kincses/service-finder
1
0
Fork 0
Code Issues 7 Pull Requests Packages Projects 2 Releases Wiki Activity
Files
cab87069802da9755559ea2fa6c25f301a09a41a
service-finder/backend/app/services/auth_service_old2.py
Kincses 714de9dd93 Refactor: Auth & Identity System v1.4 
- Fix: Resolved SQLAlchemy Mapper error for 'UserVehicle' using string-based relationships.
- Fix: Fixed Postgres Enum case sensitivity issue for 'userrole' (forcing lowercase 'user').
- Fix: Resolved ImportError for 'create_access_token' in security module.
- Feature: Implemented 2-step registration protocol (Lite Register -> KYC Step).
- Data: Added bank-level KYC fields (mother's name, ID/Driver/Boat/Pilot license expiry and categories).
- Business: Applied private fleet isolation (is_transferable=False for individual orgs).
- Docs: Updated Grand Master Book to v1.4 and added Developer Pitfalls guide.
2026-02-06 00:14:17 +00:00

145 lines
6.0 KiB
Python
Raw Blame History

# /opt/docker/dev/service_finder/backend/app/services/auth_service.py
from datetime import datetime, timezone, timedelta
from typing import Optional, Dict, Any
import logging
from sqlalchemy.ext.asyncio import AsyncSession
from sqlalchemy import select, and_, text
from app.models.identity import User, Person, Wallet, UserRole
from app.models.organization import Organization, OrgType
from app.models.vehicle import OrganizationMember
from app.schemas.auth import UserRegister
from app.core.security import get_password_hash, create_access_token
from app.services.email_manager import email_manager
logger = logging.getLogger(__name__)
class AuthService:
@staticmethod
async def get_setting(db: AsyncSession, key: str, default: Any = None) -> Any:
"""Admin felületről állítható változók lekérése."""
try:
stmt = text("SELECT value FROM data.system_settings WHERE key = :key")
result = await db.execute(stmt, {"key": key})
val = result.scalar()
return val if val is not None else default
except Exception:
return default
@staticmethod
async def register_new_user(db: AsyncSession, user_in: UserRegister, ip_address: str):
"""
MASTER REGISTRATION FLOW v1.3 (Full Integration)
"""
try:
# 1. KYC ADATOK (Banki szintű nyilvántartás)
kyc_data = {
"id_card": {
"number": user_in.id_card_number,
"expiry": str(user_in.id_card_expiry) if user_in.id_card_expiry else None
},
"driver_license": {
"number": user_in.driver_license_number,
"expiry": str(user_in.driver_license_expiry) if user_in.driver_license_expiry else None,
"categories": user_in.driver_license_categories
},
"special_licenses": {
"boat": user_in.boat_license_number,
"pilot": user_in.pilot_license_number
}
}
# 2. PERSON LÉTREHOZÁSA (Digitális Iker alapja)
new_person = Person(
first_name=user_in.first_name,
last_name=user_in.last_name,
mothers_name=user_in.mothers_name,
birth_place=user_in.birth_place,
birth_date=user_in.birth_date,
identity_docs=kyc_data
)
db.add(new_person)
await db.flush()
# 3. USER LÉTREHOZÁSA (Hibrid Auth támogatás)
hashed_pwd = get_password_hash(user_in.password) if user_in.password else None
new_user = User(
email=user_in.email,
hashed_password=hashed_pwd,
social_provider=user_in.social_provider,
social_id=user_in.social_id,
person_id=new_person.id,
role=UserRole.USER,
region_code=user_in.region_code,
is_active=True
)
db.add(new_user)
await db.flush()
# 4. ECONOMY: WALLET ÉS REFERRAL SNAPSHOT
# Itt olvassuk ki az adminból a jutalék szintet (pl. 10%)
l1_commission = await AuthService.get_setting(db, "referral.level1", 10)
db.add(Wallet(user_id=new_user.id, coin_balance=0.00, xp_balance=0))
# 5. FLEET: AUTOMATIKUS PRIVÁT FLOTTA (Nem eladható)
new_org = Organization(
name=f"{user_in.last_name} {user_in.first_name} Private Fleet",
org_type=OrgType.INDIVIDUAL,
owner_id=new_user.id,
is_transferable=False
)
db.add(new_org)
await db.flush()
# Saját flotta tulajdonjog rögzítése
db.add(OrganizationMember(organization_id=new_org.id, user_id=new_user.id, role="owner"))
# 6. MEGHÍVÓ FELDOLGOZÁSA (Csatlakozás másik céghez)
if user_in.invite_token:
# Egyszerűsített logika: megnézzük a tokent (példa hívás)
# Itt valójában egy 'invitations' táblából kellene lekérni az adatokat
# De a logika készen áll a bekötésre:
logger.info(f"Processing invite token: {user_in.invite_token}")
# db.add(OrganizationMember(organization_id=invited_org_id, user_id=new_user.id, role=invited_role))
# 7. AUDIT LOG (Minden lépés visszakövethető)
audit_stmt = text("""
INSERT INTO data.audit_logs (user_id, action, endpoint, method, ip_address, created_at)
VALUES (:uid, 'USER_REGISTERED_COMPLETE_V1.3', '/api/v1/auth/register', 'POST', :ip, :now)
""")
await db.execute(audit_stmt, {
"uid": new_user.id, "ip": ip_address, "now": datetime.now(timezone.utc)
})
# 8. JUTALMAZÁS (Admin beállítás alapján)
reward_days = await AuthService.get_setting(db, "auth.reward_days", 14)
# 9. EMAIL KÜLDÉS
try:
await email_manager.send_email(
recipient=user_in.email,
template_key="registration_welcome",
variables={
"first_name": user_in.first_name,
"reward_days": reward_days
},
user_id=new_user.id
)
except Exception as e:
logger.warning(f"Email delivery skipped during reg: {str(e)}")
await db.commit()
await db.refresh(new_user)
return new_user
except Exception as e:
await db.rollback()
logger.error(f"Critical error in register_new_user: {str(e)}")
raise e
@staticmethod
async def check_email_availability(db: AsyncSession, email: str) -> bool:
query = select(User).where(and_(User.email == email, User.is_deleted == False))
result = await db.execute(query)
return result.scalar_one_or_none() is None
Reference in New Issue View Git Blame Copy Permalink