Introduced a new route to fetch all guest gift reservations, ensuring API compatibility with GiftPurchase objects. Refactored CRUD functions to optimize data fetching and avoid N+1 queries. Added validation to restrict access to non-public event-related reservations.
Allow cancellation of gifts with a status of either RESERVED or RECEIVED. This ensures consistency in handling gift statuses during reservation management across the application.
Validate uniqueness of invitation codes during guest creation to prevent duplicates. Automatically generate an 8-character code if none is provided, ensuring consistent data handling. Updated tests and schemas to support these changes.
This commit introduces a new RSVP module with endpoints for creating, reading, updating, and deleting RSVPs, along with a custom status update endpoint. The router is integrated into the events API, providing full RSVP management capabilities. Validation and error handling have been implemented to ensure data consistency.
Introduce a new API for managing event guests, including endpoints for creating, reading, updating, deleting, and changing guest status. Added corresponding Pydantic schemas, database CRUD logic, and extensive test coverage to validate functionality. Integrated the guests API under the events router.
Replaces ambiguous shorthand references like `event` and `user` with more descriptive names such as `event_crud` and `user_crud`. Updates imports, function calls, tests, and other references across the codebase to maintain consistency. This improves code readability and reduces potential confusion.
Updated conditions to check 'uploads/' without a leading slash across preview, background, foreground, and asset image URLs. This ensures consistent handling of URLs during the relocation process and avoids potential mismatches in the path string comparison.
Replaced calls to get_file_url with get_uploaded_file_url where appropriate. Added the get_uploaded_file_url method to the StorageProvider class and its implementations for more specific URL generation. Updated corresponding tests and API routes to reflect this change.
The `operation_id` field was added to the `generate_presigned_url` and `upload_file` endpoints. This enhances the OpenAPI documentation by providing unique identifiers for better API clarity and client generation.
Enhanced theme creation and update logic to include proper file organization by relocating and managing URLs for images and assets. Introduced roles validation to restrict access to superusers for these operations. Updated tests to align with the refactored logic and dependencies.
Implemented endpoints for generating presigned URLs and handling file uploads. Added corresponding test cases to ensure proper functionality and error handling. Updated the main router to include the new uploads API.
Introduced new fixtures and tests for storage functionality, including saving files, generating URLs, and token creation/verification. Refactored `get_storage_provider` into a separate dependency module. Enhanced test coverage for improved reliability.
Introduce a new endpoint to delete event themes, supporting both soft and hard deletes. Hard deletes are restricted to superusers, while soft deletes deactivate the theme. Also, improve error handling and user permission checks for this operation.
Removed redundant code for event retrieval and standardized logic by introducing a unified method for generating event endpoints. Updated tests to align with these changes, adding support for slug-based access and handling finer permission cases. Minor issues with test formatting and comments were also addressed.
Centralized event access validation into a reusable `validate_event_access` function, eliminating duplicated code across endpoints. Updated the logic in `get_event` and `get_event_by_slug` to use this function. Adjusted tests to align with the refactored logic and fixed permission-based response statuses.
Updated event API to enforce stricter access controls based on user roles, including creators, managers, superusers, and guests. Added robust test cases for creating, fetching, and handling event access scenarios to ensure consistent behavior across endpoints.
Ensure that all event-related endpoints verify the presence of a valid authenticated user before proceeding. Raise a 401 Unauthorized error if authentication credentials are missing or invalid, enhancing the security of API routes.
Refactored the event API routes to improve error handling, add logging, and provide enhanced response structures with pagination. Updated tests to use new fixtures and include additional authentication utilities to facilitate testing with FastAPI's dependency injection. Also resolved issues with timezone awareness in event schemas.
Introduced routes for event management, including CRUD operations and querying by user or public visibility. Updated event themes routes with operation IDs for better documentation. Refactored `api/main.py` to `api/router.py` and integrated events routing into the API.
Renamed `event_theme` and `test_user_schema` file paths and imports to follow consistent plural naming conventions. This improves code clarity and aligns file and import naming across the project.
Implemented API endpoints for creating, reading, updating, and listing event themes. Integrated the new routes into the FastAPI application router under the '/event_themes' prefix.
This commit adds the `operation_id` parameter to all relevant API endpoints in the `auth` routes. These identifiers enhance API documentation and make routes easier to distinguish in tools like Swagger or OpenAPI. No functionality is altered, but these additions improve clarity and maintainability.
Implemented comprehensive authentication endpoints including user registration, login, token refresh, password change, and user info retrieval. Added extensive test cases for these endpoints to ensure functionality and error handling.
Moved `auth` module from `dependencies.py` to `dependencies/auth.py` for better organization. Added extensive unit tests for authentication services and API dependencies to ensure robust verification of users, tokens, and permissions.
Eliminated the `RevokedToken` model and associated logic for managing token revocation. Removed unused files, related tests, and outdated dependencies in authentication modules. Simplified token decoding, user validation, and dependency injection by streamlining the flow and enhancing maintainability.
This commit introduces a system to revoke tokens by storing their `jti` in a new `RevokedToken` model. It includes APIs for logging out (revoking a current token) and logging out from all devices (revoking all tokens). Additionally, token validation now checks revocation status during the decode process.
Introduces schemas for user management, token handling, and password hashing. Implements routes for user registration, login, token refresh, and user info retrieval. Sets up authentication dependencies and integrates the API router with the application.
