import csv import json import tempfile from datetime import datetime from typing import IO, Optional from uuid import UUID from fastapi import HTTPException from core.base import CryptoProvider, Handler from core.base.abstractions import R2RException from core.utils import generate_user_id from shared.abstractions import User from .base import PostgresConnectionManager, QueryBuilder from .collections import PostgresCollectionsHandler def _merge_metadata( existing_metadata: dict[str, str], new_metadata: dict[str, Optional[str]] ) -> dict[str, str]: """ Merges the new metadata with the existing metadata in the Stripe-style approach: - new_metadata[key] = => update or add that key - new_metadata[key] = "" => remove that key - if new_metadata is empty => remove all keys """ # If new_metadata is an empty dict, it signals removal of all keys. if new_metadata == {}: return {} # Copy so we don't mutate the original final_metadata = dict(existing_metadata) for key, value in new_metadata.items(): # If the user sets the key to an empty string, it means "delete" that key if value == "": if key in final_metadata: del final_metadata[key] # If not None and not empty, set or override elif value is not None: final_metadata[key] = value else: # If the user sets the value to None in some contexts, decide if you want to remove or ignore # For now we might treat None same as empty string => remove if key in final_metadata: del final_metadata[key] return final_metadata class PostgresUserHandler(Handler): TABLE_NAME = "users" API_KEYS_TABLE_NAME = "users_api_keys" def __init__( self, project_name: str, connection_manager: PostgresConnectionManager, crypto_provider: CryptoProvider, ): super().__init__(project_name, connection_manager) self.crypto_provider = crypto_provider async def create_tables(self): user_table_query = f""" CREATE TABLE IF NOT EXISTS {self._get_table_name(PostgresUserHandler.TABLE_NAME)} ( id UUID PRIMARY KEY DEFAULT uuid_generate_v4(), email TEXT UNIQUE NOT NULL, hashed_password TEXT NOT NULL, is_superuser BOOLEAN DEFAULT FALSE, is_active BOOLEAN DEFAULT TRUE, is_verified BOOLEAN DEFAULT FALSE, verification_code TEXT, verification_code_expiry TIMESTAMPTZ, name TEXT, bio TEXT, profile_picture TEXT, reset_token TEXT, reset_token_expiry TIMESTAMPTZ, collection_ids UUID[] NULL, limits_overrides JSONB, metadata JSONB, created_at TIMESTAMPTZ DEFAULT NOW(), updated_at TIMESTAMPTZ DEFAULT NOW(), account_type TEXT NOT NULL DEFAULT 'password', google_id TEXT, github_id TEXT ); """ # API keys table with updated_at instead of last_used_at api_keys_table_query = f""" CREATE TABLE IF NOT EXISTS {self._get_table_name(PostgresUserHandler.API_KEYS_TABLE_NAME)} ( id UUID PRIMARY KEY DEFAULT uuid_generate_v4(), user_id UUID NOT NULL REFERENCES {self._get_table_name(PostgresUserHandler.TABLE_NAME)}(id) ON DELETE CASCADE, public_key TEXT UNIQUE NOT NULL, hashed_key TEXT NOT NULL, name TEXT, description TEXT, created_at TIMESTAMPTZ DEFAULT NOW(), updated_at TIMESTAMPTZ DEFAULT NOW() ); CREATE INDEX IF NOT EXISTS idx_api_keys_user_id ON {self._get_table_name(PostgresUserHandler.API_KEYS_TABLE_NAME)}(user_id); CREATE INDEX IF NOT EXISTS idx_api_keys_public_key ON {self._get_table_name(PostgresUserHandler.API_KEYS_TABLE_NAME)}(public_key); """ await self.connection_manager.execute_query(user_table_query) await self.connection_manager.execute_query(api_keys_table_query) # (New) Code snippet for adding columns if missing # Postgres >= 9.6 supports "ADD COLUMN IF NOT EXISTS" check_columns_query = f""" ALTER TABLE {self._get_table_name(self.TABLE_NAME)} ADD COLUMN IF NOT EXISTS metadata JSONB; ALTER TABLE {self._get_table_name(self.TABLE_NAME)} ADD COLUMN IF NOT EXISTS limits_overrides JSONB; ALTER TABLE {self._get_table_name(self.API_KEYS_TABLE_NAME)} ADD COLUMN IF NOT EXISTS description TEXT; """ await self.connection_manager.execute_query(check_columns_query) # Optionally, create indexes for quick lookups: check_columns_query = f""" ALTER TABLE {self._get_table_name(self.TABLE_NAME)} ADD COLUMN IF NOT EXISTS account_type TEXT NOT NULL DEFAULT 'password', ADD COLUMN IF NOT EXISTS google_id TEXT, ADD COLUMN IF NOT EXISTS github_id TEXT; CREATE INDEX IF NOT EXISTS idx_users_google_id ON {self._get_table_name(self.TABLE_NAME)}(google_id); CREATE INDEX IF NOT EXISTS idx_users_github_id ON {self._get_table_name(self.TABLE_NAME)}(github_id); """ await self.connection_manager.execute_query(check_columns_query) async def get_user_by_id(self, id: