Add account management endpoints and schemas #36
Conversation
Implemented user registration, activation, login, token refresh, and password reset endpoints in `accounts.py`. Added corresponding Pydantic schemas for request and response validation. Updated import paths and `.flake8` config for better project structure and linting support.
There was a problem hiding this comment.
Great job on implementing the core functionality and meeting the task requirements! 🎉 While there are some areas for improvement, such as ensuring password hashing for security and refining some schema definitions, these do not critically impact the functionality. Keep up the good work and consider the feedback for future enhancements! 😊
✨ Please rate this review in the Platform's notification center. I will be grateful for your feedback! ✨
| detail="Invalid or expired activation token." | ||
| ) | ||
| if ( | ||
| utc.localize(user.activation_token.expires_at) < datetime.now(timezone.utc) |
There was a problem hiding this comment.
Using utc.localize() is unnecessary here since datetime.now(timezone.utc) already returns a timezone-aware datetime. Consider removing utc.localize() for clarity.
| if not ( | ||
| user.password_reset_token | ||
| and user.password_reset_token.token == password_reset_confirm_data.token | ||
| and utc.localize(user.password_reset_token.expires_at) > datetime.now(timezone.utc) |
There was a problem hiding this comment.
Using utc.localize() is unnecessary here since datetime.now(timezone.utc) already returns a timezone-aware datetime. Consider removing utc.localize() for clarity.
| ) | ||
|
|
||
| try: | ||
| user.password = password_reset_confirm_data.password |
There was a problem hiding this comment.
The password should be hashed before being stored in the database. Directly assigning the password without hashing is a security risk.
| "token_type": "bearer" | ||
| } | ||
|
|
||
| except SQLAlchemyError: |
There was a problem hiding this comment.
Consider adding db.rollback() here to ensure the database session is rolled back in case of an exception, preventing potential data inconsistencies.
|
|
||
|
|
||
| class UserActivationRequestSchema(BaseModel): | ||
| email: str |
There was a problem hiding this comment.
Consider using EmailStr for the email field to ensure email validation and consistency across schemas.
|
|
||
|
|
||
| class MessageResponseSchema(BaseModel): | ||
| pass |
There was a problem hiding this comment.
The MessageResponseSchema is currently empty. Define its fields if it's intended to be used, or remove it if it's unnecessary.
Updated the Base import path for better module clarity and consistency. Reformatted table column definitions for improved readability and added `extend_existing=True` to avoid conflicts during migrations.
The `Base` import was not being used in the `movies.py` file and has been removed. This cleanup improves code readability and eliminates unnecessary imports.
Simplified and reorganized imports in `accounts.py` for clarity and removed unused imports. Fixed missing `Base` inheritance in the `movies` model to ensure proper ORM functionality.
Implemented user registration, activation, login, token refresh, and password reset endpoints in
accounts.py. Added corresponding Pydantic schemas for request and response validation. Updated import paths and.flake8config for better project structure and linting support.