bakery-admin/bakery-ia
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Improve the frontend and fix TODOs

Browse Source
This commit is contained in:
Urtzi Alfaro
2025-10-24 13:05:04 +02:00
parent 07c33fa578
commit 61376b7a9f
100 changed files with 8284 additions and 3419 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
shared/__init__.py Normal file
View File

@@ -0,0 +1 @@
# Shared package initialization

92
shared/auth/decorators.py
View File

@@ -374,12 +374,76 @@ def extract_tenant_from_headers(request: Request) -> Optional[str]:
"""Extract tenant ID from headers"""
return request.headers.get("x-tenant-id")
def extract_user_from_jwt(auth_header: str) -> Optional[Dict[str, Any]]:
"""
Extract user information from JWT token
This is a fallback for when gateway doesn't inject x-user-* headers
"""
try:
from jose import jwt
from shared.config.base import is_internal_service
# Remove "Bearer " prefix
token = auth_header.replace("Bearer ", "").strip()
# Decode without verification (we trust tokens from gateway)
# In production, you'd verify with the secret key
payload = jwt.decode(token, key="dummy", options={"verify_signature": False})
logger.debug("JWT payload decoded", payload_keys=list(payload.keys()))
# Extract user information from JWT payload
user_id = payload.get("sub") or payload.get("user_id") or payload.get("service")
if not user_id:
logger.warning("No user_id found in JWT payload", payload=payload)
return None
# Check if this is a service token
token_type = payload.get("type", "")
service_name = payload.get("service", "")
if token_type == "service" or is_internal_service(user_id) or is_internal_service(service_name):
# This is a service token
service_identifier = service_name or user_id
user_context = {
"user_id": service_identifier,
"type": "service",
"service": service_identifier,
"role": "admin", # Services get admin privileges
"is_service": True,
"permissions": ["read", "write", "admin"],
"email": f"{service_identifier}@internal.service",
"full_name": f"{service_identifier.replace('-', ' ').title()}"
}
logger.info("Service authenticated via JWT", service=service_identifier)
else:
# This is a user token
user_context = {
"user_id": user_id,
"type": "user",
"email": payload.get("email", ""),
"role": payload.get("role", "user"),
"tenant_id": payload.get("tenant_id"),
"permissions": payload.get("permissions", []),
"full_name": payload.get("full_name", ""),
"subscription_tier": payload.get("subscription_tier", ""),
"is_service": False
}
logger.info("User authenticated via JWT", user_id=user_id)
return user_context
except Exception as e:
logger.error("Failed to extract user from JWT", error=str(e), error_type=type(e).__name__)
return None
# ================================================================
# FASTAPI DEPENDENCY FUNCTIONS
# ================================================================
async def get_current_user_dep(request: Request) -> Dict[str, Any]:
"""FastAPI dependency to get current user - ENHANCED with detailed logging"""
"""FastAPI dependency to get current user - ENHANCED with JWT fallback for services"""
try:
# Log all incoming headers for debugging 401 issues
logger.debug(
@@ -395,7 +459,27 @@ async def get_current_user_dep(request: Request) -> Dict[str, Any]:
client_ip=request.client.host if request.client else "unknown"
)
user = get_current_user(request)
# Try to get user from headers first (preferred method)
user = None
try:
user = get_current_user(request)
except HTTPException:
# If headers are missing, try JWT token as fallback
auth_header = request.headers.get("authorization", "")
if auth_header.startswith("Bearer "):
user = extract_user_from_jwt(auth_header)
if user:
logger.info(
"User authenticated via JWT fallback",
user_id=user.get("user_id"),
user_type=user.get("type", "user"),
is_service=user.get("type") == "service",
path=request.url.path
)
# If still no user, raise original exception
if not user:
raise
logger.info(
"User authenticated successfully",
@@ -415,6 +499,7 @@ async def get_current_user_dep(request: Request) -> Dict[str, Any]:
status_code=e.status_code,
detail=e.detail,
has_x_user_id=bool(request.headers.get("x-user-id")),
has_auth_header=bool(request.headers.get("authorization")),
x_user_type=request.headers.get("x-user-type", "none"),
x_service_name=request.headers.get("x-service-name", "none"),
client_ip=request.client.host if request.client else "unknown"
@@ -596,9 +681,10 @@ __all__ = [
'get_current_user',
'get_current_tenant_id',
'extract_user_from_headers',
'extract_user_from_jwt',
'extract_tenant_from_headers',
'is_admin_user',
'is_user_in_roles',
'get_user_permissions',
'has_permission'
]
]

