Merge pull request #9 from Kalgoc/budget

Budget

Author: mjsifri

authentication/decorators.py

@@ -7,14 +7,27 @@
 
 def cognito_authenticated(func):
     @wraps(func)
-    @api_view(["GET", "POST", "PUT", "DELETE"])
-    @authentication_classes([CognitoAuthentication])
-    def wrapper(request, *args, **kwargs):
-        if not request.user or not hasattr(request.user, "get"):
+    def wrapper(self, request, *args, **kwargs):
+        auth = CognitoAuthentication()
+        try:
+            result = auth.authenticate(request)
+            if result is None:
+                return Response(
+                    {"error": "Authentication credentials were not provided or are invalid."},
+                    status=status.HTTP_401_UNAUTHORIZED,
+                )
+            user, auth_error = result
+            if auth_error or not user:
+                return Response(
+                    {"error": "Authentication credentials were not provided or are invalid."},
+                    status=status.HTTP_401_UNAUTHORIZED,
+                )
+            request.user = user
+            return func(self, request, *args, **kwargs)
+        except Exception as e:
             return Response(
-                {"error": "Authentication credentials were not provided or are invalid."},
-                status=status.HTTP_401_UNAUTHORIZED,
+                {"error": f"Authentication failed: {str(e)}"},
+                status=status.HTTP_500_INTERNAL_SERVER_ERROR,
             )
-        return func(request, *args, **kwargs)
 
     return wrapper

budget/__init__.py

@@ -0,0 +1,9 @@
+# budget/admin.py
+from django.contrib import admin
+from .models import Budget
+
+
+@admin.register(Budget)
+class BudgetAdmin(admin.ModelAdmin):
+    list_display = ("username", "amount", "created_at", "updated_at")
+    search_fields = ("username", "amount")

budget/admin.py

@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class BudgetConfig(AppConfig):
+    default_auto_field = "django.db.models.BigAutoField"
+    name = "budget"

budget/apps.py

@@ -0,0 +1,23 @@
+# Generated by Django 5.0.6 on 2024-06-10 16:41
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = []
+
+    operations = [
+        migrations.CreateModel(
+            name="Budget",
+            fields=[
+                ("id", models.AutoField(primary_key=True, serialize=False)),
+                ("username", models.UUIDField()),
+                ("amount", models.IntegerField()),
+                ("created_at", models.DateTimeField(auto_now_add=True)),
+                ("updated_at", models.DateTimeField(auto_now=True)),
+            ],
+        ),
+    ]

budget/migrations/0001_initial.py

@@ -0,0 +1,15 @@
+# budget/models.py
+from django.db import models
+from django.conf import settings
+import uuid
+
+
+class Budget(models.Model):
+    id = models.AutoField(primary_key=True)
+    username = models.UUIDField()
+    amount = models.IntegerField()
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+
+    def __str__(self):
+        return f"{self.user}'s budget: {self.amount}"

budget/migrations/__init__.py

@@ -0,0 +1,15 @@
+from rest_framework import serializers
+from .models import Budget
+
+
+class BudgetSerializer(serializers.Serializer):
+    username = serializers.UUIDField()
+    amount = serializers.IntegerField()
+
+    def create(self, validated_data):
+        return Budget.objects.create(**validated_data)
+
+    def update(self, instance, validated_data):
+        instance.amount = validated_data.get("amount", instance.amount)
+        instance.save()
+        return instance

budget/models.py

@@ -0,0 +1,76 @@
+from django.test import TestCase
+from unittest.mock import patch
+from rest_framework.test import APIClient
+from rest_framework import status
+from authentication.services.cognito_service import CognitoService
+from budget.views import BudgetViewSet
+from rest_framework.response import Response
+
+
+class BudgetViewSetTests(TestCase):
+    def setUp(self):
+        self.client = APIClient()
+        self.view = BudgetViewSet()
+
+    @patch.object(BudgetViewSet, "create")
+    @patch.object(CognitoService, "login_user")
+    def test_create(self, mock_login_user, mock_create):
+        mock_login_user.return_value = {
+            "AuthenticationResult": {"AccessToken": "mock_access_token", "IdToken": "mock_id_token"}
+        }
+        mock_create.return_value = Response(status=status.HTTP_201_CREATED, data={"amount": 100})
+
+        request = self.client.post("/budget/", {"amount": 100})
+        request.headers["Authorization"] = "Bearer mock_access_token"
+
+        response = self.client.post("/budget/", {"amount": 100})
+
+        self.assertEqual(response.status_code, status.HTTP_201_CREATED)
+        self.assertEqual(response.data["amount"], 100)
+
+    @patch.object(BudgetViewSet, "list")
+    @patch.object(CognitoService, "login_user")
+    def test_list(self, mock_login_user, mock_list):
+        mock_login_user.return_value = {
+            "AuthenticationResult": {"AccessToken": "mock_access_token", "IdToken": "mock_id_token"}
+        }
+        mock_list.return_value = Response(status=status.HTTP_200_OK, data={"amount": 100})
+
+        request = self.client.get("/budget/")
+        request.headers["Authorization"] = "Bearer mock_access_token"
+
+        response = self.client.get("/budget/")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["amount"], 100)
+
+    @patch.object(BudgetViewSet, "destroy")
+    @patch.object(CognitoService, "login_user")
+    def test_destroy(self, mock_login_user, mock_destroy):
+        mock_login_user.return_value = {
+            "AuthenticationResult": {"AccessToken": "mock_access_token", "IdToken": "mock_id_token"}
+        }
+        mock_destroy.return_value = Response(status=status.HTTP_204_NO_CONTENT)
+
+        request = self.client.delete("/budget/")
+        request.headers["Authorization"] = "Bearer mock_access_token"
+
+        response = self.client.delete("/budget/")
+
+        self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
+
+    @patch.object(BudgetViewSet, "partial_update")
+    @patch.object(CognitoService, "login_user")
+    def test_partial_update(self, mock_login_user, mock_partial_update):
+        mock_login_user.return_value = {
+            "AuthenticationResult": {"AccessToken": "mock_access_token", "IdToken": "mock_id_token"}
+        }
+        mock_partial_update.return_value = Response(status=status.HTTP_200_OK, data={"amount": 200})
+
+        request = self.client.put("/budget/", {"amount": 200})
+        request.headers["Authorization"] = "Bearer mock_access_token"
+
+        response = self.client.put("/budget/", {"amount": 200})
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["amount"], 200)

