenceLayer, KeyPair, SortKey
from boto3clients import dynamodb_client
from config import OAUTH2_DEFAULT_SCOPES, OAUTH2_TABLE
from config import OAUTH2_DEFAULT_SCOPES, USER_TABLE
from oauth2 import server
from util import parse_cookies
router = Router()
logger = Logger(__name__)
dyn = DynamoDBPersistenceLayer(OAUTH2_TABLE, dynamodb_client)
dyn = DynamoDBPersistenceLayer(USER_TABLE, dynamodb_client)
class SessionNotFoundError(NotFoundError): ...

109
id.saladeaula.digital/app/routes/forgot.py
View File

@@ -1,13 +1,116 @@
from dataclasses import dataclass
from http import HTTPStatus
from typing import Annotated
from uuid import uuid4
from aws_lambda_powertools.event_handler.api_gateway import Router
from aws_lambda_powertools.event_handler.api_gateway import Response, Router
from aws_lambda_powertools.event_handler.exceptions import NotFoundError
from aws_lambda_powertools.event_handler.openapi.params import Body
from aws_lambda_powertools.utilities.data_masking import DataMasking
from layercake.dateutils import now, ttl
from layercake.dynamodb import DynamoDBPersistenceLayer, KeyPair, SortKey
from layercake.extra_types import CpfStr
from layercake.funcs import pick
from pydantic import EmailStr
from boto3clients import dynamodb_client
from config import USER_TABLE
router = Router()
dyn = DynamoDBPersistenceLayer(USER_TABLE, dynamodb_client)
data_masker = DataMasking()
masking_rules = {
'email': {'regex_pattern': '(.)(.*)(..)(@.*)', 'mask_format': r'\1****\3\4'},
}
class UserNotFoundError(NotFoundError): ...
@router.post('/forgot')
def forgot(email: Annotated[EmailStr | CpfStr, Body(embed=True)]):
return {}
def forgot(username: Annotated[EmailStr | CpfStr, Body(embed=True)]):
now_ = now()
user = _get_user(username)
reset_ttl = ttl(start_dt=now_, hours=3)
code = uuid4()
with dyn.transact_writer() as transact:
transact.update(
key=KeyPair(
pk='PASSWORD_RESET',
sk=f'USER#{user.id}',
),
update_expr='SET #name = :name, \
email = :email, \
#ttl = :ttl, \
updated_at = :now \
ADD code_attempts :code',
expr_attr_names={
'#name': 'name',
'#ttl': 'ttl',
},
expr_attr_values={
':name': user.name,
':email': user.email,
':ttl': reset_ttl,
':code': {code},
':now': now_,
},
)
dyn.put_item(
item={
'id': 'PASSWORD_RESET',
'sk': f'CODE#{code}',
'name': user.name,
'user_id': user.id,
'ttl': reset_ttl,
'created_at': now_,
}
)
return Response(
status_code=HTTPStatus.CREATED,
body=data_masker.erase(
{
'email': user.email,
},
masking_rules=masking_rules,
),
)
@dataclass(frozen=True)
class User:
id: str
name: str
email: str
def _get_user(username: str) -> User:
user_id = dyn.collection.get_items(
KeyPair(
pk='email',
sk=SortKey(username, path_spec='user_id'), # type: ignore
rename_key='user_id',
)
+ KeyPair(
pk='cpf',
sk=SortKey(username, path_spec='user_id'), # type: ignore
rename_key='user_id',
),
flatten_top=False,
).get('user_id')
if not user_id:
raise UserNotFoundError('User not found')
user = dyn.get_item(
KeyPair(
pk=user_id,
sk='0',
)
)
return User(
**pick(('id', 'name', 'email'), user),
)

4
id.saladeaula.digital/app/routes/lookup.py
View File

@@ -13,10 +13,10 @@ from layercake.funcs import pick
from pydantic import EmailStr
from boto3clients import dynamodb_client
from config import OAUTH2_TABLE
from config import USER_TABLE
router = Router()
dyn = DynamoDBPersistenceLayer(OAUTH2_TABLE, dynamodb_client)
dyn = DynamoDBPersistenceLayer(USER_TABLE, dynamodb_client)
class UserAlreadyOnboardedError(ServiceError):

9
id.saladeaula.digital/app/routes/register.py
View File

@@ -5,7 +5,7 @@ from uuid import uuid4
from aws_lambda_powertools.event_handler import content_types
from aws_lambda_powertools.event_handler.api_gateway import Response, Router
from aws_lambda_powertools.event_handler.exceptions import NotFoundError, ServiceError
from aws_lambda_powertools.event_handler.exceptions import ServiceError
from aws_lambda_powertools.event_handler.openapi.params import Body
from aws_lambda_powertools.shared.cookies import Cookie
from layercake.dateutils import now, ttl
@@ -16,12 +16,12 @@ from passlib.hash import pbkdf2_sha256
from pydantic import UUID4, EmailStr
from boto3clients import dynamodb_client
from config import OAUTH2_TABLE, SESSION_EXPIRES_IN
from config import SESSION_EXPIRES_IN, USER_TABLE
from .authentication import new_session
router = Router()
dyn = DynamoDBPersistenceLayer(OAUTH2_TABLE, dynamodb_client)
dyn = DynamoDBPersistenceLayer(USER_TABLE, dynamodb_client)
class ConflictError(ServiceError):
@@ -29,9 +29,6 @@ class ConflictError(ServiceError):
super().__init__(HTTPStatus.CONFLICT, msg)
class UserNotFound(NotFoundError): ...
class CPFConflictError(ConflictError): ...