From ffc3572a4ca97f2d62f6124cfa3a25677d07b578 Mon Sep 17 00:00:00 2001
From: JohnGrubba <nicjontrickshots@gmail.com>
Date: Mon, 12 Aug 2024 15:03:12 +0200
Subject: [PATCH] Get by Identifier (E-Mail, Username, and ID)

---
 src/api/login.py                  |  8 ++++----
 src/api/oauth_providers/github.py |  6 +++---
 src/api/oauth_providers/google.py |  6 +++---
 src/api/profile.py                |  8 ++++----
 src/crud/user.py                  | 11 ++++++++---
 5 files changed, 22 insertions(+), 17 deletions(-)

diff --git a/src/api/login.py b/src/api/login.py
index 20efba6..2a6b94b 100644
--- a/src/api/login.py
+++ b/src/api/login.py
@@ -5,7 +5,7 @@
     ResetPasswordRequest,
     ConfirmEmailCodeRequest,
 )
-from crud.user import get_user_email_or_username, get_public_user, change_pswd
+from crud.user import get_user_identifier, get_public_user, change_pswd
 from crud.sessions import create_login_session, delete_session, clear_sessions_for_user
 import bcrypt
 import pyotp
@@ -48,7 +48,7 @@ async def forgot_password(
     ## Description
     This endpoint is used to reset the password of the user.
     """
-    user = get_user_email_or_username(password_reset_form.identifier)
+    user = get_user_identifier(password_reset_form.identifier)
     public_user = get_public_user(user["_id"])
     if not AccountFeaturesConfig.enable_reset_pswd:
         raise HTTPException(status_code=403, detail="Resetting Password is disabled.")
@@ -103,7 +103,7 @@ async def confirm_reset(code: ConfirmEmailCodeRequest):
     ## Description
     This endpoint is used to confirm a password reset.
     """
-    user = get_user_email_or_username(code.identifier)
+    user = get_user_identifier(code.identifier)
     if not AccountFeaturesConfig.enable_reset_pswd:
         raise HTTPException(status_code=403, detail="Resetting Password is disabled.")
     change_req = r.get("reset_pswd:" + user["email"])
@@ -140,7 +140,7 @@ async def login(login_form: LoginRequest, response: Response, request: Request):
     Returns a session token if the credentials are correct.
     Can also return a `Set-Cookie` header with the session token. (See Config)
     """
-    user = get_user_email_or_username(login_form.identifier)
+    user = get_user_identifier(login_form.identifier)
     # Check if User can be found
     if user is None:
         raise HTTPException(detail="User not found", status_code=404)
diff --git a/src/api/oauth_providers/github.py b/src/api/oauth_providers/github.py
index 3ce87e0..8b99776 100644
--- a/src/api/oauth_providers/github.py
+++ b/src/api/oauth_providers/github.py
@@ -8,7 +8,7 @@
 from crud.user import (
     create_user,
     get_user_by_github_uid,
-    get_user_email_or_username,
+    get_user_identifier,
     link_github_account,
 )
 from crud.sessions import create_login_session
@@ -114,13 +114,13 @@ async def oauth_callback(
         username = primary_email.split("@")[0]
 
     # If users email already exists, link the google account
-    usr = get_user_email_or_username(primary_email)
+    usr = get_user_identifier(primary_email)
     if usr:
         link_github_account(usr["_id"], rsp["id"])
         return login_usr(response, usr, request)
 
     # Check if user already exists in database
-    if get_user_email_or_username(username):
+    if get_user_identifier(username):
         username += str(random.randint(1000, 9999))
 
     # Custom SignUp Form (Password Field missing etc.)
diff --git a/src/api/oauth_providers/google.py b/src/api/oauth_providers/google.py
index 59043fe..e6dcaeb 100644
--- a/src/api/oauth_providers/google.py
+++ b/src/api/oauth_providers/google.py
@@ -7,7 +7,7 @@
 from crud.user import (
     create_user,
     get_user_by_google_uid,
-    get_user_email_or_username,
+    get_user_identifier,
     link_google_account,
 )
 from api.model import LoginResponse
@@ -102,13 +102,13 @@ async def oauth_callback(
         return login_usr(response, usr, request)
 
     # If users email already exists, link the google account
-    usr = get_user_email_or_username(jwt_decoded["email"])
+    usr = get_user_identifier(jwt_decoded["email"])
     if usr:
         link_google_account(usr["_id"], jwt_decoded["sub"])
         return login_usr(response, usr, request)
 
     # Check if user already exists in database
-    if get_user_email_or_username(username):
+    if get_user_identifier(username):
         username += str(random.randint(1000, 9999))
 
     # Custom SignUp Form (Password Field missing etc.)
diff --git a/src/api/profile.py b/src/api/profile.py
index 9ff4694..8d9fcbb 100644
--- a/src/api/profile.py
+++ b/src/api/profile.py
@@ -13,7 +13,7 @@
     get_user_dep,
 )
 from tools import SessionConfig, r
-from crud.user import get_public_user, get_user_email_or_username
+from crud.user import get_public_user, get_user_identifier
 import bson
 import json
 
@@ -104,16 +104,16 @@ async def delete_account(
     )
 
 
-@router.get("/profile/{identifier}")
+@router.get("/{identifier}")
 async def get_profile(identifier: str):
     """
     # Get Profile Information
 
     ## Description
-    This endpoint is used to get the public profile information of the user.
+    This endpoint is used to get the public profile information of a specified user.
     """
     try:
-        usr = get_user_email_or_username(identifier)
+        usr = get_user_identifier(identifier)
         if not usr:
             raise HTTPException(status_code=404, detail="User not found.")
     except bson.errors.InvalidId:
diff --git a/src/crud/user.py b/src/crud/user.py
index 0d9a70a..6dadc97 100644
--- a/src/crud/user.py
+++ b/src/crud/user.py
@@ -128,13 +128,13 @@ def update_public_user(
     if (
         data.get("username", "")
         and existing_user["username"] != data.get("username", "")
-        and get_user_email_or_username(data.get("username", ""))
+        and get_user_identifier(data.get("username", ""))
     ):
         raise HTTPException(detail="Username already in use.", status_code=409)
     # Check if email field is set and if user sends different one and if it is already in use
     if data.get("email", "") and existing_user["email"] != data.get("email", ""):
         # Check if someone else has this email already
-        if get_user_email_or_username(data["email"]):
+        if get_user_identifier(data["email"]):
             raise HTTPException(detail="Email already in use.", status_code=409)
         data["email"] = data["email"].lower()
 
@@ -240,7 +240,7 @@ def get_public_user(user_id: str) -> dict:
     )
 
 
-def get_user_email_or_username(credential: str) -> dict:
+def get_user_identifier(credential: str) -> dict:
     """Get a user by email or username
 
     Args:
@@ -249,11 +249,16 @@ def get_user_email_or_username(credential: str) -> dict:
     Returns:
         dict: User Data
     """
+    try:
+        credential = bson.ObjectId(credential)
+    except bson.errors.InvalidId:
+        pass
     return users_collection.find_one(
         {
             "$or": [
                 {"email": credential},
                 {"username": credential},
+                {"_id": credential},
             ]
         },
         collation=case_insensitive_collation,