UUID) -> User: query, _ = ( QueryBuilder(self._get_table_name("users")) .select( [ "id", "email", "is_superuser", "is_active", "is_verified", "created_at", "updated_at", "name", "profile_picture", "bio", "collection_ids", "limits_overrides", "metadata", "account_type", "hashed_password", "google_id", "github_id", ] ) .where("id = $1") .build() ) result = await self.connection_manager.fetchrow_query(query, [id]) if not result: raise R2RException(status_code=404, message="User not found") return User( id=result["id"], email=result["email"], is_superuser=result["is_superuser"], is_active=result["is_active"], is_verified=result["is_verified"], created_at=result["created_at"], updated_at=result["updated_at"], name=result["name"], profile_picture=result["profile_picture"], bio=result["bio"], collection_ids=result["collection_ids"], limits_overrides=json.loads(result["limits_overrides"] or "{}"), metadata=json.loads(result["metadata"] or "{}"), hashed_password=result["hashed_password"], account_type=result["account_type"], google_id=result["google_id"], github_id=result["github_id"], ) async def get_user_by_email(self, email: str) -> User: query, params = ( QueryBuilder(self._get_table_name("users")) .select( [ "id", "email", "is_superuser", "is_active", "is_verified", "created_at", "updated_at", "name", "profile_picture", "bio", "collection_ids", "metadata", "limits_overrides", "account_type", "hashed_password", "google_id", "github_id", ] ) .where("email = $1") .build() ) result = await self.connection_manager.fetchrow_query(query, [email]) if not result: raise R2RException(status_code=404, message="User not found") return User( id=result["id"], email=result["email"], is_superuser=result["is_superuser"], is_active=result["is_active"], is_verified=result["is_verified"], created_at=result["created_at"], updated_at=result["updated_at"], name=result["name"], profile_picture=result["profile_picture"], bio=result["bio"], collection_ids=result["collection_ids"], limits_overrides=json.loads(result["limits_overrides"] or "{}"), metadata=json.loads(result["metadata"] or "{}"), account_type=result["account_type"], hashed_password=result["hashed_password"], google_id=result["google_id"], github_id=result["github_id"], ) async def create_user( self, email: str, password: Optional[str] = None, account_type: Optional[str] = "password", google_id: Optional[str] = None, github_id: Optional[str] = None, is_superuser: bool = False, name: Optional[str] = None, bio: Optional[str] = None, profile_picture: Optional[str] = None, ) -> User: """Create a new user.""" # 1) Check if a user with this email already exists try: existing = await self.get_user_by_email(email) if existing: raise R2RException( status_code=400, message="User with this email already exists", ) except R2RException as e: if e.status_code != 404: raise e # 2) If google_id is provided, ensure no user already has it if google_id: existing_google_user = await self.get_user_by_google_id(google_id) if existing_google_user: raise R2RException( status_code=400, message="User with this Google account already exists", ) # 3) If github_id is provided, ensure no user already has it if github_id: existing_github_user = await self.get_user_by_github_id(github_id) if existing_github_user: raise R2RException( status_code=400, message="User with this GitHub account already exists", ) hashed_password = None if account_type == "password": if password is None: raise R2RException( status_code=400, message="Password is required for a 'password' account_type", ) hashed_password = self.crypto_provider.get_password_hash(password) # type: ignore query, params = ( QueryBuilder(self._get_table_name(self.TABLE_NAME)) .insert( { "email": email, "id": generate_user_id(email), "is_superuser": is_superuser, "collection_ids": [], "limits_overrides": None, "metadata": None, "account_type": account_type, "hashed_password": hashed_password or "", # Ensure hashed_password is not None # !!WARNING - Upstream checks are required to treat oauth differently from password!! "google_id": google_id, "github_id": github_id, "is_verified": account_type != "password", "name": name, "bio": bio, "profile_picture": profile_picture, } ) .returning( [ "id", "email", "is_superuser", "is_active", "is_verified", "created_at", "updated_at", "collection_ids", "limits_overrides", "metadata", "name", "bio", "profile_picture", ] ) .build() ) result = await self.connection_manager.fetchrow_query(query, params) if