budget/serializers.py

@@ -0,0 +1,11 @@
+# budget/urls.py
+from django.urls import path
+from .views import BudgetViewSet
+
+urlpatterns = [
+    path(
+        "",
+        BudgetViewSet.as_view({"get": "list", "post": "create", "delete": "destroy", "put": "partial_update"}),
+        name="budget",
+    ),
+]

budget/tests.py

@@ -0,0 +1,82 @@
+from rest_framework import viewsets, status
+from rest_framework.response import Response
+from .models import Budget
+from .serializers import BudgetSerializer
+from authentication.decorators import cognito_authenticated
+import jwt
+
+
+class BudgetViewSet(viewsets.ViewSet):
+    def get_user_id_from_token(self, request):
+        try:
+            authorization_header = request.headers.get("Authorization")
+            if not authorization_header:
+                raise Exception("Authorization header not found")
+
+            token = authorization_header.split()[1]
+            decoded_token = jwt.decode(token, options={"verify_signature": False})
+            user_id = decoded_token.get("username")
+            if not user_id:
+                raise Exception("User ID not found in token")
+            return user_id
+        except jwt.DecodeError:
+            raise Exception("Invalid token")
+        except jwt.ExpiredSignatureError:
+            raise Exception("Expired token")
+        except Exception as e:
+            raise Exception(f"Error decoding token: {e}")
+
+    @cognito_authenticated
+    def list(self, request):
+        try:
+            username = self.get_user_id_from_token(request)
+            budget = Budget.objects.filter(username=username).order_by("-created_at").first()
+            serializer = BudgetSerializer(budget)
+            return Response(data={"amount": serializer.data["amount"]})
+        except Budget.DoesNotExist:
+            return Response({"error": "Budget not found"}, status=status.HTTP_404_NOT_FOUND)
+        except Exception as e:
+            return Response({"error": str(e)}, status=status.HTTP_500_INTERNAL_SERVER_ERROR)
+
+    @cognito_authenticated
+    def create(self, request):
+        try:
+            user_id = self.get_user_id_from_token(request)
+            data = request.data.copy()
+            data["username"] = user_id
+
+            serializer = BudgetSerializer(data=data)
+            print(serializer)
+            if serializer.is_valid():
+                serializer.save()
+                return Response(data={"amount": serializer.data["amount"]}, status=status.HTTP_201_CREATED)
+            return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
+        except Exception as e:
+            return Response({"error": str(e)}, status=status.HTTP_500_INTERNAL_SERVER_ERROR)
+
+    @cognito_authenticated
+    def destroy(self, request):
+        try:
+            username = self.get_user_id_from_token(request)
+            budget = Budget.objects.filter(username=username).order_by("-created_at").first()
+            budget.delete()
+            return Response(status=status.HTTP_204_NO_CONTENT)
+        except Budget.DoesNotExist:
+            return Response({"error": "Budget not found"}, status=status.HTTP_404_NOT_FOUND)
+        except Exception as e:
+            return Response({"error": str(e)}, status=status.HTTP_500_INTERNAL_SERVER_ERROR)
+
+    @cognito_authenticated
+    def partial_update(self, request):
+        try:
+            username = self.get_user_id_from_token(request)
+            budget = Budget.objects.filter(username=username).order_by("-created_at").first()
+            serializer = BudgetSerializer(budget, data=request.data, partial=True)
+            if serializer.is_valid():
+                serializer.save()
+                return Response(data={"amount": serializer.data["amount"]})
+            return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
+        except Budget.DoesNotExist:
+            return Response({"error": "Budget not found"}, status=status.HTTP_404_NOT_FOUND)
+        except Exception as e:
+            return Response({"error": str(e)}, status=status.HTTP_500_INTERNAL_SERVER_ERROR)

budget/urls.py

@@ -12,8 +12,6 @@ services:
       - "5432:5432"
     networks:
       - app_network
-    environment:
-      POSTGRES_HOST_AUTH_METHOD: trust
 
   web:
     build:

budget/views.py

@@ -45,6 +45,7 @@
     "rest_framework",
     "playground",
     "authentication",
+    "budget",
 ]
 
 REST_FRAMEWORK = {

docker-compose.yml

@@ -22,4 +22,5 @@
     path("admin/", admin.site.urls),
     path("auth/", include("authentication.urls")),
     path("playground/", include("playground.urls")),
+    path("budget/", include("budget.urls")),
 ]