perf: upgrade fastapi-amis-admin to v0.4.0

Author: amisadmin

fastapi_user_auth/__init__.py

@@ -1,4 +1,4 @@
-__version__ = "0.3.0"
+__version__ = "0.4.0a1"
 __url__ = "https://github.com/amisadmin/fastapi_user_auth"
 
 import gettext

fastapi_user_auth/admin.py

@@ -1,3 +1,4 @@
+import contextlib
 from typing import Any, Callable, Dict, List, Type
 
 from fastapi import Depends, HTTPException
@@ -14,10 +15,11 @@
     PageSchema,
 )
 from fastapi_amis_admin.amis.constants import DisplayModeEnum, LevelEnum
+from fastapi_amis_admin.crud.base import SchemaUpdateT
 from fastapi_amis_admin.crud.schema import BaseApiOut
 from fastapi_amis_admin.utils.translation import i18n as _
 from pydantic import BaseModel
-from sqlalchemy import insert, select, update
+from sqlalchemy import select
 from starlette import status
 from starlette.requests import Request
 from starlette.responses import Response
@@ -46,14 +48,12 @@ class UserLoginFormAdmin(FormAdmin):
     page = Page(title=_("User Login"))
     page_path = "/login"
     page_parser_mode = "html"
-    schema: Type[BaseModel] = None
+    schema: Type[SchemaUpdateT] = None
     schema_submit_out: Type[UserLoginOut] = None
     page_schema = None
     page_route_kwargs = {"name": "login"}
 
-    async def handle(
-        self, request: Request, data: BaseModel, **kwargs  # self.schema
-    ) -> BaseApiOut[BaseModel]:  # self.schema_submit_out
+    async def handle(self, request: Request, data: SchemaUpdateT, **kwargs) -> BaseApiOut[BaseModel]:  # self.schema_submit_out
         if request.user:
             return BaseApiOut(code=1, msg=_("User logged in!"), data=self.schema_submit_out.parse_obj(request.user))
         user = await request.auth.authenticate_user(username=data.username, password=data.password)  # type:ignore
@@ -79,16 +79,14 @@ async def route(response: Response, result: BaseApiOut = Depends(super().route_s
     async def get_form(self, request: Request) -> Form:
         form = await super().get_form(request)
         buttons = []
-        try:
+        with contextlib.suppress(NoMatchFound):
             buttons.append(
                 ActionType.Link(
                     actionType="link",
-                    link=f"{self.router_path}{self.router.url_path_for('reg')}",
+                    link=f"{self.site.router_path}{self.app.router.url_path_for('reg')}",
                     label=_("Sign up"),
                 )
             )
-        except NoMatchFound:
-            pass
         buttons.append(Action(actionType="submit", label=_("Sign in"), level=LevelEnum.primary))
         form.body.sort(key=lambda form_item: form_item.type, reverse=True)
         form.update_from_kwargs(
@@ -130,27 +128,25 @@ class UserRegFormAdmin(FormAdmin):
     page = Page(title=_("User Register"))
     page_path = "/reg"
     page_parser_mode = "html"
-    schema: Type[BaseModel] = None
+    schema: Type[SchemaUpdateT] = None
     schema_submit_out: Type[UserLoginOut] = None
     page_schema = None
     page_route_kwargs = {"name": "reg"}
 
-    async def handle(
-        self, request: Request, data: BaseModel, **kwargs  # self.schema
-    ) -> BaseApiOut[BaseModel]:  # self.schema_submit_out
+    async def handle(self, request: Request, data: SchemaUpdateT, **kwargs) -> BaseApiOut[BaseModel]:  # self.schema_submit_out
         auth: Auth = request.auth
-        user = await auth.db.scalar(select(self.user_model).where(self.user_model.username == data.username))
+        user = await auth.db.async_scalar(select(self.user_model).where(self.user_model.username == data.username))
         if user:
             return BaseApiOut(status=-1, msg=_("Username has been registered!"), data=None)
-        user = await auth.db.scalar(select(self.user_model).where(self.user_model.email == data.email))
+        user = await auth.db.async_scalar(select(self.user_model).where(self.user_model.email == data.email))
         if user:
             return BaseApiOut(status=-2, msg=_("Email has been registered!"), data=None)
-        user = self.user_model.parse_obj(data)
-        values = user.dict(exclude={"id", "password"})
-        values["password"] = auth.pwd_context.hash(user.password.get_secret_value())  # 密码hash保存
-        stmt = insert(self.user_model).values(values)
+        values = data.dict(exclude={"id", "password"})
+        values["password"] = auth.pwd_context.hash(data.password.get_secret_value())  # 密码hash保存
+        user = self.user_model.parse_obj(values)
         try:
-            user.id = await auth.db.async_execute(stmt, on_close_pre=lambda r: getattr(r, "lastrowid", None))
+            auth.db.add(user)
+            await auth.db.async_flush()
         except Exception as e:
             raise HTTPException(
                 status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
@@ -211,7 +207,7 @@ class UserInfoFormAdmin(FormAdmin):
     user_model: Type[BaseUser] = User
     page = Page(title=_("User Profile"))
     page_path = "/userinfo"
-    schema: Type[BaseModel] = None
+    schema: Type[SchemaUpdateT] = None
     schema_submit_out: Type[BaseUser] = None
     form_init = True
     form = Form(mode=DisplayModeEnum.horizontal)
@@ -230,10 +226,9 @@ async def get_form(self, request: Request) -> Form:
         form.body.extend(formitem.update_from_kwargs(disabled=True) for formitem in formitems if formitem)
         return form
 
