aabar/fastapi_server.py at main · MPUWM/aabar · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
from fastapi import FastAPI, HTTPException, Depends, Security
from fastapi.middleware.cors import CORSMiddleware
from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
from pydantic import BaseModel
from sqlalchemy import Column, Integer, String, Float, Boolean, create_engine
from sqlalchemy.ext.declarative import declarative_base
from sqlalchemy.orm import sessionmaker
import jwt
import hashlib
import datetime

app = FastAPI()

app.add_middleware(
    CORSMiddleware,
    allow_origins=["*"],
    allow_methods=["*"],
    allow_headers=["*"],
)

SECRET_KEY = "PLEASEDONOTTROWSAUSAGEPIZZAAWAY"
ALGORITHM = "HS256"
security = HTTPBearer()

DATABASE_URL_USERS = "sqlite:///./users.db"
DATABASE_URL_WELLS = "sqlite:///./wells.db"

engine_users = create_engine(DATABASE_URL_USERS, connect_args={"check_same_thread": False})
engine_wells = create_engine(DATABASE_URL_WELLS, connect_args={"check_same_thread": False})

SessionLocalUsers = sessionmaker(autocommit=False, autoflush=False, bind=engine_users)
SessionLocalWells = sessionmaker(autocommit=False, autoflush=False, bind=engine_wells)

BaseUsers = declarative_base()
BaseWells = declarative_base()

class User(BaseUsers):
    __tablename__ = "users"
    id = Column(Integer, primary_key=True, index=True)
    username = Column(String, unique=True, index=True, nullable=False)
    hashed_password = Column(String, nullable=False)
    first_name = Column(String, nullable=False)
    last_name = Column(String, nullable=False)
    gender = Column(String, nullable=False)
    nationality = Column(String, nullable=False)
    id_number = Column(String, nullable=False)
    city = Column(String, nullable=False)

class Well(BaseWells):
    __tablename__ = "wells"
    id = Column(Integer, primary_key=True, index=True)
    username = Column(String, nullable=False)
    first_name = Column(String, nullable=False)
    last_name = Column(String, nullable=False)
    gender = Column(String, nullable=False)
    nationality = Column(String, nullable=False)
    id_number = Column(String, nullable=False)
    city = Column(String, nullable=False)
    lon = Column(Float, nullable=False)
    lat = Column(Float, nullable=False)
    licensed = Column(Boolean, default=False)
    license_code = Column(String, nullable=True)
    predicted_depth = Column(Float, nullable=False)

BaseUsers.metadata.create_all(bind=engine_users)
BaseWells.metadata.create_all(bind=engine_wells)

def get_db_users():
    db = SessionLocalUsers()
    try:
        yield db
    finally:
        db.close()

def get_db_wells():
    db = SessionLocalWells()
    try:
        yield db
    finally:
        db.close()

def hash_password(password: str) -> str:
    return hashlib.sha256(password.encode()).hexdigest()

def create_jwt_token(username: str) -> str:
    payload = {
        "sub": username,
        "exp": datetime.datetime.utcnow() + datetime.timedelta(days=1),
    }
    return jwt.encode(payload, SECRET_KEY, algorithm=ALGORITHM)

def decode_jwt_token(token: str) -> str:
    try:
        payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
        return payload.get("sub")
    except jwt.ExpiredSignatureError:
        raise HTTPException(status_code=401, detail="Token has expired")
    except jwt.InvalidTokenError:
        raise HTTPException(status_code=401, detail="Invalid token")

class UserCreate(BaseModel):
    username: str
    password: str
    first_name: str
    last_name: str
    gender: str
    nationality: str
    id_number: str
    city: str

class UserUpdate(BaseModel):
    username: str | None = None  # Optional field for changing username
    first_name: str
    last_name: str
    gender: str
    nationality: str
    id_number: str
    city: str
    password: str  # Current password for verification
    new_password: str | None = None  # Optional field for updating password

class UserLogin(BaseModel):
    username: str
    password: str

class CoordinatesModel(BaseModel):
    lat: float
    lon: float

class LicenseWellRequest(BaseModel):
    lat: float
    lon: float
    predicted_depth: float

current_coordinates = {"lat": None, "lon": None}

@app.post("/signup")
def signup(user: UserCreate, db: SessionLocalUsers = Depends(get_db_users)):
    if db.query(User).filter(User.username == user.username).first():
        raise HTTPException(status_code=400, detail="User already exists")

    new_user = User(
        username=user.username,
        hashed_password=hash_password(user.password),
        first_name=user.first_name,
        last_name=user.last_name,
        gender=user.gender,
        nationality=user.nationality,
        id_number=user.id_number,
        city=user.city,
    )
    db.add(new_user)
    db.commit()
    db.refresh(new_user)
    return {"success": True, "message": "Account created successfully"}

