Add basic registration (#8)

* Refactor user registration to use PostgreSQL stored procedure and sanitize username input

* Refactor user registration to use UserRegister schema and remove UserCreate

* Refactor username sanitization: move sanitize_username function to string_utils and remove username.py

* Enhance user registration: add HTTPException for existing users and improve code structure

* Add docstring to user registration endpoint for clarity

* Fix attribute name in User model: update language_id to language_iso_code for clarity

* Refactor language preference handling: rename language_iso_code to language_id in User model and registration schema for consistency

Author: Vianpyro

app/models/user.py

@@ -9,7 +9,7 @@
 import uuid
 from datetime import datetime
 
-from sqlalchemy import Boolean, Column, DateTime, Integer, String, Text
+from sqlalchemy import Boolean, Column, DateTime, Integer, Text
 from sqlalchemy.dialects.postgresql import UUID
 
 from app.models import Base
@@ -44,7 +44,7 @@ class User(Base):
 
     user_id = Column(UUID(as_uuid=True), primary_key=True, default=uuid.uuid4)
 
-    username = Column(String(50), unique=True, nullable=False)
+    username = Column(Text, unique=True, nullable=False)
 
     email_encrypted = Column(Text, nullable=False)
     email_hash = Column(Text, unique=True, nullable=False)

app/routes/v1/endpoints/authentication.py

@@ -1,8 +1,8 @@
-from fastapi import APIRouter, Depends
+from fastapi import APIRouter, Depends, HTTPException
+from sqlalchemy import text
 from sqlalchemy.ext.asyncio import AsyncSession
 
-from app.models.user import User
-from app.routes.v1.schemas.user.create import UserCreate
+from app.routes.v1.schemas.user.register import UserRegister
 from app.utility.database import get_db
 from app.utility.security import (
     encrypt_email,
@@ -11,23 +11,59 @@
     hash_password,
     hash_phone,
 )
+from app.utility.string_utils import sanitize_username
 
 router = APIRouter()
 
 
 @router.post("/register")
-async def register(data: UserCreate, db: AsyncSession = Depends(get_db)):
+async def register(data: UserRegister, db: AsyncSession = Depends(get_db)):
     """Endpoint for user registration."""
-    user = User(
-        username=data.username,
-        email_encrypted=encrypt_email(data.email),
-        email_hash=hash_email(data.email),
-        password_hash=hash_password(data.password),
-        phone_encrypted=encrypt_phone(data.phone) if data.phone else None,
-        phone_hash=hash_phone(data.phone) if data.phone else None,
-        language_id=data.language_id,
+    username = sanitize_username(data.username)
+    email_encrypted = encrypt_email(data.email)
+    email_hash = hash_email(data.email)
+    password_hash = hash_password(data.password)
+    phone_encrypted = encrypt_phone(data.phone) if data.phone else None
+    phone_hash = hash_phone(data.phone) if data.phone else None
+    language_id = data.language_id
+
+    # Check if user is available
+    result = await db.execute(
+        text(
+            """
+            SELECT is_user_available(:username, :email_hash, :phone_hash) AS available
+        """
+        ),
+        {"username": username, "email_hash": email_hash, "phone_hash": phone_hash},
+    )
+    available = result.scalar()
+
+    if not available:
+        raise HTTPException(409, "Username, email, or phone already exists")
+
+    await db.execute(
+        text(
+            """
+            CALL register_user(
+                :username,
+                :email_encrypted,
+                :email_hash,
+                :password_hash,
+                :phone_encrypted,
+                :phone_hash,
+                :preferred_language_id
+            )
+            """
+        ),
+        {
+            "username": username,
+            "email_encrypted": email_encrypted,
+            "email_hash": email_hash,
+            "password_hash": password_hash,
+            "phone_encrypted": phone_encrypted,
+            "phone_hash": phone_hash,
+            "preferred_language_id": language_id,
+        },
     )
-    db.add(user)
     await db.commit()
-    await db.refresh(user)
-    return {"message": "User registered successfully", "user_id": str(user.user_id)}
+    return {"message": "User registered successfully", "username": username}

app/routes/v1/schemas/user/create.py app/routes/v1/schemas/user/register.pyapp/routes/v1/schemas/user/create.py renamed to app/routes/v1/schemas/user/register.py

@@ -1,7 +1,7 @@
 from pydantic import BaseModel, EmailStr
 
 
-class UserCreate(BaseModel):
+class UserRegister(BaseModel):
     username: str
     email: EmailStr
     password: str

app/utility/string_utils.py

@@ -0,0 +1,9 @@
+import re
+
+
+def sanitize_username(username: str) -> str:
+    """
+    Replace all characters not allowed by the database username constraint
+    (^[a-zA-Z0-9_]+$) with underscores.
+    """
+    return re.sub(r"[^a-zA-Z0-9_]", "_", username)