not result: raise R2RException( status_code=500, message="Failed to create user", ) return User( id=result["id"], email=result["email"], is_superuser=result["is_superuser"], is_active=result["is_active"], is_verified=result["is_verified"], created_at=result["created_at"], updated_at=result["updated_at"], collection_ids=result["collection_ids"] or [], limits_overrides=json.loads(result["limits_overrides"] or "{}"), metadata=json.loads(result["metadata"] or "{}"), name=result["name"], bio=result["bio"], profile_picture=result["profile_picture"], account_type=account_type or "password", hashed_password=hashed_password, google_id=google_id, github_id=github_id, ) async def update_user( self, user: User, merge_limits: bool = False, new_metadata: dict[str, Optional[str]] | None = None, ) -> User: """Update user information including limits_overrides. Args: user: User object containing updated information merge_limits: If True, will merge existing limits_overrides with new ones. If False, will overwrite existing limits_overrides. Returns: Updated User object """ # Get current user if we need to merge limits or get hashed password current_user = None try: current_user = await self.get_user_by_id(user.id) except R2RException: raise R2RException( status_code=404, message="User not found" ) from None # If the new user.google_id != current_user.google_id, check for duplicates if user.email and (user.email != current_user.email): existing_email_user = await self.get_user_by_email(user.email) if existing_email_user and existing_email_user.id != user.id: raise R2RException( status_code=400, message="That email account is already associated with another user.", ) # If the new user.google_id != current_user.google_id, check for duplicates if user.google_id and (user.google_id != current_user.google_id): existing_google_user = await self.get_user_by_google_id( user.google_id ) if existing_google_user and existing_google_user.id != user.id: raise R2RException( status_code=400, message="That Google account is already associated with another user.", ) # Similarly for GitHub: if user.github_id and (user.github_id != current_user.github_id): existing_github_user = await self.get_user_by_github_id( user.github_id ) if existing_github_user and existing_github_user.id != user.id: raise R2RException( status_code=400, message="That GitHub account is already associated with another user.", ) # Merge or replace metadata if provided final_metadata = current_user.metadata or {} if new_metadata is not None: final_metadata = _merge_metadata(final_metadata, new_metadata) # Merge or replace limits_overrides final_limits = user.limits_overrides if ( merge_limits and current_user.limits_overrides and user.limits_overrides ): final_limits = { **current_user.limits_overrides, **user.limits_overrides, } query = f""" UPDATE {self._get_table_name(PostgresUserHandler.TABLE_NAME)} SET email = $1, is_superuser = $2, is_active = $3, is_verified = $4, updated_at = NOW(), name = $5, profile_picture = $6, bio = $7, collection_ids = $8, limits_overrides = $9::jsonb, metadata = $10::jsonb WHERE id = $11 RETURNING id, email, is_superuser, is_active, is_verified, created_at, updated_at, name, profile_picture, bio, collection_ids, limits_overrides, metadata, hashed_password, account_type, google_id, github_id """ result = await self.connection_manager.fetchrow_query( query, [ user.email, user.is_superuser, user.is_active, user.is_verified, user.name, user.profile_picture, user.bio, user.collection_ids or [], json.dumps(final_limits), json.dumps(final_metadata), user.id, ], ) if not result: raise HTTPException( status_code=500, detail="Failed to update user", ) return User( id=result["id"], email=result["email"], is_superuser=result["is_superuser"], is_active=result["is_active"], is_verified=result["is_verified"], created_at=result["created_at"], updated_at=result["updated_at"], name=result["name"], profile_picture=result["profile_picture"], bio=result["bio"], collection_ids=result["collection_ids"] or [], # Ensure null becomes empty array limits_overrides=json.loads( result["limits_overrides"] or "{}" ), # Can be null metadata=json.loads(result["metadata"] or "{}"), account_type=result["account_type"], hashed_password=result[ "hashed_password" ], # Include hashed_password google_id=result["google_id"], github_id=result["github_id"], ) async def delete_user_relational(self, id: UUID) -> None: """Delete a user and update related records.""" # Get the