Improve the frontend modals
This commit is contained in:
Urtzi Alfaro
@@ -22,7 +22,7 @@ from app.middleware.rate_limit import RateLimitMiddleware
|
||||
from app.middleware.subscription import SubscriptionMiddleware
|
||||
from app.middleware.demo_middleware import DemoMiddleware
|
||||
from app.middleware.read_only_mode import ReadOnlyModeMiddleware
|
||||
from app.routes import auth, tenant, notification, nominatim, user, subscription, demo, pos
|
||||
from app.routes import auth, tenant, notification, nominatim, subscription, demo, pos
|
||||
from shared.monitoring.logging import setup_logging
|
||||
from shared.monitoring.metrics import MetricsCollector
|
||||
|
||||
@@ -67,7 +67,6 @@ app.add_middleware(RequestIDMiddleware) # Executes 1st (innermost) - Gene
|
||||
|
||||
# Include routers
|
||||
app.include_router(auth.router, prefix="/api/v1/auth", tags=["authentication"])
|
||||
app.include_router(user.router, prefix="/api/v1/users", tags=["users"])
|
||||
app.include_router(tenant.router, prefix="/api/v1/tenants", tags=["tenants"])
|
||||
app.include_router(subscription.router, prefix="/api/v1", tags=["subscriptions"])
|
||||
app.include_router(notification.router, prefix="/api/v1/notifications", tags=["notifications"])
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
# ================================================================
|
||||
# gateway/app/routes/auth.py (UPDATED VERSION)
|
||||
# gateway/app/routes/auth.py
|
||||
# ================================================================
|
||||
"""
|
||||
Authentication routes for API Gateway
|
||||
Enhanced version that properly proxies to auth microservice
|
||||
Authentication and User Management Routes for API Gateway
|
||||
Unified proxy to auth microservice
|
||||
"""
|
||||
|
||||
import logging
|
||||
@@ -11,7 +11,6 @@ import httpx
|
||||
from fastapi import APIRouter, Request, Response, HTTPException, status
|
||||
from fastapi.responses import JSONResponse
|
||||
from typing import Dict, Any
|
||||
import json
|
||||
|
||||
from app.core.config import settings
|
||||
from app.core.service_discovery import ServiceDiscovery
|
||||
@@ -27,23 +26,24 @@ metrics = MetricsCollector("gateway")
|
||||
# Auth service configuration
|
||||
AUTH_SERVICE_URL = settings.AUTH_SERVICE_URL or "http://auth-service:8000"
|
||||
|
||||
|
||||
class AuthProxy:
|
||||
"""Authentication service proxy with enhanced error handling"""
|
||||
|
||||
|
||||
def __init__(self):
|
||||
self.client = httpx.AsyncClient(
|
||||
timeout=httpx.Timeout(30.0),
|
||||
limits=httpx.Limits(max_connections=100, max_keepalive_connections=20)
|
||||
)
|
||||
|
||||
|
||||
async def forward_request(
|
||||
self,
|
||||
method: str,
|
||||
path: str,
|
||||
self,
|
||||
method: str,
|
||||
path: str,
|
||||
request: Request
|
||||
) -> Response:
|
||||
"""Forward request to auth service with proper error handling"""
|
||||
|
||||
|
||||
# Handle OPTIONS requests directly for CORS
|
||||
if request.method == "OPTIONS":
|
||||
return Response(
|
||||
@@ -56,21 +56,21 @@ class AuthProxy:
|
||||
"Access-Control-Max-Age": "86400" # Cache preflight for 24 hours
|
||||
}
|
||||
)
|
||||
|
||||
|
||||
try:
|
||||
# Get auth service URL (with service discovery if available)
|
||||
auth_url = await self._get_auth_service_url()
|
||||
target_url = f"{auth_url}/api/v1/auth/{path}"
|
||||
|
||||
target_url = f"{auth_url}/{path}"
|
||||
|
||||
# Prepare headers (remove hop-by-hop headers)
|
||||
headers = self._prepare_headers(dict(request.headers))
|
||||
|
||||
|
||||
# Get request body
|
||||
body = await request.body()
|
||||
|
||||
|
||||
# Forward request
|
||||
logger.info(f"Forwarding {method} {path} to auth service")
|
||||
|
||||
logger.info(f"Forwarding {method} /{path} to auth service")
|
||||
|
||||
response = await self.client.request(
|
||||
method=method,
|
||||
url=target_url,
|
||||
@@ -78,48 +78,48 @@ class AuthProxy:
|
||||
content=body,
|
||||
params=dict(request.query_params)
|
||||
)
|
||||
|
||||
|
||||
# Record metrics
|
||||
metrics.increment_counter("gateway_auth_requests_total")
