Merge pull request #179 from lbedner/auth-tests

Auth Tests

Author: lbedner

CLAUDE.md

@@ -42,10 +42,22 @@ This project uses `uv` for dependency management and a `Makefile` for CLI develo
 - `make test-template-quick` - Quick template test without validation
 - `make test-template` - Full template test with validation
 - `make test-template-with-components` - Test template with scheduler component
+- `make test-template-auth` - **Test auth service template with comprehensive validation**
+- `make test-template-worker` - Test worker component template
+- `make test-template-database` - Test database component template
+- `make test-template-full` - Test template with all components
 - `make clean-test-projects` - Remove generated test projects
 
 **Template testing is critical** - always run `make test-template` after modifying templates to ensure generated projects work correctly.
 
+**For auth service development**: Use `make test-template-auth` to generate auth service project and run full validation including:
+- ✅ Auth service includes Alembic migration infrastructure
+- ✅ Database component auto-inclusion
+- ✅ Migration files generate correctly
+- ✅ All 52 auth service tests pass
+- ✅ CLI script installation and functionality
+- ✅ Linting, type checking, and quality checks
+
 ## CRITICAL: Template Development Workflow
 
 **NEVER edit generated test projects directly!** Always follow this workflow:

aegis/templates/cookiecutter-aegis-project/{{cookiecutter.project_slug}}/app/components/backend/api/auth/router.py

@@ -1,46 +1,46 @@
 """Authentication API routes."""
 
-from app.components.backend.api.deps import get_db
+from app.components.backend.api.deps import get_async_db
 from app.core.security import create_access_token, verify_password
 from app.models.user import UserCreate, UserResponse
 from app.services.auth.auth_service import get_current_user_from_token
-from app.services.auth.user_service import UserService
+from app.services.auth.user_service import AsyncUserService
 from fastapi import APIRouter, Depends, HTTPException, status
 from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
-from sqlmodel import Session
+from sqlmodel.ext.asyncio.session import AsyncSession
 
 router = APIRouter(prefix="/auth", tags=["authentication"])
 
 oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/v1/auth/token")
 
 
 @router.post("/register", response_model=UserResponse)
-async def register(user_data: UserCreate, db: Session = Depends(get_db)):
+async def register(user_data: UserCreate, db: AsyncSession = Depends(get_async_db)):
     """Register a new user."""
-    user_service = UserService(db)
+    user_service = AsyncUserService(db)
 
     # Check if user already exists
-    existing_user = user_service.get_user_by_email(user_data.email)
+    existing_user = await user_service.get_user_by_email(user_data.email)
     if existing_user:
         raise HTTPException(
             status_code=status.HTTP_400_BAD_REQUEST, detail="Email already registered"
         )
 
     # Create new user
-    user = user_service.create_user(user_data)
+    user = await user_service.create_user(user_data)
     return UserResponse.model_validate(user)
 
 
 @router.post("/token")
 async def login(
     form_data: OAuth2PasswordRequestForm = Depends(),
-    db: Session = Depends(get_db),
+    db: AsyncSession = Depends(get_async_db),
 ):
     """Login and get access token."""
-    user_service = UserService(db)
+    user_service = AsyncUserService(db)
 
     # Get user by email (username field in OAuth2 form)
-    user = user_service.get_user_by_email(form_data.username)
+    user = await user_service.get_user_by_email(form_data.username)
 
     if not user or not verify_password(form_data.password, user.hashed_password):
         raise HTTPException(
@@ -57,7 +57,7 @@ async def login(
 @router.get("/me", response_model=UserResponse)
 async def get_current_user(
     token: str = Depends(oauth2_scheme),
-    db: Session = Depends(get_db),
+    db: AsyncSession = Depends(get_async_db),
 ):
     """Get current authenticated user."""
     user = await get_current_user_from_token(token, db)

aegis/templates/cookiecutter-aegis-project/{{cookiecutter.project_slug}}/app/components/backend/api/deps.py

@@ -1,9 +1,10 @@
 """FastAPI dependencies for the backend API."""
 
