Adding content

Author: jacantwell

.github/workflows/deploy_api.yml

@@ -0,0 +1,84 @@
+name: Build, Push, and Deploy
+
+on:
+  push:
+    branches: [ main ]
+    paths:
+      - 'api/**'
+      - '.github/workflows/deploy_api.yml'
+
+jobs:
+  deploy-backend:
+    runs-on: ubuntu-latest
+    
+    env:
+      STACK_NAME: ''
+      AWS_REGION: ''
+      AWS_ACCOUNT_ID: ''
+      REPO_NAME: ''
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set ECR repository URI
+        run: |
+          echo "ECR_REPOSITORY=$AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$REPO_NAME" >> $GITHUB_ENV
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ env.AWS_REGION }}
+
+      - name: Login to Amazon ECR
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v2
+
+      - name: Navigate to the project directory
+        run: cd backend
+
+      - name: Create ECR repository if it doesn't exist
+        run: |
+          if ! aws ecr describe-repositories --repository-names $REPO_NAME 2>/dev/null; then
+            echo "Creating ECR repository $REPO_NAME"
+            aws ecr create-repository --repository-name $REPO_NAME
+          fi
+
+      - name: Build Docker image
+        run: |
+          cd backend
+          docker build -t $STACK_NAME .
+          docker tag $STACK_NAME $ECR_REPOSITORY:latest
+
+      - name: Push Docker image to ECR
+        run: |
+          cd backend
+          # Push the image
+          docker push $ECR_REPOSITORY:latest
+          
+          # Get image digest reliably using AWS CLI
+          echo "IMAGE_DIGEST=$(aws ecr describe-images --repository-name $REPO_NAME --image-ids imageTag=latest --query 'imageDetails[0].imageDigest' --output text)" >> $GITHUB_ENV
+
+      - name: Deploy to AWS CloudFormation
+        run: |
+          cd backend
+          echo "Deploying stack $STACK_NAME to region $AWS_REGION with image digest $IMAGE_DIGEST"
+          aws cloudformation deploy \
+            --capabilities CAPABILITY_IAM \
+            --stack-name $STACK_NAME \
+            --template-file template.yaml \
+            --region $AWS_REGION \
+            --parameter-overrides \
+              ImageUri="$ECR_REPOSITORY@$IMAGE_DIGEST" \
+              MongoUsername="${{ secrets.MONGO_USERNAME }}" \
+              MongoPassword="${{ secrets.MONGO_PASSWORD }}" \
+              MongoHost="${{ secrets.MONGO_HOST }}" \
+              MongoDbName="${{ secrets.MONGO_DB_NAME }}"
+
+
+      - name: Get API Gateway URL
+        run: |
+          echo "API Gateway URL:"
+          aws cloudformation describe-stacks --stack-name $STACK_NAME --query "Stacks[0].Outputs[?ExportName=='$STACK_NAME-ApiEndpoint'].OutputValue" --output text

api/.env.example

@@ -0,0 +1,11 @@
+# Cloudformation
+STACK_NAME=
+AWS_REGION=
+AWS_ACCOUNT_ID=
+REPO_NAME=
+
+#MongoDB
+MONGO_HOST=cluster0.mongodb.net
+MONGO_USERNAME=
+MONGO_PASSWORD=
+MONGO_DB_NAME=

api/.gitignore

@@ -0,0 +1,9 @@
+__pycache__
+app.egg-info
+*.pyc
+.mypy_cache
+.coverage
+htmlcov
+.cache
+.venv
+.env

api/Dockerfile

@@ -0,0 +1,21 @@
+FROM public.ecr.aws/lambda/python:3.12
+
+# Install Poetry using official installer
+RUN curl -sSL https://install.python-poetry.org | python3 -
+
+# Add Poetry to PATH
+ENV PATH="/root/.local/bin:$PATH"
+
+# Copy Poetry configuration files
+COPY pyproject.toml .
+COPY poetry.lock .
+
+# Install dependencies
+RUN poetry config virtualenvs.create false && \
+    poetry install --no-interaction --no-ansi --no-root
+
+# Copy the application code
+COPY app/ ./app/
+ 
+# Set entrypoint
+CMD [ "app.main.handler" ]

