refactor: remove legacy user registration from auth_service

- Remove unused register_user() method and helper methods - Remove legacy UserRegister schema (customer registration uses CustomerService) - Remove wrapper methods that just delegated to auth_manager - Simplify auth_service to focus on login and vendor access control - Clean up tests to match simplified service The only registration path is now /api/v1/shop/auth/register for customers, which uses CustomerService.register_customer(). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-06 19:55:23 +01:00
parent b31fd41423
commit 0bfdf331d6
5 changed files with 77 additions and 611 deletions
--- a/app/services/auth_service.py
+++ b/app/services/auth_service.py
@@ -1,90 +1,40 @@
 # app/services/auth_service.py
 """
-Authentication service for user registration and login.
+Authentication service for user login and vendor access control.

-This module provides classes and functions for:
- User registration with validation
+This module provides:
 - User authentication and JWT token generation
- Password management and security
+- Vendor access verification
+- Password hashing utilities
+
+Note: Customer registration is handled by CustomerService.
+      User (admin/vendor team) creation is handled by their respective services.
 """

 import logging
-from datetime import UTC
 from typing import Any

 from sqlalchemy.orm import Session

 from app.exceptions import (
    InvalidCredentialsException,
-    UserAlreadyExistsException,
    UserNotActiveException,
-    ValidationException,
 )
 from middleware.auth import AuthManager
 from models.database.user import User
 from models.database.vendor import Vendor, VendorUser
-from models.schema.auth import UserLogin, UserRegister
+from models.schema.auth import UserLogin

 logger = logging.getLogger(__name__)


 class AuthService:
-    """Service class for authentication operations following the application's service pattern."""
+    """Service class for authentication operations."""

    def __init__(self):
-        """Class constructor."""
+        """Initialize with AuthManager instance."""
        self.auth_manager = AuthManager()

-    def register_user(self, db: Session, user_data: UserRegister) -> User:
-        """
-        Register a new user.
-
-        Args:
-            db: Database session
-            user_data: User registration data
-
-        Returns:
-            Created user object
-
-        Raises:
-            UserAlreadyExistsException: If email or username already exists
-            ValidationException: If user data is invalid
-        """
-        try:
-            # Check if email already exists
-            if self._email_exists(db, user_data.email):
-                raise UserAlreadyExistsException(
-                    "Email already registered", field="email"
-                )
-
-            # Check if username already exists
-            if self._username_exists(db, user_data.username):
-                raise UserAlreadyExistsException(
-                    "Username already taken", field="username"
-                )
-
-            # Hash password and create user
-            hashed_password = self.auth_manager.hash_password(user_data.password)
-            new_user = User(
-                email=user_data.email,
-                username=user_data.username,
-                hashed_password=hashed_password,
-                role="user",
-                is_active=True,
-            )
-
-            db.add(new_user)
-            db.flush()
-
-            logger.info(f"New user registered: {new_user.username}")
-            return new_user
-
-        except UserAlreadyExistsException:
-            raise  # Re-raise custom exceptions
-        except Exception as e:
-            logger.error(f"Error registering user: {str(e)}")
-            raise ValidationException("Registration failed")
-
    def login_user(self, db: Session, user_credentials: UserLogin) -> dict[str, Any]:
        """
        Login user and return JWT token with user data.
@@ -100,118 +50,31 @@ class AuthService:
            InvalidCredentialsException: If authentication fails
            UserNotActiveException: If user account is not active
        """
-        try:
-            user = self.auth_manager.authenticate_user(
-                db, user_credentials.email_or_username, user_credentials.password
-            )
-            if not user:
-                raise InvalidCredentialsException("Incorrect username or password")
+        user = self.auth_manager.authenticate_user(
+            db, user_credentials.email_or_username, user_credentials.password
+        )
+        if not user:
+            raise InvalidCredentialsException("Incorrect username or password")

-            # Check if user is active
-            if not user.is_active:
-                raise UserNotActiveException("User account is not active")
+        if not user.is_active:
+            raise UserNotActiveException("User account is not active")