-from collections.abc import Generator
+from collections.abc import AsyncGenerator, Generator
 
-from app.core.db import SessionLocal
+from app.core.db import AsyncSessionLocal, SessionLocal
 from sqlmodel import Session
+from sqlmodel.ext.asyncio.session import AsyncSession
 
 
 def get_db() -> Generator[Session, None, None]:
@@ -28,3 +29,30 @@ def example_endpoint(db: Session = Depends(get_db)):
         yield db
     finally:
         db.close()
+
+
+async def get_async_db() -> AsyncGenerator[AsyncSession, None]:
+    """
+    Async database dependency that provides an async database session.
+
+    This dependency is used in async FastAPI route functions to get access to
+    the database with non-blocking I/O operations. It automatically handles
+    session lifecycle - creating, yielding, committing and closing the session properly.
+
+    Usage:
+        @router.get("/example")
+        async def example_endpoint(db: AsyncSession = Depends(get_async_db)):
+            # Use db for async database operations with await
+            result = await db.exec(select(MyModel))
+            return result.first()
+
+    Yields:
+        AsyncSession: SQLModel async database session
+    """
+    async with AsyncSessionLocal() as session:
+        try:
+            yield session
+            await session.commit()
+        except Exception:
+            await session.rollback()
+            raise

aegis/templates/cookiecutter-aegis-project/{{cookiecutter.project_slug}}/app/services/auth/auth_service.py

@@ -1,14 +1,14 @@
 """Authentication service utilities."""
 
 from fastapi import HTTPException, status
-from sqlmodel import Session
+from sqlmodel.ext.asyncio.session import AsyncSession
 
 from app.core.security import verify_token
 from app.models.user import User
-from app.services.auth.user_service import UserService
+from app.services.auth.user_service import AsyncUserService
 
 
-async def get_current_user_from_token(token: str, db: Session) -> User:
+async def get_current_user_from_token(token: str, db: AsyncSession) -> User:
     """Get current user from JWT token."""
     credentials_exception = HTTPException(
         status_code=status.HTTP_401_UNAUTHORIZED,
@@ -27,8 +27,8 @@ async def get_current_user_from_token(token: str, db: Session) -> User:
         raise credentials_exception
 
     # Get user from database
-    user_service = UserService(db)
-    user = user_service.get_user_by_email(email)
+    user_service = AsyncUserService(db)
+    user = await user_service.get_user_by_email(email)
     if user is None:
         raise credentials_exception
 

aegis/templates/cookiecutter-aegis-project/{{cookiecutter.project_slug}}/app/services/auth/user_service.py

@@ -3,6 +3,7 @@
 from datetime import UTC, datetime
 
 from sqlmodel import Session, select
+from sqlmodel.ext.asyncio.session import AsyncSession
 
 from app.core.security import get_password_hash
 from app.models.user import User, UserCreate
@@ -78,3 +79,77 @@ def find_existing_emails_with_prefix(self, prefix: str, domain: str) -> list[str
         statement = select(User.email).where(User.email.like(pattern))
         result = self.db.exec(statement)
         return list(result.all())
+
+
+class AsyncUserService:
+    """Async service for managing users with non-blocking database operations."""
+
+    def __init__(self, db: AsyncSession):
+        self.db = db
+
+    async def create_user(self, user_data: UserCreate) -> User:
+        """Create a new user asynchronously."""
+        # Hash the password
+        hashed_password = get_password_hash(user_data.password)
+
+        # Create user object
+        user = User(
+            email=user_data.email,
+            full_name=user_data.full_name,
+            hashed_password=hashed_password,
+            is_active=user_data.is_active,
+            created_at=datetime.now(UTC),
+        )
+
+        # Save to database
+        self.db.add(user)
+        await self.db.commit()
+        await self.db.refresh(user)
+
+        return user
+
+    async def get_user_by_email(self, email: str) -> User | None:
+        """Get user by email address asynchronously."""
+        statement = select(User).where(User.email == email)
+        result = await self.db.exec(statement)
+        return result.first()
+
+    async def get_user_by_id(self, user_id: int) -> User | None:
+        """Get user by ID asynchronously."""
+        return await self.db.get(User, user_id)
+
+    async def update_user(self, user_id: int, **updates) -> User | None:
+        """Update user data asynchronously."""
+        user = await self.get_user_by_id(user_id)
+        if not user:
+            return None
+
+        for field, value in updates.items():
+            if hasattr(user, field):
+                setattr(user, field, value)
+
+        user.updated_at = datetime.now(UTC)
+        self.db.add(user)
+        await self.db.commit()
+        await self.db.refresh(user)
+
+        return user
+
+    async def deactivate_user(self, user_id: int) -> User | None:
+        """Deactivate a user account asynchronously."""
+        return await self.update_user(user_id, is_active=False)
+
+    async def list_users(self) -> list[User]:
+        """List all users in the system asynchronously."""
+        statement = select(User).order_by(User.created_at.desc())
+        result = await self.db.exec(statement)
+        return list(result.all())
+
+    async def find_existing_emails_with_prefix(
+        self, prefix: str, domain: str
+    ) -> list[str]:
+        """Find existing emails that match the pattern prefix{number}@domain async."""
+        pattern = f"{prefix}%@{domain}"
+        statement = select(User.email).where(User.email.like(pattern))
+        result = await self.db.exec(statement)
+        return list(result.all())