@app.post("/login")
def login(user: UserLogin, db: SessionLocalUsers = Depends(get_db_users)):
    db_user = db.query(User).filter(User.username == user.username).first()
    if not db_user or db_user.hashed_password != hash_password(user.password):
        raise HTTPException(status_code=401, detail="Invalid credentials")

    token = create_jwt_token(user.username)
    return {"success": True, "token": token}

@app.post("/set_coordinates")
async def set_coordinates(coords: CoordinatesModel):
    current_coordinates["lat"] = coords.lat
    current_coordinates["lon"] = coords.lon
    return {"status": "success"}

@app.get("/get_coordinates")
async def get_coordinates():
    return current_coordinates

@app.post("/license_well")
def license_well(
    request: LicenseWellRequest,
    credentials: HTTPAuthorizationCredentials = Security(security),
    db_users: SessionLocalUsers = Depends(get_db_users),
    db_wells: SessionLocalWells = Depends(get_db_wells)
):
    username = decode_jwt_token(credentials.credentials)

    user = db_users.query(User).filter(User.username == username).first()
    if not user:
        raise HTTPException(status_code=404, detail="User not found")

    if request.lat is None or request.lon is None:
        raise HTTPException(status_code=400, detail="Coordinates not set")

    new_well = Well(
        username=user.username,
        first_name=user.first_name,
        last_name=user.last_name,
        gender=user.gender,
        nationality=user.nationality,
        id_number=user.id_number,
        city=user.city,
        lon=request.lon,
        lat=request.lat,
        licensed=False,
        license_code=None,
        predicted_depth=request.predicted_depth
    )
    db_wells.add(new_well)
    db_wells.commit()
    db_wells.refresh(new_well)
    return {"success": True, "message": "Well licensed", "well_id": new_well.id}
@app.get("/wells/{username}")
def get_wells_by_user(username: str, db: SessionLocalWells = Depends(get_db_wells)):
    wells = db.query(Well).filter(Well.username == username).all()
    if not wells:
        raise HTTPException(status_code=404, detail="No wells found for this user")
    return wells

# Helper function to convert Well model to dictionary format for JSON response
def well_to_dict(well: Well):
    return {
        "id": well.id,
        "lat": well.lat,
        "lon": well.lon,
        "predicted_depth": well.predicted_depth,
        "licensed": well.licensed,
        "license_code": well.license_code,
    }

@app.get("/get_user/{username}")
def get_user_info(username: str, db: SessionLocalUsers = Depends(get_db_users)):
    user = db.query(User).filter(User.username == username).first()
    if not user:
        raise HTTPException(status_code=404, detail="User not found")

    return {
        "username": user.username,
        "first_name": user.first_name,
        "last_name": user.last_name,
        "gender": user.gender,
        "nationality": user.nationality,
        "id_number": user.id_number,
        "city": user.city,
    }

@app.post("/update_user_info/{username}")
def update_user_info(
    username: str,
    user_data: UserUpdate,
    db_users: SessionLocalUsers = Depends(get_db_users),
    db_wells: SessionLocalWells = Depends(get_db_wells),
):
    user = db_users.query(User).filter(User.username == username).first()
    if not user:
        raise HTTPException(status_code=404, detail="User not found")

    # Verify current password
    if user.hashed_password != hash_password(user_data.password):
        raise HTTPException(status_code=400, detail="Incorrect password")

    # Check for new username conflict
    if user_data.username and user_data.username != username:
        if db_users.query(User).filter(User.username == user_data.username).first():
            raise HTTPException(status_code=400, detail="Username already exists")
        user.username = user_data.username

    # Update other user details
    user.first_name = user_data.first_name
    user.last_name = user_data.last_name
    user.gender = user_data.gender
    user.nationality = user_data.nationality
    user.id_number = user_data.id_number
    user.city = user_data.city

    # Update password if provided
    if user_data.new_password:
        user.hashed_password = hash_password(user_data.new_password)

    # Update corresponding wells data
    wells = db_wells.query(Well).filter(Well.username == username).all()
    for well in wells:
        well.username = user_data.username or username  # Update username if changed
        well.first_name = user_data.first_name
        well.last_name = user_data.last_name
        well.gender = user_data.gender
        well.nationality = user_data.nationality
        well.id_number = user_data.id_number
        well.city = user_data.city

    db_users.commit()
    db_wells.commit()
    return {"success": True, "message": "User information updated successfully"}