-    async def handle(self, request: Request, data: BaseModel, **kwargs) -> BaseApiOut[Any]:
-        stmt = update(self.user_model).where(self.user_model.username == request.user.username).values(data.dict())
-        await self.site.db.async_execute(stmt)
-        await self.site.db.async_refresh(request.user)
+    async def handle(self, request: Request, data: SchemaUpdateT, **kwargs) -> BaseApiOut[Any]:
+        for k, v in data.dict().items():
+            setattr(request.user, k, v)
         return BaseApiOut(data=self.schema_submit_out.parse_obj(request.user))
 
     async def has_page_permission(self, request: Request) -> bool:

fastapi_user_auth/app.py

@@ -45,7 +45,7 @@ def __init__(self, app: "AdminApp"):
         self.UserInfoFormAdmin.schema = self.UserInfoFormAdmin.schema or schema_create_by_schema(
             self.auth.user_model,
             "UserInfoForm",
-            exclude={"id", "username", "password", "is_active", "parent_id", "point", "create_time"},
+            exclude={"id", "username", "password", "is_active", "create_time"},
         )
         self.UserInfoFormAdmin.schema_submit_out = self.UserInfoFormAdmin.schema_submit_out or self.schema_user_info
         # register admin

fastapi_user_auth/auth/auth.py

@@ -25,7 +25,6 @@
 from fastapi_amis_admin.utils.translation import i18n as _
 from passlib.context import CryptContext
 from pydantic import BaseModel, SecretStr
-from sqlalchemy.ext.asyncio import AsyncSession
 from sqlalchemy.orm import Session
 from sqlalchemy_database import AsyncDatabase, Database
 from sqlmodel import select
@@ -52,9 +51,7 @@ def __init__(self, auth: "Auth", token_store: BaseTokenStore):
     def get_user_token(request: Request) -> Optional[str]:
         authorization: str = request.headers.get("Authorization") or request.cookies.get("Authorization")
         scheme, token = get_authorization_scheme_param(authorization)
-        if not authorization or scheme.lower() != "bearer":
-            return None
-        return token
+        return None if not authorization or scheme.lower() != "bearer" else token
 
     async def authenticate(self, request: Request) -> Tuple["Auth", Optional[_UserModelT]]:
         return self.auth, await self.auth.get_current_user(request)
@@ -92,9 +89,7 @@ async def authenticate_user(self, username: str, password: Union[str, SecretStr]
 
     @cached_property
     def get_current_user(self):
-        async def _get_current_user(
-            request: Request, session: Union[Session, AsyncSession, None] = Depends(self.db.session_generator)
-        ) -> Optional[_UserModelT]:
+        async def _get_current_user(request: Request) -> Optional[_UserModelT]:
             if request.scope.get("auth"):  # 防止重复授权
                 return request.scope.get("user")
             request.scope["auth"], request.scope["user"] = self, None
@@ -103,7 +98,7 @@ async def _get_current_user(
                 return None
             token_data = await self.backend.token_store.read_token(token)
             if token_data is not None:
-                request.scope["user"]: _UserModelT = await self.db.async_get(self.user_model, token_data.id, session=session)
+                request.scope["user"]: _UserModelT = await self.db.async_get(self.user_model, token_data.id)
             return request.user
 
