| """
|
| User authentication service for OpenManus
|
| Handles user registration, login, and session management with D1 database
|
| """
|
|
|
| import json
|
| import sqlite3
|
| from datetime import datetime
|
| from typing import Optional, Tuple
|
|
|
| from app.auth import (
|
| User,
|
| UserAuth,
|
| UserSession,
|
| UserSignupRequest,
|
| UserLoginRequest,
|
| AuthResponse,
|
| UserProfile,
|
| )
|
| from app.logger import logger
|
|
|
|
|
| class AuthService:
|
| """Authentication service for user management"""
|
|
|
| def __init__(self, db_connection=None):
|
| """Initialize auth service with database connection"""
|
| self.db = db_connection
|
| self.logger = logger
|
|
|
| async def register_user(self, signup_data: UserSignupRequest) -> AuthResponse:
|
| """Register a new user"""
|
| try:
|
|
|
| formatted_mobile = UserAuth.format_mobile_number(signup_data.mobile_number)
|
|
|
|
|
| existing_user = await self.get_user_by_mobile(formatted_mobile)
|
| if existing_user:
|
| return AuthResponse(
|
| success=False, message="User with this mobile number already exists"
|
| )
|
|
|
|
|
| user_id = UserAuth.generate_user_id()
|
| password_hash = UserAuth.hash_password(signup_data.password)
|
|
|
| user = User(
|
| id=user_id,
|
| mobile_number=formatted_mobile,
|
| full_name=signup_data.full_name,
|
| password_hash=password_hash,
|
| created_at=datetime.utcnow(),
|
| updated_at=datetime.utcnow(),
|
| )
|
|
|
|
|
| success = await self.save_user(user)
|
| if not success:
|
| return AuthResponse(
|
| success=False, message="Failed to create user account"
|
| )
|
|
|
|
|
| session = UserAuth.create_session(user)
|
| session_saved = await self.save_session(session)
|
|
|
| if not session_saved:
|
| return AuthResponse(
|
| success=False, message="User created but failed to create session"
|
| )
|
|
|
| self.logger.info(f"New user registered: {formatted_mobile}")
|
|
|
| return AuthResponse(
|
| success=True,
|
| message="Account created successfully",
|
| session_id=session.session_id,
|
| user_id=user.id,
|
| full_name=user.full_name,
|
| )
|
|
|
| except Exception as e:
|
| self.logger.error(f"User registration error: {str(e)}")
|
| return AuthResponse(
|
| success=False, message="An error occurred during registration"
|
| )
|
|
|
| async def login_user(self, login_data: UserLoginRequest) -> AuthResponse:
|
| """Authenticate user login"""
|
| try:
|
|
|
| formatted_mobile = UserAuth.format_mobile_number(login_data.mobile_number)
|
|
|
|
|
| user = await self.get_user_by_mobile(formatted_mobile)
|
| if not user:
|
| return AuthResponse(
|
| success=False, message="Invalid mobile number or password"
|
| )
|
|
|
|
|
| if not UserAuth.verify_password(login_data.password, user.password_hash):
|
| return AuthResponse(
|
| success=False, message="Invalid mobile number or password"
|
| )
|
|
|
|
|
| if not user.is_active:
|
| return AuthResponse(
|
| success=False,
|
| message="Account is deactivated. Please contact support.",
|
| )
|
|
|
|
|
| session = UserAuth.create_session(user)
|
| session_saved = await self.save_session(session)
|
|
|
| if not session_saved:
|
| return AuthResponse(
|
| success=False,
|
| message="Login successful but failed to create session",
|
| )
|
|
|
| self.logger.info(f"User logged in: {formatted_mobile}")
|
|
|
| return AuthResponse(
|
| success=True,
|
| message="Login successful",
|
| session_id=session.session_id,
|
| user_id=user.id,
|
| full_name=user.full_name,
|
| )
|
|
|
| except Exception as e:
|
| self.logger.error(f"User login error: {str(e)}")
|
| return AuthResponse(success=False, message="An error occurred during login")
|
|
|
| async def validate_session(self, session_id: str) -> Optional[UserSession]:
|
| """Validate user session"""
|
| try:
|
| if not self.db:
|
| return None
|
|
|
| cursor = self.db.cursor()
|
| cursor.execute(
|
| """
|
| SELECT s.id, s.user_id, u.mobile_number, u.full_name,
|
| s.created_at, s.expires_at
|
| FROM sessions s
|
| JOIN users u ON s.user_id = u.id
|
| WHERE s.id = ? AND u.is_active = 1
|
| """,
|
| (session_id,),
|
| )
|
|
|
| row = cursor.fetchone()
|
| if not row:
|
| return None
|
|
|
| session = UserSession(
|
| session_id=row[0],
|
| user_id=row[1],
|
| mobile_number=row[2],
|
| full_name=row[3],
|
| created_at=datetime.fromisoformat(row[4]),
|
| expires_at=datetime.fromisoformat(row[5]),
|
| )
|
|
|
|
|
| if not session.is_valid:
|
|
|
| await self.delete_session(session_id)
|
| return None
|
|
|
| return session
|
|
|
| except Exception as e:
|
| self.logger.error(f"Session validation error: {str(e)}")
