mirror
/
tiangolo.fastapi
mirror of https://github.com/tiangolo/fastapi
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

🔥 Remove `USERS_OPEN_REGISTRATION` config, make registration enabled by default (#1274)

pull/13907/head
Alejandra 1 year ago
committed by GitHub
parent
7bba5a85f0
commit
1f686689f1
No known key found for this signature in database GPG Key ID: B5690EEEBB952194
7 changed files with 31 additions and 71 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      .env
  2. 10
      backend/README.md
  3. 5
      backend/app/api/routes/users.py
  4. 1
      backend/app/core/config.py
  5. 83
      backend/app/tests/api/routes/test_users.py
  6. 1
      deployment.md
  7. 1
      docker-compose.yml

1
.env
View File

@ -13,7 +13,6 @@ BACKEND_CORS_ORIGINS="http://localhost,http://localhost:5173,https://localhost,h
SECRET_KEY=changethis SECRET_KEY=changethis
FIRST_SUPERUSER=admin@example.com FIRST_SUPERUSER=admin@example.com
FIRST_SUPERUSER_PASSWORD=changethis FIRST_SUPERUSER_PASSWORD=changethis
USERS_OPEN_REGISTRATION=True
# Emails # Emails
SMTP_HOST= SMTP_HOST=

10
backend/README.md
View File

@ -63,16 +63,6 @@ Make sure your editor is using the correct Python virtual environment.
Modify or add SQLModel models for data and SQL tables in `./backend/app/models.py`, API endpoints in `./backend/app/api/`, CRUD (Create, Read, Update, Delete) utils in `./backend/app/crud.py`. Modify or add SQLModel models for data and SQL tables in `./backend/app/models.py`, API endpoints in `./backend/app/api/`, CRUD (Create, Read, Update, Delete) utils in `./backend/app/crud.py`.
### Enabling Open User Registration
By default the backend has user registration disabled, but there's already a route to register users. If you want to allow users to register themselves, you can set the environment variable `USERS_OPEN_REGISTRATION` to `True` in the `.env` file.
After modifying the environment variables, restart the Docker containers to apply the changes. You can do this by running:
```console
$ docker compose up -d
```
### VS Code ### VS Code
There are already configurations in place to run the backend through the VS Code debugger, so that you can use breakpoints, pause and explore variables, etc. There are already configurations in place to run the backend through the VS Code debugger, so that you can use breakpoints, pause and explore variables, etc.

5
backend/app/api/routes/users.py
View File

@ -146,11 +146,6 @@ def register_user(session: SessionDep, user_in: UserRegister) -> Any:
""" """
Create new user without the need to be logged in. Create new user without the need to be logged in.
""" """
if not settings.USERS_OPEN_REGISTRATION:
raise HTTPException(
status_code=403,
detail="Open user registration is forbidden on this server",
)
user = crud.get_user_by_email(session=session, email=user_in.email) user = crud.get_user_by_email(session=session, email=user_in.email)
if user: if user:
raise HTTPException( raise HTTPException(

1
backend/app/core/config.py
View File

@ -94,7 +94,6 @@ class Settings(BaseSettings):
# TODO: update type to EmailStr when sqlmodel supports it # TODO: update type to EmailStr when sqlmodel supports it
FIRST_SUPERUSER: str FIRST_SUPERUSER: str
FIRST_SUPERUSER_PASSWORD: str FIRST_SUPERUSER_PASSWORD: str
USERS_OPEN_REGISTRATION: bool = False
def _check_default_secret(self, var_name: str, value: str | None) -> None: def _check_default_secret(self, var_name: str, value: str | None) -> None:
if value == "changethis": if value == "changethis":