         return _get_current_user
@@ -117,18 +112,27 @@ def requires(
         redirect: str = None,
         response: Union[bool, Response] = None,
     ) -> Callable:  # sourcery no-metrics
+        groups_ = (groups,) if not groups or isinstance(groups, str) else tuple(groups)
+        roles_ = (roles,) if not roles or isinstance(roles, str) else tuple(roles)
+        permissions_ = (permissions,) if not permissions or isinstance(permissions, str) else tuple(permissions)
+
         async def has_requires(user: _UserModelT) -> bool:
-            return user and await self.db.async_run_sync(
-                user.has_requires, roles=roles, groups=groups, permissions=permissions, commit=False
-            )
+            return user and await self.db.async_run_sync(user.has_requires, roles=roles, groups=groups, permissions=permissions)
 
         async def depend(
             request: Request,
             user: _UserModelT = Depends(self.get_current_user),
         ) -> Union[bool, Response]:
-            if isinstance(user, params.Depends):
-                user = await self.get_current_user(request)
-            if not await has_requires(user):
+            user_auth = request.scope.get("__user_auth__", None)
+            if user_auth is None:
+                request.scope["__user_auth__"] = {}
+            cache_key = (groups_, roles_, permissions_)
+            if cache_key not in request.scope["__user_auth__"]:  # 防止重复授权
+                if isinstance(user, params.Depends):
+                    user = await self.get_current_user(request)
+                result = await has_requires(user)
+                request.scope["__user_auth__"][cache_key] = result
+            if not request.scope["__user_auth__"][cache_key]:
                 if response is not None:
                     return response
                 code, headers = status_code, {}
@@ -145,7 +149,7 @@ def decorator(func: Callable = None) -> Union[Callable, Coroutine]:
                 return depend(func)
             sig = inspect.signature(func)
             for idx, parameter in enumerate(sig.parameters.values()):  # noqa: B007
-                if parameter.name == "request" or parameter.name == "websocket":
+                if parameter.name in ["request", "websocket"]:
                     type_ = parameter.name
                     break
             else:
@@ -218,11 +222,10 @@ def _create_role_user_sync(self, session: Session, role_key: str = "admin") -> U
             )
             session.add(user)
             session.flush()
-
         return user
 
     async def create_role_user(self, role_key: str = "admin") -> User:
-        return await self.db.async_run_sync(self._create_role_user_sync, role_key, on_close_pre=lambda user: User.parse_obj(user))
+        return await self.db.async_run_sync(self._create_role_user_sync, role_key)
 
 
 class AuthRouter(RouterMixin):
@@ -249,7 +252,12 @@ def __init__(self, auth: Auth = None):
             response_model=BaseApiOut[self.schema_user_info],
         )
         self.router.add_api_route(
-            "/logout", self.route_logout, methods=["GET"], description=_("Sign out"), dependencies=None, response_model=BaseApiOut
+            "/logout",
+            self.route_logout,
+            methods=["GET"],
+            description=_("Sign out"),
+            dependencies=None,
+            response_model=BaseApiOut,
         )
         # oauth2
         self.router.dependencies.append(Depends(self.OAuth2(tokenUrl=f"{self.router_path}/gettoken", auto_error=False)))

fastapi_user_auth/auth/backends/db.py

@@ -2,7 +2,7 @@
 from datetime import datetime, timedelta
 from typing import Optional, Union
 
-from sqlalchemy import Column, String, delete, insert
+from sqlalchemy import Column, String, delete
 from sqlalchemy_database import AsyncDatabase, Database
 from sqlmodel import Field, select
 
@@ -32,18 +32,20 @@ async def read_token(self, token: str) -> Optional[_TokenDataSchemaT]:
         if obj is None:
             return None
         # expire
-        if obj.create_time < datetime.utcnow() - timedelta(seconds=self.expire_seconds):
+        if obj.create_time < datetime.now() - timedelta(seconds=self.expire_seconds):
             await self.destroy_token(token=token)
             return None
         return self.TokenDataSchema.parse_raw(obj.data)
 
     async def write_token(self, token_data: Union[_TokenDataSchemaT, dict]) -> str:
         obj = self.TokenDataSchema.parse_obj(token_data) if isinstance(token_data, dict) else token_data
         token = secrets.token_urlsafe()
-        stmt = insert(TokenStoreModel).values(dict(token=token, data=obj.json()))
-        await self.db.async_execute(stmt)
+        model = TokenStoreModel(token=token, data=obj.json())
+        self.db.add(model)
+        await self.db.async_flush()
         return token
 
     async def destroy_token(self, token: str) -> None:
         stmt = delete(TokenStoreModel).where(TokenStoreModel.token == token)
         await self.db.async_execute(stmt)
+        await self.db.async_flush()