53
shared/clients/auth_client.py
View File

@@ -131,4 +131,55 @@ class AuthServiceClient(BaseServiceClient):
user_id=user_id,
error=str(e),
default_plan="starter")
return "starter"
return "starter"
async def create_user_by_owner(self, user_data: Dict[str, Any]) -> Dict[str, Any]:
"""
Create a new user account via the auth service (owner/admin only - pilot phase).
This method calls the auth service endpoint that allows tenant owners
to directly create users with passwords during the pilot phase.
Args:
user_data: Dictionary containing:
- email: User email (required)
- full_name: Full name (required)
- password: Password (required)
- phone: Phone number (optional)
- role: User role (optional, default: "user")
- language: Language preference (optional, default: "es")
- timezone: Timezone (optional, default: "Europe/Madrid")
Returns:
Dict with created user data including user ID
Raises:
Exception if user creation fails
"""
try:
logger.info(
"Creating user via auth service",
email=user_data.get("email"),
role=user_data.get("role", "user")
)
result = await self.post("/users/create-by-owner", user_data)
if result and result.get("id"):
logger.info(
"User created successfully via auth service",
user_id=result.get("id"),
email=result.get("email")
)
return result
else:
logger.error("User creation returned no user ID")
raise Exception("User creation failed: No user ID returned")
except Exception as e:
logger.error(
"Failed to create user via auth service",
email=user_data.get("email"),
error=str(e)
)
raise

130
shared/clients/notification_client.py Normal file
View File

@@ -0,0 +1,130 @@
# shared/clients/notification_client.py
"""
Notification Service Client for Inter-Service Communication
Provides access to notification and email sending from other services
"""
import structlog
from typing import Dict, Any, Optional
from uuid import UUID
from shared.clients.base_service_client import BaseServiceClient
from shared.config.base import BaseServiceSettings
logger = structlog.get_logger()
class NotificationServiceClient(BaseServiceClient):
"""Client for communicating with the Notification Service"""
def __init__(self, config: BaseServiceSettings):
super().__init__("notification", config)
def get_service_base_path(self) -> str:
return "/api/v1/notifications"
# ================================================================
# NOTIFICATION ENDPOINTS
# ================================================================
async def send_notification(
self,
tenant_id: str,
notification_type: str,
message: str,
recipient_email: Optional[str] = None,
subject: Optional[str] = None,
html_content: Optional[str] = None,
priority: str = "normal",
metadata: Optional[Dict[str, Any]] = None
) -> Optional[Dict[str, Any]]:
"""
Send a notification
Args:
tenant_id: Tenant ID (UUID as string)
notification_type: Type of notification (email, sms, push, in_app)
message: Notification message
recipient_email: Recipient email address (for email notifications)
subject: Email subject (for email notifications)
html_content: HTML content for email (optional)
priority: Priority level (low, normal, high, urgent)
metadata: Additional metadata
Returns:
Dictionary with notification details
"""
try:
notification_data = {
"type": notification_type,
"message": message,
"priority": priority,
"recipient_email": recipient_email,
"subject": subject,
"html_content": html_content,
"metadata": metadata or {}
}
result = await self.post("send", data=notification_data, tenant_id=tenant_id)
if result:
logger.info("Notification sent successfully",
tenant_id=tenant_id,
notification_type=notification_type)
return result
except Exception as e:
logger.error("Error sending notification",
error=str(e),
tenant_id=tenant_id,
notification_type=notification_type)
return None
async def send_email(
self,
tenant_id: str,
to_email: str,
subject: str,
message: str,
html_content: Optional[str] = None,
priority: str = "normal"
) -> Optional[Dict[str, Any]]:
"""
Send an email notification (convenience method)
Args:
tenant_id: Tenant ID (UUID as string)
to_email: Recipient email address
subject: Email subject
message: Email message (plain text)
html_content: HTML version of email (optional)
priority: Priority level (low, normal, high, urgent)
Returns:
Dictionary with notification details
"""
return await self.send_notification(
tenant_id=tenant_id,
notification_type="email",
message=message,
recipient_email=to_email,
subject=subject,
html_content=html_content,
priority=priority
)
# ================================================================
# UTILITY METHODS
# ================================================================
async def health_check(self) -> bool:
"""Check if notification service is healthy"""
try:
result = await self.get("../health") # Health endpoint is not tenant-scoped
return result is not None
except Exception as e:
logger.error("Notification service health check failed", error=str(e))
return False
# Factory function for dependency injection
def create_notification_client(config: BaseServiceSettings) -> NotificationServiceClient:
"""Create notification service client instance"""
return NotificationServiceClient(config)