Refactor database initialization and remove Alembic migrations
- Removed legacy Alembic migration files and consolidated schema management into a new Pydantic-backed initializer (`scripts/init_db.py`). - Updated `main.py` to ensure the new DB initializer runs on startup, maintaining idempotency. - Adjusted session management in `config/database.py` to prevent DetachedInstanceError. - Introduced new enums in `models/enums.py` for better organization and clarity. - Refactored various models to utilize the new enums, improving code maintainability. - Enhanced middleware to handle JSON validation more robustly, ensuring non-JSON requests do not trigger JSON errors. - Added tests for middleware and enums to ensure expected behavior and consistency. - Updated changelog to reflect significant changes and improvements.
This commit is contained in:
@@ -8,6 +8,7 @@ from starlette.middleware.base import BaseHTTPMiddleware, RequestResponseEndpoin
|
||||
from starlette.types import ASGIApp
|
||||
|
||||
from config.settings import Settings, get_settings
|
||||
from sqlalchemy.orm.exc import DetachedInstanceError
|
||||
from models import User
|
||||
from monitoring.metrics import ACTIVE_CONNECTIONS
|
||||
from services.exceptions import EntityNotFoundError
|
||||
@@ -66,21 +67,42 @@ class AuthSessionMiddleware(BaseHTTPMiddleware):
|
||||
resolved = self._resolve_session(request)
|
||||
|
||||
# Track active sessions for authenticated users
|
||||
if resolved.session.user and resolved.session.user.is_active:
|
||||
try:
|
||||
user_active = bool(resolved.session.user and getattr(
|
||||
resolved.session.user, "is_active", False))
|
||||
except DetachedInstanceError:
|
||||
user_active = False
|
||||
|
||||
if user_active:
|
||||
AuthSessionMiddleware._active_sessions += 1
|
||||
ACTIVE_CONNECTIONS.set(AuthSessionMiddleware._active_sessions)
|
||||
|
||||
response: Response | None = None
|
||||
try:
|
||||
response = await call_next(request)
|
||||
return response
|
||||
finally:
|
||||
# Decrement on response
|
||||
if resolved.session.user and resolved.session.user.is_active:
|
||||
# Always decrement the active sessions counter if we incremented it.
|
||||
if user_active:
|
||||
AuthSessionMiddleware._active_sessions = max(
|
||||
0, AuthSessionMiddleware._active_sessions - 1)
|
||||
ACTIVE_CONNECTIONS.set(AuthSessionMiddleware._active_sessions)
|
||||
|
||||
self._apply_session(response, resolved)
|
||||
# Only apply session cookies if a response was produced by downstream
|
||||
# application. If an exception occurred before a response was created
|
||||
# we avoid raising another error here.
|
||||
import logging
|
||||
if response is not None:
|
||||
try:
|
||||
self._apply_session(response, resolved)
|
||||
except Exception:
|
||||
logging.getLogger(__name__).exception(
|
||||
"Failed to apply session cookies to response"
|
||||
)
|
||||
else:
|
||||
logging.getLogger(__name__).debug(
|
||||
"AuthSessionMiddleware: no response produced by downstream app (response is None)"
|
||||
)
|
||||
|
||||
def _resolve_session(self, request: Request) -> _ResolutionResult:
|
||||
settings = self._settings_provider()
|
||||
|
||||
@@ -10,10 +10,14 @@ async def validate_json(
|
||||
) -> Response:
|
||||
# Only validate JSON for requests with a body
|
||||
if request.method in ("POST", "PUT", "PATCH"):
|
||||
try:
|
||||
# attempt to parse json body
|
||||
await request.json()
|
||||
except Exception:
|
||||
raise HTTPException(status_code=400, detail="Invalid JSON payload")
|
||||
# Only attempt JSON parsing when the client indicates a JSON content type.
|
||||
content_type = (request.headers.get("content-type") or "").lower()
|
||||
if "json" in content_type:
|
||||
try:
|
||||
# attempt to parse json body
|
||||
await request.json()
|
||||
except Exception:
|
||||
raise HTTPException(
|
||||
status_code=400, detail="Invalid JSON payload")
|
||||
response = await call_next(request)
|
||||
return response
|
||||
|
||||
Reference in New Issue
Block a user