|
||||
metrics.increment_counter(
|
||||
"gateway_auth_responses_total",
|
||||
"gateway_auth_responses_total",
|
||||
labels={"status_code": str(response.status_code)}
|
||||
)
|
||||
|
||||
|
||||
# Prepare response headers
|
||||
response_headers = self._prepare_response_headers(dict(response.headers))
|
||||
|
||||
|
||||
return Response(
|
||||
content=response.content,
|
||||
status_code=response.status_code,
|
||||
headers=response_headers,
|
||||
media_type=response.headers.get("content-type")
|
||||
)
|
||||
|
||||
|
||||
except httpx.TimeoutException:
|
||||
logger.error(f"Timeout forwarding {method} {path} to auth service")
|
||||
logger.error(f"Timeout forwarding {method} /{path} to auth service")
|
||||
metrics.increment_counter("gateway_auth_errors_total", labels={"error": "timeout"})
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_504_GATEWAY_TIMEOUT,
|
||||
detail="Authentication service timeout"
|
||||
)
|
||||
|
||||
|
||||
except httpx.ConnectError:
|
||||
logger.error(f"Connection error forwarding {method} {path} to auth service")
|
||||
logger.error(f"Connection error forwarding {method} /{path} to auth service")
|
||||
metrics.increment_counter("gateway_auth_errors_total", labels={"error": "connection"})
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_503_SERVICE_UNAVAILABLE,
|
||||
detail="Authentication service unavailable"
|
||||
)
|
||||
|
||||
|
||||
except Exception as e:
|
||||
logger.error(f"Error forwarding {method} {path} to auth service: {e}")
|
||||
logger.error(f"Error forwarding {method} /{path} to auth service: {e}")
|
||||
metrics.increment_counter("gateway_auth_errors_total", labels={"error": "unknown"})
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
|
||||
detail="Internal gateway error"
|
||||
)
|
||||
|
||||
|
||||
async def _get_auth_service_url(self) -> str:
|
||||
"""Get auth service URL with service discovery"""
|
||||
try:
|
||||
@@ -129,10 +129,10 @@ class AuthProxy:
|
||||
return service_url
|
||||
except Exception as e:
|
||||
logger.warning(f"Service discovery failed: {e}")
|
||||
|
||||
|
||||
# Fall back to configured URL
|
||||
return AUTH_SERVICE_URL
|
||||
|
||||
|
||||
def _prepare_headers(self, headers: Dict[str, str]) -> Dict[str, str]:
|
||||
"""Prepare headers for forwarding (remove hop-by-hop headers)"""
|
||||
# Remove hop-by-hop headers
|
||||
@@ -140,18 +140,18 @@ class AuthProxy:
|
||||
'connection', 'keep-alive', 'proxy-authenticate',
|
||||
'proxy-authorization', 'te', 'trailers', 'upgrade'
|
||||
}
|
||||
|
||||
|
||||
filtered_headers = {
|
||||
k: v for k, v in headers.items()
|
||||
if k.lower() not in hop_by_hop_headers
|
||||
}
|
||||
|
||||
|
||||
# Add gateway identifier
|
||||
filtered_headers['X-Forwarded-By'] = 'bakery-gateway'
|
||||
filtered_headers['X-Gateway-Version'] = '1.0.0'
|
||||
|
||||
|
||||
return filtered_headers
|
||||
|
||||
|
||||
def _prepare_response_headers(self, headers: Dict[str, str]) -> Dict[str, str]:
|
||||
"""Prepare response headers"""
|
||||
# Remove server-specific headers
|
||||
@@ -159,77 +159,39 @@ class AuthProxy:
|
||||
k: v for k, v in headers.items()
|
||||
if k.lower() not in {'server', 'date'}
|
||||
}
|
||||
|
||||
|
||||
# Add CORS headers if needed
|
||||
if settings.CORS_ORIGINS:
|
||||
filtered_headers['Access-Control-Allow-Origin'] = '*'
|
||||
filtered_headers['Access-Control-Allow-Methods'] = 'GET, POST, PUT, DELETE, OPTIONS'
|
||||
filtered_headers['Access-Control-Allow-Headers'] = 'Content-Type, Authorization'
|
||||
|
||||
|
||||
return filtered_headers
|
||||
|
||||
|
||||
# Initialize proxy
|
||||
auth_proxy = AuthProxy()
|
||||
|
||||
# ================================================================
|
||||
# AUTH ENDPOINTS - All proxied to auth service
|
||||
# ================================================================
|
||||
|
||||
@router.post("/register")
|
||||
async def register(request: Request):
|
||||
"""Proxy user registration to auth service"""
|
||||
return await auth_proxy.forward_request("POST", "register", request)
|
||||
|
||||
@router.post("/login")