-            # Create access token
-            token_data = self.auth_manager.create_access_token(user)
+        token_data = self.auth_manager.create_access_token(user)

-            logger.info(f"User logged in: {user.username}")
-            return {"token_data": token_data, "user": user}
-
-        except (InvalidCredentialsException, UserNotActiveException):
-            raise  # Re-raise custom exceptions
-        except Exception as e:
-            logger.error(f"Error during login: {str(e)}")
-            raise InvalidCredentialsException()
-
-    def get_user_by_email(self, db: Session, email: str) -> User | None:
-        """Get user by email."""
-        try:
-            return db.query(User).filter(User.email == email).first()
-        except Exception as e:
-            logger.error(f"Error getting user by email: {str(e)}")
-            return None
-
-    def get_user_by_username(self, db: Session, username: str) -> User | None:
-        """Get user by username."""
-        try:
-            return db.query(User).filter(User.username == username).first()
-        except Exception as e:
-            logger.error(f"Error getting user by username: {str(e)}")
-            return None
-
-    def authenticate_user(
-        self, db: Session, username: str, password: str
-    ) -> User | None:
-        """Authenticate user with username/password."""
-        try:
-            return self.auth_manager.authenticate_user(db, username, password)
-        except Exception as e:
-            logger.error(f"Error authenticating user: {str(e)}")
-            return None
-
-    def create_access_token(self, user: User) -> dict[str, Any]:
-        """Create access token for user."""
-        try:
-            return self.auth_manager.create_access_token(user)
-        except Exception as e:
-            logger.error(f"Error creating access token: {str(e)}")
-            raise ValidationException("Failed to create access token")
+        logger.info(f"User logged in: {user.username}")
+        return {"token_data": token_data, "user": user}

    def hash_password(self, password: str) -> str:
-        """Hash password."""
-        try:
-            return self.auth_manager.hash_password(password)
-        except Exception as e:
-            logger.error(f"Error hashing password: {str(e)}")
-            raise ValidationException("Failed to hash password")
-
-    def verify_password(self, plain_password: str, hashed_password: str) -> bool:
-        """Verify password against hash."""
-        try:
-            return self.auth_manager.verify_password(plain_password, hashed_password)
-        except Exception as e:
-            logger.error(f"Error verifying password: {str(e)}")
-            return False
-
-    def create_access_token_with_data(self, data: dict) -> dict:
        """
-        Create JWT token with custom data payload.
-
-        Useful for non-User entities like customers that need tokens.
+        Hash a password.

        Args:
-            data: Dictionary containing token payload data (must include 'sub')
+            password: Plain text password

        Returns:
-            Dictionary with access_token, token_type, and expires_in
+            Hashed password string
        """
-        from datetime import datetime, timedelta
-
-        from jose import jwt
-
-        from app.core.config import settings
-
-        try:
-            expires_delta = timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
-            expire = datetime.now(UTC) + expires_delta
-
-            # Build payload with provided data
-            payload = {
-                **data,
-                "exp": expire,
-                "iat": datetime.now(UTC),
-            }
-
-            token = jwt.encode(payload, settings.SECRET_KEY, algorithm="HS256")
-
-            return {
-                "access_token": token,
-                "token_type": "bearer",
-                "expires_in": settings.ACCESS_TOKEN_EXPIRE_MINUTES * 60,
-            }
-        except Exception as e:
-            logger.error(f"Error creating access token with data: {str(e)}")
-            raise ValidationException("Failed to create access token")
+        return self.auth_manager.hash_password(password)

    def get_vendor_by_code(self, db: Session, vendor_code: str) -> Vendor | None:
        """
@@ -291,15 +154,6 @@ class AuthService:

        return None, None

-    # Private helper methods
-    def _email_exists(self, db: Session, email: str) -> bool:
-        """Check if email already exists."""
-        return db.query(User).filter(User.email == email).first() is not None

-    def _username_exists(self, db: Session, username: str) -> bool:
-        """Check if username already exists."""
-        return db.query(User).filter(User.username == username).first() is not None
-
-
-# Create service instance following the same pattern as other services
+# Create service instance
 auth_service = AuthService()