Introduced new fixtures and tests for storage functionality, including saving files, generating URLs, and token creation/verification. Refactored `get_storage_provider` into a separate dependency module. Enhanced test coverage for improved reliability.
Introduce a new endpoint to delete event themes, supporting both soft and hard deletes. Hard deletes are restricted to superusers, while soft deletes deactivate the theme. Also, improve error handling and user permission checks for this operation.
Removed redundant code for event retrieval and standardized logic by introducing a unified method for generating event endpoints. Updated tests to align with these changes, adding support for slug-based access and handling finer permission cases. Minor issues with test formatting and comments were also addressed.
Centralized event access validation into a reusable `validate_event_access` function, eliminating duplicated code across endpoints. Updated the logic in `get_event` and `get_event_by_slug` to use this function. Adjusted tests to align with the refactored logic and fixed permission-based response statuses.
Updated event API to enforce stricter access controls based on user roles, including creators, managers, superusers, and guests. Added robust test cases for creating, fetching, and handling event access scenarios to ensure consistent behavior across endpoints.
Ensure that all event-related endpoints verify the presence of a valid authenticated user before proceeding. Raise a 401 Unauthorized error if authentication credentials are missing or invalid, enhancing the security of API routes.
Refactored the event API routes to improve error handling, add logging, and provide enhanced response structures with pagination. Updated tests to use new fixtures and include additional authentication utilities to facilitate testing with FastAPI's dependency injection. Also resolved issues with timezone awareness in event schemas.
Introduced routes for event management, including CRUD operations and querying by user or public visibility. Updated event themes routes with operation IDs for better documentation. Refactored `api/main.py` to `api/router.py` and integrated events routing into the API.
Renamed `event_theme` and `test_user_schema` file paths and imports to follow consistent plural naming conventions. This improves code clarity and aligns file and import naming across the project.
Implemented API endpoints for creating, reading, updating, and listing event themes. Integrated the new routes into the FastAPI application router under the '/event_themes' prefix.
This commit adds the `operation_id` parameter to all relevant API endpoints in the `auth` routes. These identifiers enhance API documentation and make routes easier to distinguish in tools like Swagger or OpenAPI. No functionality is altered, but these additions improve clarity and maintainability.
Implemented comprehensive authentication endpoints including user registration, login, token refresh, password change, and user info retrieval. Added extensive test cases for these endpoints to ensure functionality and error handling.
Moved `auth` module from `dependencies.py` to `dependencies/auth.py` for better organization. Added extensive unit tests for authentication services and API dependencies to ensure robust verification of users, tokens, and permissions.
Eliminated the `RevokedToken` model and associated logic for managing token revocation. Removed unused files, related tests, and outdated dependencies in authentication modules. Simplified token decoding, user validation, and dependency injection by streamlining the flow and enhancing maintainability.
This commit introduces a system to revoke tokens by storing their `jti` in a new `RevokedToken` model. It includes APIs for logging out (revoking a current token) and logging out from all devices (revoking all tokens). Additionally, token validation now checks revocation status during the decode process.
Introduces schemas for user management, token handling, and password hashing. Implements routes for user registration, login, token refresh, and user info retrieval. Sets up authentication dependencies and integrates the API router with the application.