fastapi_user_auth/auth/backends/jwt.py

@@ -28,7 +28,7 @@ async def read_token(self, token: str) -> Optional[_TokenDataSchemaT]:
     async def write_token(self, token_data: Union[_TokenDataSchemaT, dict]) -> str:
         obj = self.TokenDataSchema.parse_obj(token_data) if isinstance(token_data, dict) else token_data
         data = obj.dict()
-        expire = datetime.utcnow() + timedelta(seconds=self.expire_seconds)
+        expire = datetime.now() + timedelta(seconds=self.expire_seconds)
         data.update({"exp": expire})
         return jwt.encode(data, self.secret_key, algorithm=self.algorithm)
 

fastapi_user_auth/auth/models.py

@@ -241,6 +241,8 @@ def has_requires(
         Returns:
             检测成功返回`True`
         """
+        if not groups and not roles and not permissions:
+            return True
         stmt = select(1)
         if groups:
             groups_list = [groups] if isinstance(groups, str) else list(groups)

pyproject.toml

@@ -37,12 +37,11 @@ classifiers = [
 ]
 dependencies = [
     "pydantic>=1.9",
-    "fastapi-amis-admin>=0.2.4,<0.4.0",
+    "fastapi-amis-admin>=0.4.0a1,<0.5.0",
     "email-validator",
     "passlib>=1.7.4",
     "bcrypt>=4.0.0",
     "sqlmodelx>=0.0.2",
-    "sqlalchemy-database>=0.0.10",
 ]
 
 [project.urls]

tests/conftest.py

@@ -1,3 +1,4 @@
+import pytest
 from sqlalchemy_database import AsyncDatabase, Database
 
 # sqlite
@@ -17,3 +18,16 @@
 
 # SQL Server
 # sync_db = Database.create('mssql+pyodbc://scott:tiger@mydsn')
+
+
+@pytest.fixture(autouse=True)
+def _setup_sync_db() -> Database:
+    yield sync_db
+    # Free connection pool resources
+    sync_db.close()  # type: ignore
+
+
+@pytest.fixture(autouse=True)
+async def _setup_async_db() -> AsyncDatabase:
+    yield async_db
+    await async_db.async_close()  # Free connection pool resources

tests/test_auth/conftest.py

@@ -6,6 +6,7 @@
 from sqlalchemy.orm import Session
 from sqlalchemy_database import AsyncDatabase, Database
 from sqlmodel import SQLModel
+from starlette.middleware.base import BaseHTTPMiddleware
 from starlette.testclient import TestClient
 
 from fastapi_user_auth.auth.auth import Auth, AuthRouter
@@ -19,6 +20,7 @@ async def db(request) -> Union[Database, AsyncDatabase]:
     await database.async_run_sync(SQLModel.metadata.create_all, is_session=False)
     yield database
     await database.async_run_sync(SQLModel.metadata.drop_all, is_session=False)
+    await database.async_close()
 
 
 @pytest.fixture()
@@ -35,7 +37,7 @@ def event_loop():
 
 @pytest.fixture(scope="session")
 async def fake_auth() -> Auth:
-    auth = Auth(db=AsyncDatabase.create("sqlite+aiosqlite:///amisadmin.db?check_same_thread=False"))
+    auth = Auth(db=async_db)
 
     # noinspection PyTypeChecker
     def create_fake_users(session: Session):
@@ -80,8 +82,10 @@ def create_fake_users(session: Session):
 
     await auth.db.async_run_sync(SQLModel.metadata.create_all, is_session=False)
     await auth.db.async_run_sync(create_fake_users)
+    await auth.db.async_commit()
     yield auth
     await auth.db.async_run_sync(SQLModel.metadata.drop_all, is_session=False)
+    await auth.db.async_close()
 
 
 class UserClient:
@@ -95,6 +99,7 @@ def __init__(self, auth: Auth, client: TestClient = None, user: User = None) ->
 @pytest.fixture(scope="session")
 def logins(request, fake_auth: Auth) -> UserClient:
     app = FastAPI()
+    app.add_middleware(BaseHTTPMiddleware, dispatch=async_db.asgi_dispatch)
     #  注册auth基础路由
     auth_router = AuthRouter(auth=fake_auth)
     app.include_router(auth_router.router)
@@ -105,7 +110,6 @@ def logins(request, fake_auth: Auth) -> UserClient:
         "test": {"username": "test", "password": "test"},
         "guest": {"username": None, "password": None},
     }
-    user = user_data.get(request.param) or {}
 
     def get_login_client(username: str = None, password: str = None) -> UserClient:
         client = TestClient(app)
@@ -123,4 +127,4 @@ def get_login_client(username: str = None, password: str = None) -> UserClient:
         assert user.username == username
         return UserClient(fake_auth, client=client, user=user)
 
-    return get_login_client(**user)
+    return get_login_client(**user_data.get(request.param, {}))