Auth - Initial Checkin

Author: lbedner

aegis/templates/cookiecutter-aegis-project/{{cookiecutter.project_slug}}/app/components/backend/api/auth/router.py

@@ -1,6 +1,6 @@
 """Authentication API routes."""
 
-from app.core.db import get_db_session
+from app.components.backend.api.deps import get_db
 from app.core.security import create_access_token, verify_password
 from app.models.user import UserCreate, UserResponse
 from app.services.auth.auth_service import get_current_user_from_token
@@ -15,7 +15,7 @@
 
 
 @router.post("/register", response_model=UserResponse)
-async def register(user_data: UserCreate, db: Session = Depends(get_db_session)):
+async def register(user_data: UserCreate, db: Session = Depends(get_db)):
     """Register a new user."""
     user_service = UserService(db)
 
@@ -34,7 +34,7 @@ async def register(user_data: UserCreate, db: Session = Depends(get_db_session))
 @router.post("/token")
 async def login(
     form_data: OAuth2PasswordRequestForm = Depends(),
-    db: Session = Depends(get_db_session),
+    db: Session = Depends(get_db),
 ):
     """Login and get access token."""
     user_service = UserService(db)
@@ -57,7 +57,7 @@ async def login(
 @router.get("/me", response_model=UserResponse)
 async def get_current_user(
     token: str = Depends(oauth2_scheme),
-    db: Session = Depends(get_db_session),
+    db: Session = Depends(get_db),
 ):
     """Get current authenticated user."""
     user = await get_current_user_from_token(token, db)

aegis/templates/cookiecutter-aegis-project/{{cookiecutter.project_slug}}/app/components/backend/api/deps.py

@@ -0,0 +1,30 @@
+"""FastAPI dependencies for the backend API."""
+
+from collections.abc import Generator
+
+from app.core.db import SessionLocal
+from sqlmodel import Session
+
+
+def get_db() -> Generator[Session, None, None]:
+    """
+    Database dependency that provides a database session.
+
+    This dependency is used in FastAPI route functions to get access to
+    the database. It automatically handles session lifecycle - creating,
+    yielding, and closing the session properly.
+
+    Usage:
+        @router.get("/example")
+        def example_endpoint(db: Session = Depends(get_db)):
+            # Use db for database operations
+            pass
+
+    Yields:
+        Session: SQLModel database session
+    """
+    db = SessionLocal()
+    try:
+        yield db
+    finally:
+        db.close()

aegis/templates/cookiecutter-aegis-project/{{cookiecutter.project_slug}}/app/components/backend/api/routing.py.j2

@@ -7,6 +7,9 @@ from app.components.backend.api import worker
 {%- if cookiecutter.scheduler_backend != "memory" %}
 from app.components.backend.api import scheduler
 {%- endif %}
+{%- if cookiecutter.include_auth == "yes" %}
+from app.components.backend.api.auth.router import router as auth_router
+{%- endif %}
 
 
 def include_routers(app: FastAPI) -> None:
@@ -18,3 +21,6 @@ def include_routers(app: FastAPI) -> None:
     {%- if cookiecutter.scheduler_backend != "memory" %}
     app.include_router(scheduler.router, prefix="/api/v1", tags=["scheduler"])
     {%- endif %}
+    {%- if cookiecutter.include_auth == "yes" %}
+    app.include_router(auth_router, prefix="/api/v1")
+    {%- endif %}

aegis/templates/cookiecutter-aegis-project/{{cookiecutter.project_slug}}/app/components/backend/hooks.py

@@ -72,8 +72,14 @@ async def _discover_startup_hooks(self) -> None:
 
                 # Look for startup_hook function
                 if hasattr(module, "startup_hook"):
-                    logger.info(f"Registered startup hook from {module_name}")
-                    self.startup_hooks.append(module.startup_hook)
+                    # Prevent duplicate registration
+                    if module.startup_hook not in self.startup_hooks:
+                        logger.info(f"Registered startup hook from {module_name}")
+                        self.startup_hooks.append(module.startup_hook)
+                    else:
+                        logger.debug(
+                            f"Startup hook from {module_name} already registered"
+                        )
 
             except Exception as e:
                 logger.error(f"Failed to load startup hook {module_name}: {e}")
@@ -95,8 +101,14 @@ async def _discover_shutdown_hooks(self) -> None:
 
                 # Look for shutdown_hook function
                 if hasattr(module, "shutdown_hook"):
-                    logger.info(f"Registered shutdown hook from {module_name}")
-                    self.shutdown_hooks.append(module.shutdown_hook)
+                    # Prevent duplicate registration
+                    if module.shutdown_hook not in self.shutdown_hooks:
+                        logger.info(f"Registered shutdown hook from {module_name}")
+                        self.shutdown_hooks.append(module.shutdown_hook)
+                    else:
+                        logger.debug(
+                            f"Shutdown hook from {module_name} already registered"
+                        )
 
             except Exception as e:
                 logger.error(f"Failed to load shutdown hook {module_name}: {e}")

aegis/templates/cookiecutter-aegis-project/{{cookiecutter.project_slug}}/app/models/user.py

@@ -2,13 +2,14 @@
 
 from datetime import UTC, datetime
 
+from pydantic import EmailStr, field_validator
 from sqlmodel import Field, SQLModel
 
 
 class UserBase(SQLModel):
     """Base user model with shared fields."""
 
-    email: str = Field(unique=True, index=True)
+    email: EmailStr = Field(unique=True, index=True)
     full_name: str | None = None
     is_active: bool = Field(default=True)
 
@@ -25,7 +26,15 @@ class User(UserBase, table=True):
 class UserCreate(UserBase):
     """User creation model."""
 
-    password: str
+    password: str = Field(min_length=8)
+
+    @field_validator("password")
+    @classmethod
+    def validate_password(cls, v: str) -> str:
+        """Validate password meets minimum requirements."""
+        if len(v) < 8:
+            raise ValueError("Password must be at least 8 characters long")
+        return v
 
 
 class UserLogin(SQLModel):

aegis/templates/cookiecutter-aegis-project/{{cookiecutter.project_slug}}/app/services/auth/auth_service.py

@@ -35,7 +35,7 @@ async def get_current_user_from_token(token: str, db: Session) -> User:
     # Check if user is active
     if not user.is_active:
         raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST, detail="Inactive user"
+            status_code=status.HTTP_401_UNAUTHORIZED, detail="Inactive user"
         )
 
     return user

aegis/templates/cookiecutter-aegis-project/{{cookiecutter.project_slug}}/pyproject.toml.j2

@@ -41,6 +41,12 @@ dependencies = [
 {%- if cookiecutter.include_cache == "yes" %}
     "redis[hiredis]==5.0.8",
 {%- endif %}
+{%- if cookiecutter.include_auth == "yes" %}
+    "python-jose[cryptography]==3.3.0",
+    "passlib[bcrypt]==1.7.4",
+    "python-multipart==0.0.9",
+    "email-validator==2.2.0",
+{%- endif %}
 ]
 
 [project.scripts]