83
backend/app/tests/api/routes/test_users.py
View File

@ -283,62 +283,41 @@ def test_update_password_me_same_password_error(
def test_register_user(client: TestClient, db: Session) -> None: def test_register_user(client: TestClient, db: Session) -> None:
with patch("app.core.config.settings.USERS_OPEN_REGISTRATION", True): username = random_email()
username = random_email() password = random_lower_string()
password = random_lower_string() full_name = random_lower_string()
full_name = random_lower_string() data = {"email": username, "password": password, "full_name": full_name}
data = {"email": username, "password": password, "full_name": full_name} r = client.post(
r = client.post( f"{settings.API_V1_STR}/users/signup",
f"{settings.API_V1_STR}/users/signup", json=data,
json=data, )
) assert r.status_code == 200
assert r.status_code == 200 created_user = r.json()
created_user = r.json() assert created_user["email"] == username
assert created_user["email"] == username assert created_user["full_name"] == full_name
assert created_user["full_name"] == full_name
user_query = select(User).where(User.email == username)
user_db = db.exec(user_query).first()
assert user_db
assert user_db.email == username
assert user_db.full_name == full_name
assert verify_password(password, user_db.hashed_password)
def test_register_user_forbidden_error(client: TestClient) -> None: user_query = select(User).where(User.email == username)
with patch("app.core.config.settings.USERS_OPEN_REGISTRATION", False): user_db = db.exec(user_query).first()
username = random_email() assert user_db
password = random_lower_string() assert user_db.email == username
full_name = random_lower_string() assert user_db.full_name == full_name
data = {"email": username, "password": password, "full_name": full_name} assert verify_password(password, user_db.hashed_password)
r = client.post(
f"{settings.API_V1_STR}/users/signup",
json=data,
)
assert r.status_code == 403
assert (
r.json()["detail"] == "Open user registration is forbidden on this server"
)
def test_register_user_already_exists_error(client: TestClient) -> None: def test_register_user_already_exists_error(client: TestClient) -> None:
with patch("app.core.config.settings.USERS_OPEN_REGISTRATION", True): password = random_lower_string()
password = random_lower_string() full_name = random_lower_string()
full_name = random_lower_string() data = {
data = { "email": settings.FIRST_SUPERUSER,
"email": settings.FIRST_SUPERUSER, "password": password,
"password": password, "full_name": full_name,
"full_name": full_name, }
} r = client.post(
r = client.post( f"{settings.API_V1_STR}/users/signup",
f"{settings.API_V1_STR}/users/signup", json=data,
json=data, )
) assert r.status_code == 400
assert r.status_code == 400 assert r.json()["detail"] == "The user with this email already exists in the system"
assert (
r.json()["detail"]
== "The user with this email already exists in the system"
)
def test_update_user( def test_update_user(

1
deployment.md
View File

@ -133,7 +133,6 @@ You can set several variables, like:
* `SECRET_KEY`: The secret key for the FastAPI project, used to sign tokens. * `SECRET_KEY`: The secret key for the FastAPI project, used to sign tokens.
* `FIRST_SUPERUSER`: The email of the first superuser, this superuser will be the one that can create new users. * `FIRST_SUPERUSER`: The email of the first superuser, this superuser will be the one that can create new users.
* `FIRST_SUPERUSER_PASSWORD`: The password of the first superuser. * `FIRST_SUPERUSER_PASSWORD`: The password of the first superuser.
* `USERS_OPEN_REGISTRATION`: Whether to allow open registration of new users.
* `SMTP_HOST`: The SMTP server host to send emails, this would come from your email provider (E.g. Mailgun, Sparkpost, Sendgrid, etc). * `SMTP_HOST`: The SMTP server host to send emails, this would come from your email provider (E.g. Mailgun, Sparkpost, Sendgrid, etc).
* `SMTP_USER`: The SMTP server user to send emails. * `SMTP_USER`: The SMTP server user to send emails.
* `SMTP_PASSWORD`: The SMTP server password to send emails. * `SMTP_PASSWORD`: The SMTP server password to send emails.

1
docker-compose.yml
View File

@ -52,7 +52,6 @@ services:
- SECRET_KEY=${SECRET_KEY?Variable not set} - SECRET_KEY=${SECRET_KEY?Variable not set}
- FIRST_SUPERUSER=${FIRST_SUPERUSER?Variable not set} - FIRST_SUPERUSER=${FIRST_SUPERUSER?Variable not set}
- FIRST_SUPERUSER_PASSWORD=${FIRST_SUPERUSER_PASSWORD?Variable not set} - FIRST_SUPERUSER_PASSWORD=${FIRST_SUPERUSER_PASSWORD?Variable not set}
- USERS_OPEN_REGISTRATION=${USERS_OPEN_REGISTRATION}
- SMTP_HOST=${SMTP_HOST} - SMTP_HOST=${SMTP_HOST}
- SMTP_USER=${SMTP_USER} - SMTP_USER=${SMTP_USER}
- SMTP_PASSWORD=${SMTP_PASSWORD} - SMTP_PASSWORD=${SMTP_PASSWORD}

Write Preview
Loading…
Cancel
Save