removed fastapi-auth0 in favor of a custom solution with better control

alembic/versions/7a37c4da2a88_added_roles_to_user_table_and_removed_.py

@@ -0,0 +1,44 @@
+"""added roles to user table and removed LONGTEXT to pass sqlite tests
+
+Revision ID: 7a37c4da2a88
+Revises: 8d2203595f7e
+Create Date: 2023-09-21 17:06:50.116644
+
+"""
+from alembic import op
+import sqlalchemy as sa
+from sqlalchemy.dialects import mysql
+
+# revision identifiers, used by Alembic.
+revision = '7a37c4da2a88'
+down_revision = '8d2203595f7e'
+branch_labels = None
+depends_on = None
+
+
+def upgrade() -> None:
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.add_column('user', sa.Column('roles', sa.JSON(), nullable=False))
+    op.alter_column('website_keywordcorpus', 'corpus',
+               existing_type=mysql.LONGTEXT(),
+               type_=sa.Text(length=4000000000),
+               existing_nullable=False)
+    op.alter_column('website_keywordcorpus', 'rawtext',
+               existing_type=mysql.LONGTEXT(),
+               type_=sa.Text(length=4000000000),
+               existing_nullable=False)
+    # ### end Alembic commands ###
+
+
+def downgrade() -> None:
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.alter_column('website_keywordcorpus', 'rawtext',
+               existing_type=sa.Text(length=4000000000),
+               type_=mysql.LONGTEXT(),
+               existing_nullable=False)
+    op.alter_column('website_keywordcorpus', 'corpus',
+               existing_type=sa.Text(length=4000000000),
+               type_=mysql.LONGTEXT(),
+               existing_nullable=False)
+    op.drop_column('user', 'roles')
+    # ### end Alembic commands ###

alembic/versions/8d2203595f7e_updated_website_keyword_tables_and_.py

@@ -0,0 +1,42 @@
+"""updated website keyword tables and username in user table
+
+Revision ID: 8d2203595f7e
+Revises: 4bb1a741a074
+Create Date: 2023-09-21 16:12:54.683735
+
+"""
+from alembic import op
+import sqlalchemy as sa
+from sqlalchemy.dialects import mysql
+
+# revision identifiers, used by Alembic.
+revision = '8d2203595f7e'
+down_revision = '4bb1a741a074'
+branch_labels = None
+depends_on = None
+
+
+def upgrade() -> None:
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.alter_column('website_keywordcorpus', 'corpus',
+               existing_type=mysql.LONGTEXT(),
+               type_=sa.Text(length=4000000000),
+               existing_nullable=False)
+    op.alter_column('website_keywordcorpus', 'rawtext',
+               existing_type=mysql.LONGTEXT(),
+               type_=sa.Text(length=4000000000),
+               existing_nullable=False)
+    # ### end Alembic commands ###
+
+
+def downgrade() -> None:
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.alter_column('website_keywordcorpus', 'rawtext',
+               existing_type=sa.Text(length=4000000000),
+               type_=mysql.LONGTEXT(),
+               existing_nullable=False)
+    op.alter_column('website_keywordcorpus', 'corpus',
+               existing_type=sa.Text(length=4000000000),
+               type_=mysql.LONGTEXT(),
+               existing_nullable=False)
+    # ### end Alembic commands ###

app/api/deps/permissions.py

@@ -1,12 +1,11 @@
 from typing import Annotated, Any, List
 
 from fastapi import Depends, HTTPException, Security, status
-from fastapi_auth0 import Auth0User
 from fastapi_permissions import Authenticated  # type: ignore  # noqa: E501
 from fastapi_permissions import Everyone, configure_permissions, has_permission
 
 from app.api.errors import ErrorCode
-from app.core.auth import auth
+from app.core.auth import Auth0User, auth
 
 
 def get_current_user(user: Auth0User | None = Security(auth.get_user)) -> Auth0User:

app/api/v1/endpoints/users.py

@@ -1,3 +1,5 @@
+from typing import List
+
 from fastapi import APIRouter, Depends
 
 from app.api.deps import AsyncDatabaseSession, CurrentUser, get_async_db
@@ -9,6 +11,7 @@
 from app.models.user import User
 from app.schemas import UserRead
 from app.schemas.user import UserCreate
+from app.schemas.user_roles import UserRole
 
 router: APIRouter = APIRouter()
 
@@ -32,17 +35,16 @@ async def users_current(
         field_name="auth_id", field_value=current_user.id
     )
     if not user:
-        is_admin: bool = False
-        if current_user.permissions and "access:admin" in current_user.permissions:
-            is_admin = True
+        user_roles: List[UserRole] = current_user.roles \
+            if current_user.roles else [UserRole.USER]
         user = await users_repo.create(
             UserCreate(
                 auth_id=current_user.id,
                 email=current_user.email,
-                username=current_user.email,
-                is_superuser=is_admin,
+                is_superuser=False,
                 is_verified=False,
                 is_active=True,
+                roles=user_roles,
             )
         )
     return UserRead.model_validate(user)

app/api/v1/endpoints/web_pages.py

@@ -47,7 +47,11 @@ async def website_page_list(
         website_id=query.website_id,
         sitemap_id=query.sitemap_id,
     )
-    return [WebsitePageRead.model_validate(w) for w in website_list] if website_list else []
+    return (
+        [WebsitePageRead.model_validate(w) for w in website_list]
+        if website_list
+        else []
+    )
 
 
 @router.post(

app/core/auth/__init__.py

@@ -0,0 +1,19 @@
+from app.core.config import settings
+
+from .auth0 import (
+    Auth0,
+    Auth0HTTPBearer,
+    Auth0UnauthenticatedException,
+    Auth0UnauthorizedException,
+    Auth0User,
+    HTTPAuth0Error,
+    JwksDict,
+    JwksKeyDict,
+    OAuth2ImplicitBearer,
+)
+
+auth = Auth0(
+    domain=settings.AUTH0_DOMAIN,
+    api_audience=settings.AUTH0_API_AUDIENCE,
+    scopes=settings.BASE_PRINCIPALS,
+)