|
| return None
|
|
|
| async def logout_user(self, session_id: str) -> bool:
|
| """Logout user by deleting session"""
|
| return await self.delete_session(session_id)
|
|
|
| async def get_user_profile(self, user_id: str) -> Optional[UserProfile]:
|
| """Get user profile by user ID"""
|
| try:
|
| user = await self.get_user_by_id(user_id)
|
| if not user:
|
| return None
|
|
|
| return UserProfile(
|
| user_id=user.id,
|
| full_name=user.full_name,
|
| mobile_number=UserProfile.mask_mobile_number(user.mobile_number),
|
| avatar_url=user.avatar_url,
|
| created_at=user.created_at.isoformat() if user.created_at else None,
|
| )
|
|
|
| except Exception as e:
|
| self.logger.error(f"Get user profile error: {str(e)}")
|
| return None
|
|
|
|
|
| async def save_user(self, user: User) -> bool:
|
| """Save user to database"""
|
| try:
|
| if not self.db:
|
| return False
|
|
|
| cursor = self.db.cursor()
|
| cursor.execute(
|
| """
|
| INSERT INTO users (id, mobile_number, full_name, password_hash,
|
| avatar_url, preferences, is_active, created_at, updated_at)
|
| VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)
|
| """,
|
| (
|
| user.id,
|
| user.mobile_number,
|
| user.full_name,
|
| user.password_hash,
|
| user.avatar_url,
|
| user.preferences,
|
| user.is_active,
|
| user.created_at.isoformat() if user.created_at else None,
|
| user.updated_at.isoformat() if user.updated_at else None,
|
| ),
|
| )
|
|
|
| self.db.commit()
|
| return True
|
|
|
| except Exception as e:
|
| self.logger.error(f"Save user error: {str(e)}")
|
| return False
|
|
|
| async def get_user_by_mobile(self, mobile_number: str) -> Optional[User]:
|
| """Get user by mobile number"""
|
| try:
|
| if not self.db:
|
| return None
|
|
|
| cursor = self.db.cursor()
|
| cursor.execute(
|
| """
|
| SELECT id, mobile_number, full_name, password_hash, avatar_url,
|
| preferences, is_active, created_at, updated_at
|
| FROM users
|
| WHERE mobile_number = ?
|
| """,
|
| (mobile_number,),
|
| )
|
|
|
| row = cursor.fetchone()
|
| if not row:
|
| return None
|
|
|
| return User(
|
| id=row[0],
|
| mobile_number=row[1],
|
| full_name=row[2],
|
| password_hash=row[3],
|
| avatar_url=row[4],
|
| preferences=row[5],
|
| is_active=bool(row[6]),
|
| created_at=datetime.fromisoformat(row[7]) if row[7] else None,
|
| updated_at=datetime.fromisoformat(row[8]) if row[8] else None,
|
| )
|
|
|
| except Exception as e:
|
| self.logger.error(f"Get user by mobile error: {str(e)}")
|
| return None
|
|
|
| async def get_user_by_id(self, user_id: str) -> Optional[User]:
|
| """Get user by ID"""
|
| try:
|
| if not self.db:
|
| return None
|
|
|
| cursor = self.db.cursor()
|
| cursor.execute(
|
| """
|
| SELECT id, mobile_number, full_name, password_hash, avatar_url,
|
| preferences, is_active, created_at, updated_at
|
| FROM users
|
| WHERE id = ? AND is_active = 1
|
| """,
|
| (user_id,),
|
| )
|
|
|
| row = cursor.fetchone()
|
| if not row:
|
| return None
|
|
|
| return User(
|
| id=row[0],
|
| mobile_number=row[1],
|
| full_name=row[2],
|
| password_hash=row[3],
|
| avatar_url=row[4],
|
| preferences=row[5],
|
| is_active=bool(row[6]),
|
| created_at=datetime.fromisoformat(row[7]) if row[7] else None,
|
| updated_at=datetime.fromisoformat(row[8]) if row[8] else None,
|
| )
|
|
|
| except Exception as e:
|
| self.logger.error(f"Get user by ID error: {str(e)}")
|
| return None
|
|
|
| async def save_session(self, session: UserSession) -> bool:
|
| """Save session to database"""
|
| try:
|
| if not self.db:
|
| return False
|
|
|
| cursor = self.db.cursor()
|
| cursor.execute(
|
| """
|
| INSERT INTO sessions (id, user_id, title, metadata, created_at,
|
| updated_at, expires_at)
|
| VALUES (?, ?, ?, ?, ?, ?, ?)
|
| """,
|
| (
|
| session.session_id,
|
| session.user_id,
|
| "User Session",
|
| json.dumps({"login_type": "mobile_password"}),
|
| session.created_at.isoformat(),
|
| session.created_at.isoformat(),
|
| session.expires_at.isoformat(),
|
| ),
|
| )
|
|
|
| self.db.commit()
|
| return True
|
|
|
| except Exception as e:
|
| self.logger.error(f"Save session error: {str(e)}")
|
| return False
|
|
|
| async def delete_session(self, session_id: str) -> bool:
|
| """Delete session from database"""
|
| try:
|
| if not self.db:
|
| return False
|
|
|
| cursor = self.db.cursor()
|
| cursor.execute("DELETE FROM sessions WHERE id = ?", (session_id,))
|
| self.db.commit()
|
| return True
|
|
|
| except Exception as e:
|
| self.logger.error(f"Delete session error: {str(e)}")
|
| return False
|
|
|
