Fix auth and organization/standards

3 files changed, 37 insertions, 9 deletions

diff --git a/app/util/authentication.py b/app/util/authentication.py
index 99f8b47..1127451 100644
--- a/app/util/authentication.py
+++ b/app/util/authentication.py
@@ -28,11 +28,11 @@ def verify_password(plain_password, hashed_password):
     )
 
 
-def get_user(db, id: int):
+def get_user(db, username: str):
     """
     Get the user object from the database
     """
-    user = db.query(UserModel).filter(UserModel.id == id).first()
+    user = db.query(UserModel).filter(UserModel.username == username).first()
     if user:
         return UserInDB(**user.__dict__)
 
@@ -46,6 +46,7 @@ def authenticate_user(db, username: str, password: str):
     if not user:
         return False
     if not verify_password(password, user.hashed_password):
+        print("WHY")
         return False
     return user
 
@@ -121,8 +122,9 @@ async def get_current_user(
     try:
         payload = jwt.decode(token, secret_key, algorithms=[algorithm])
         id: int = payload.get("sub")
+        username: str = payload.get("username")
         refresh: bool = payload.get("refresh")
-        if not id:
+        if not id or not username:
             return raise_unauthorized()
         # For some reason, an access token was passed when a refresh
         # token was expected - some likely malicious activity
@@ -136,7 +138,7 @@ async def get_current_user(
     except InvalidTokenError:
         return raise_unauthorized()
 
-    user = get_user(db, id)
+    user = get_user(db, username)
     if user is None:
         return raise_unauthorized()
 
diff --git a/app/util/check_password_reqs.py b/app/util/check_password_reqs.py
new file mode 100644
index 0000000..dcb9bf8
--- /dev/null
+++ b/app/util/check_password_reqs.py
@@ -0,0 +1,26 @@
+from fastapi import HTTPException, status
+
+
+def check_password_reqs(password: str):
+    """
+    Make sure the entered password meets the security requirements:
+        1. At least 8 characters
+        2. At least one digit
+        3. At least one uppercase letter
+    """
+    if len(password) < 8:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Password must be at least 8 characters",
+        )
+    if not any(char.isdigit() for char in password):
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Password must contain at least one digit",
+        )
+    if not any(char.isupper() for char in password):
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Password must contain at least one uppercase letter",
+        )
+    return
diff --git a/app/util/log.py b/app/util/log.py
index de60f23..b84c8a0 100644
--- a/app/util/log.py
+++ b/app/util/log.py
@@ -4,10 +4,10 @@ from ua_parser import user_agent_parser
 
 from database import SessionLocal
 import config
-from models import Link, Record
+from models import Link, Log
 
 """
-Create a new log record whenever a link is visited
+Create a new log whenever a link is visited
 """
 
 
@@ -65,8 +65,8 @@ def log(link, ip, user_agent):
     browser = ua_string["user_agent"]["family"]
     os = f'{ua_string["os"]["family"]} {ua_string["os"]["major"]}'
 
-    # Create the log record and commit it to the database
-    link_record = Record(
+    # Create the log and commit it to the database
+    new_log = Log(
         owner=owner,
         link=link,
         timestamp=timestamp,
@@ -77,7 +77,7 @@ def log(link, ip, user_agent):
         user_agent=user_agent,
         isp=isp,
     )
-    db.add(link_record)
+    db.add(new_log)
     db.commit()
     db.close()