|
||||
async def login(request: Request):
|
||||
"""Proxy user login to auth service"""
|
||||
return await auth_proxy.forward_request("POST", "login", request)
|
||||
|
||||
@router.post("/refresh")
|
||||
async def refresh_token(request: Request):
|
||||
"""Proxy token refresh to auth service"""
|
||||
return await auth_proxy.forward_request("POST", "refresh", request)
|
||||
|
||||
@router.post("/verify")
|
||||
async def verify_token(request: Request):
|
||||
"""Proxy token verification to auth service"""
|
||||
return await auth_proxy.forward_request("POST", "verify", request)
|
||||
|
||||
@router.post("/logout")
|
||||
async def logout(request: Request):
|
||||
"""Proxy user logout to auth service"""
|
||||
return await auth_proxy.forward_request("POST", "logout", request)
|
||||
|
||||
@router.post("/reset-password")
|
||||
async def reset_password(request: Request):
|
||||
"""Proxy password reset to auth service"""
|
||||
return await auth_proxy.forward_request("POST", "reset-password", request)
|
||||
|
||||
@router.post("/change-password")
|
||||
async def change_password(request: Request):
|
||||
"""Proxy password change to auth service"""
|
||||
return await auth_proxy.forward_request("POST", "change-password", request)
|
||||
|
||||
# ================================================================
|
||||
# CATCH-ALL ROUTE for any other auth endpoints
|
||||
# CATCH-ALL ROUTE for all auth and user endpoints
|
||||
# ================================================================
|
||||
|
||||
@router.api_route("/{path:path}", methods=["GET", "POST", "PUT", "DELETE", "PATCH"])
|
||||
async def proxy_auth_requests(path: str, request: Request):
|
||||
"""Catch-all proxy for auth requests"""
|
||||
return await auth_proxy.forward_request(request.method, path, request)
|
||||
"""Catch-all proxy for all auth and user requests"""
|
||||
return await auth_proxy.forward_request(request.method, f"api/v1/auth/{path}", request)
|
||||
|
||||
# ================================================================
|
||||
# HEALTH CHECK for auth service
|
||||
# ================================================================
|
||||
|
||||
@router.get("/auth/health")
|
||||
@router.get("/health")
|
||||
async def auth_service_health():
|
||||
"""Check auth service health"""
|
||||
try:
|
||||
async with httpx.AsyncClient(timeout=5.0) as client:
|
||||
response = await client.get(f"{AUTH_SERVICE_URL}/health")
|
||||
|
||||
|
||||
if response.status_code == 200:
|
||||
return {
|
||||
"status": "healthy",
|
||||
@@ -238,16 +200,16 @@ async def auth_service_health():
|
||||
}
|
||||
else:
|
||||
return {
|
||||
"status": "unhealthy",
|
||||
"status": "unhealthy",
|
||||
"auth_service": "error",
|
||||
"status_code": response.status_code
|
||||
}
|
||||
|
||||
|
||||
except Exception as e:
|
||||
logger.error(f"Auth service health check failed: {e}")
|
||||
return {
|
||||
"status": "unhealthy",
|
||||
"auth_service": "unavailable",
|
||||
"auth_service": "unavailable",
|
||||
"error": str(e)
|
||||
}
|
||||
|
||||
|
||||
@@ -313,7 +313,7 @@ async def proxy_tenant_orders_with_path(request: Request, tenant_id: str = Path(
|
||||
@router.api_route("/{tenant_id}/customers/{path:path}", methods=["GET", "POST", "PUT", "DELETE", "OPTIONS"])
|
||||
async def proxy_tenant_customers(request: Request, tenant_id: str = Path(...), path: str = ""):
|
||||
"""Proxy tenant customers requests to orders service"""
|
||||
target_path = f"/api/v1/tenants/{tenant_id}/customers/{path}".rstrip("/")
|
||||
target_path = f"/api/v1/tenants/{tenant_id}/orders/customers/{path}".rstrip("/")
|
||||
return await _proxy_to_orders_service(request, target_path, tenant_id=tenant_id)
|
||||
|
||||
@router.api_route("/{tenant_id}/procurement/{path:path}", methods=["GET", "POST", "PUT", "DELETE", "OPTIONS"])
|
||||
@@ -556,4 +556,4 @@ async def _proxy_request(request: Request, target_path: str, service_url: str, t
|
||||
raise HTTPException(
|
||||
status_code=500,
|
||||
detail="Internal gateway error"
|
||||
)
|
||||
)
|
||||
|
||||
Reference in New Issue
Block a user