api/README.md

@@ -0,0 +1,52 @@
+# Backend Developer Guide
+
+This backend is built with **FastAPI**, **Pydantic**, **MongoDB** (via `pymongo`), and managed using **Poetry**. It serves as the API and data layer for the project.
+
+## 🛠️ Tech Stack
+
+- **FastAPI**: Web framework for building APIs
+- **Pydantic**: Data validation and settings management
+- **MongoDB**: NoSQL database
+- **pymongo**: MongoDB driver for Python
+- **Uvicorn**: ASGI server for running FastAPI
+- **Poetry**: Dependency and environment management
+
+## 🚀 Getting Started
+
+### 1. Install Dependencies
+
+Make sure you have [Poetry](https://python-poetry.org/docs/#installation) installed.
+
+```sh
+cd backend
+poetry install
+```
+
+### 2. Environment Variables
+
+Copy the example environment file and fill in your MongoDB credentials:
+
+```sh
+cp .env.example .env
+# Edit .env with your MongoDB details
+```
+
+### 3. Run the local Development Server
+
+Use the provided script to start the server with hot-reload:
+
+```sh
+sh scripts/start_server.sh
+```
+
+### 4. Project Structure
+
+```
+app/
+├── main.py             # FastAPI app entrypoint
+├── api/                # API routers
+├── models/             # Pydantic models
+├── database/           # MongoDB drivers and connection logic
+├── core/               # Configuration and settings
+```
+

api/app/api/deps.py

@@ -0,0 +1,47 @@
+from typing import Annotated
+
+import jwt
+from fastapi import Depends, Request, status
+from fastapi.exceptions import HTTPException
+from fastapi.security import OAuth2PasswordBearer
+from jwt.exceptions import InvalidTokenError
+from pydantic import ValidationError
+
+from app.core.config import settings
+from app.core.security import ALGORITHM
+from app.database import Database
+from app.models.security import TokenPayload
+from app.models.users import User
+
+
+async def get_db(request: Request) -> Database:
+    return request.app.state.database
+
+
+get_auth = OAuth2PasswordBearer(tokenUrl=f"{settings.API_V1_STR}/auth/token")
+
+DatabaseDep = Annotated[Database, Depends(get_db)]
+TokenDep = Annotated[str, Depends(get_auth)]
+
+
+async def get_current_user(db: DatabaseDep, token: TokenDep) -> User:
+    """
+    By decoding the JWT token and extracting the user ID,
+    we can retrieve the user from the database.
+    If the token is invalid or the user does not exist, an HTTPException is raised.
+    """
+    try:
+        payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[ALGORITHM])
+        token_data = TokenPayload(**payload)
+    except (InvalidTokenError, ValidationError):
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Could not validate credentials",
+        )
+    user = await db.users.read(token_data.sub)
+    if not user:
+        raise HTTPException(status_code=404, detail="User not found")
+    return user
+
+
+CurrentUserDep = Annotated[User, Depends(get_current_user)]

api/app/api/main.py

@@ -0,0 +1,14 @@
+from fastapi import APIRouter
+
+from app.api.routes import auth_router, root_router, users_router
+from app.core.config import settings
+
+api_router = APIRouter()
+api_router.include_router(auth_router)
+api_router.include_router(users_router)
+api_router.include_router(root_router)
+
+
+if settings.ENVIRONMENT == "local":
+    # Possilbe to add local only routers
+    pass

api/app/api/routes/__init__.py

@@ -0,0 +1,3 @@
+from app.api.routes.auth import router as auth_router
+from app.api.routes.root import router as root_router
+from app.api.routes.users import router as users_router

api/app/api/routes/auth.py

@@ -0,0 +1,35 @@
+from typing import Annotated
+
+from fastapi import APIRouter, Depends, HTTPException
+from fastapi.security import OAuth2PasswordRequestForm
+
+from app.api.deps import DatabaseDep
+from app.core.config import settings
+from app.core.security import create_access_token, verify_password
+from app.models.security import Token
+
+router = APIRouter(prefix="/auth", tags=["authentication"])
+
+
+@router.post("/token")
+async def login(
+    db: DatabaseDep, data: Annotated[OAuth2PasswordRequestForm, Depends()]
+) -> Token:
+    """
+    Authenticate a user and return an access token.
+    """
+    found_users = await db.users.query({"username": data.username})
+
+    if len(found_users) == 0:
+        raise HTTPException(status_code=400, detail="Incorrect username or password")
+    else:
+        user = found_users[0]
+
+    if not verify_password(data.password, user.password):
+        raise HTTPException(status_code=400, detail="Incorrect username or password")
+
+    access_token = create_access_token(
+        subject=user.id, expires_delta=settings.ACCESS_TOKEN_EXPIRE_DELTA
+    )
+
+    return Token(access_token=access_token, token_type="bearer")

api/app/api/routes/root.py

@@ -0,0 +1,26 @@
+from typing import Any
+
+from fastapi import APIRouter, HTTPException
+
+from app.api.deps import DatabaseDep
+
+router = APIRouter()
+
+
+@router.get("/")
+def ping() -> Any:
+    """
+    Retrieve users.
+    """
+    return "pong"
+
+
+@router.get("/mongodb")
+async def ping_mongodb(db: DatabaseDep) -> Any:
+    """
+    Retrieve users.
+    """
+    try:
+        return await db.ping()
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=str(e))