collections the user belongs to collection_query, params = ( QueryBuilder(self._get_table_name(self.TABLE_NAME)) .select(["collection_ids"]) .where("id = $1") .build() ) collection_result = await self.connection_manager.fetchrow_query( collection_query, [id] ) if not collection_result: raise R2RException(status_code=404, message="User not found") # Update documents query doc_update_query, doc_params = ( QueryBuilder(self._get_table_name("documents")) .update({"id": None}) .where("id = $1") .build() ) await self.connection_manager.execute_query(doc_update_query, [id]) # Delete user query delete_query, del_params = ( QueryBuilder(self._get_table_name(self.TABLE_NAME)) .delete() .where("id = $1") .returning(["id"]) .build() ) result = await self.connection_manager.fetchrow_query( delete_query, [id] ) if not result: raise R2RException(status_code=404, message="User not found") async def update_user_password(self, id: UUID, new_hashed_password: str): query = f""" UPDATE {self._get_table_name(PostgresUserHandler.TABLE_NAME)} SET hashed_password = $1, updated_at = NOW() WHERE id = $2 """ await self.connection_manager.execute_query( query, [new_hashed_password, id] ) async def get_all_users(self) -> list[User]: """Get all users with minimal information.""" query, params = ( QueryBuilder(self._get_table_name(self.TABLE_NAME)) .select( [ "id", "email", "is_superuser", "is_active", "is_verified", "created_at", "updated_at", "collection_ids", "hashed_password", "limits_overrides", "metadata", "name", "bio", "profile_picture", "account_type", "google_id", "github_id", ] ) .build() ) results = await self.connection_manager.fetch_query(query, params) return [ User( id=result["id"], email=result["email"], is_superuser=result["is_superuser"], is_active=result["is_active"], is_verified=result["is_verified"], created_at=result["created_at"], updated_at=result["updated_at"], collection_ids=result["collection_ids"] or [], limits_overrides=json.loads( result["limits_overrides"] or "{}" ), metadata=json.loads(result["metadata"] or "{}"), name=result["name"], bio=result["bio"], profile_picture=result["profile_picture"], account_type=result["account_type"], hashed_password=result["hashed_password"], google_id=result["google_id"], github_id=result["github_id"], ) for result in results ] async def store_verification_code( self, id: UUID, verification_code: str, expiry: datetime ): query = f""" UPDATE {self._get_table_name(PostgresUserHandler.TABLE_NAME)} SET verification_code = $1, verification_code_expiry = $2 WHERE id = $3 """ await self.connection_manager.execute_query( query, [verification_code, expiry, id] ) async def verify_user(self, verification_code: str) -> None: query = f""" UPDATE {self._get_table_name(PostgresUserHandler.TABLE_NAME)} SET is_verified = TRUE, verification_code = NULL, verification_code_expiry = NULL WHERE verification_code = $1 AND verification_code_expiry > NOW() RETURNING id """ result = await self.connection_manager.fetchrow_query( query, [verification_code] ) if not result: raise R2RException( status_code=400, message="Invalid or expired verification code" ) async def remove_verification_code(self, verification_code: str): query = f""" UPDATE {self._get_table_name(PostgresUserHandler.TABLE_NAME)} SET verification_code = NULL, verification_code_expiry = NULL WHERE verification_code = $1 """ await self.connection_manager.execute_query(query, [verification_code]) async def expire_verification_code(self, id: UUID): query = f""" UPDATE {self._get_table_name(PostgresUserHandler.TABLE_NAME)} SET verification_code_expiry = NOW() - INTERVAL '1 day' WHERE id = $1 """ await self.connection_manager.execute_query(query, [id]) async def store_reset_token( self, id: UUID, reset_token: str, expiry: datetime ): query = f""" UPDATE {self._get_table_name(PostgresUserHandler.TABLE_NAME)} SET reset_token = $1, reset_token_expiry = $2 WHERE id = $3 """ await self.connection_manager.execute_query( query, [reset_token, expiry, id] ) async def get_user_id_by_reset_token( self, reset_token: str ) -> Optional[UUID]: query = f""" SELECT id FROM {self._get_table_name(PostgresUserHandler.TABLE_NAME)} WHERE reset_token = $1 AND reset_token_expiry > NOW() """ result = await self.connection_manager.fetchrow_query( query, [reset_token] ) return result["id"] if result else None async def remove_reset_token(self, id: UUID): query = f""" UPDATE {self._get_table_name(PostgresUserHandler.TABLE_NAME)} SET reset_token = NULL, reset_token_expiry = NULL WHERE id = $1 """ await self.connection_manager.execute_query(query, [id]) async def remove_user_from_all_collections(self, id: UUID): query = f""" UPDATE {self._get_table_name(PostgresUserHandler.TABLE_NAME)} SET collection_ids = ARRAY[]::UUID[] WHERE id = $1 """ await self.connection_manager.execute_query(query, [id]) async def add_user_to_collection( self, id: UUID, collection_id: UUID ) -> bool: # Check if the user exists if not await self.get_user_by_id(id): raise R2RException(status_code=404, message="User not found") # Check if the collection exists if not await self._collection_exists(collection_id): raise R2RException(status_code=404, message="Collection not found") query = f""" UPDATE {self._get_table_name(PostgresUserHandler.TABLE_NAME)} SET collection_ids = array_append(collection_ids, $1) WHERE id = $2 AND NOT ($1 = ANY(collection_ids)) RETURNING id """ result = await self.connection_manager.fetchrow_query( query, [collection_id, id] ) if not result: raise R2RException( status_code=400, message="User already in collection" ) update_collection_query = f""" UPDATE {self._get_table_name("collections")} SET user_count = user_count + 1 WHERE id = $1 """ await self.connection_manager.execute_query( query=update_collection_query, params=[collection_id], ) return True async def remove_user_from_collection( self, id: UUID, collection_id: UUID ) -> bool: if not await self.get_user_by_id(id): raise R2RException(status_code=404, message="User not found") query = f""" UPDATE {self._get_table_name(PostgresUserHandler.TABLE_NAME)} SET collection_ids = array_remove(collection_ids, $1) WHERE id = $2 AND $1 = ANY(collection_ids) RETURNING id """ result = await self.connection_manager.fetchrow_query( query, [collection_id, id] ) if not result: raise R2RException( status_code=400, message="User is not a member of the specified collection", ) return True async def get_users_in_collection( self, collection_id: UUID, offset: int, limit: int ) -> dict[str, list[User] | int]: """Get all users in a specific collection with pagination.""" if not await self._collection_exists(collection_id): raise R2RException(status_code=404, message="Collection not found") query, params = ( QueryBuilder(self._get_table_name(self.TABLE_NAME)) .select( [ "id", "email", "is_active", "is_superuser", "created_at", "updated_at", "is_verified", "collection_ids", "name", "bio", "profile_picture", "limits_overrides", "metadata", "account_type", "hashed_password", "google_id", "github_id", "COUNT(*) OVER() AS total_entries", ] ) .where("$1 = ANY(collection_ids)") .order_by("name") .offset("$2") .limit("$3" if limit != -1 else None) .build() ) conditions = [collection_id, offset] if limit != -1: conditions.append(limit) results = await self.connection_manager.fetch_query(query, conditions) users_list = [ User( id=row["id"], email=row["email"], is_active=row["is_active"], is_superuser=row["is_superuser"], created_at=row["created_at"], updated_at=row["updated_at"], is_verified=row["is_verified"], collection_ids=row["collection_ids"] or [], name=row["name"], bio=row["bio"], profile_picture=row["profile_picture"], limits_overrides=json.loads(row["limits_overrides"] or "{}"), metadata=json.loads(row["metadata"] or "{}"), account_type=row["account_type"], hashed_password=row["hashed_password"], google_id=row["google_id"], github_id=row["github_id"], ) for row in results ] total_entries = results[0]["total_entries"] if results else 0 return {"results": users_list, "total_entries": total_entries} async def mark_user_as_superuser(self, id: UUID): query = f""" UPDATE {self._get_table_name(PostgresUserHandler.TABLE_NAME)} SET is_superuser = TRUE, is_verified = TRUE, verification_code = NULL, verification_code_expiry = NULL WHERE id = $1 """ await self.connection_manager.execute_query(query, [id]) async def get_user_id_by_verification_code( self, verification_code: str ) -> UUID: query = f""" SELECT id FROM {self._get_table_name(PostgresUserHandler.TABLE_NAME)} WHERE verification_code = $1 AND verification_code_expiry > NOW() """ result = await self.connection_manager.fetchrow_query( query, [verification_code] ) if not result: raise R2RException( status_code=400, message="Invalid or expired verification code" ) return result["id"] async def mark_user_as_verified(self, id: UUID): query = f""" UPDATE {self._get_table_name(PostgresUserHandler.TABLE_NAME)} SET is_verified = TRUE, verification_code = NULL, verification_code_expiry = NULL WHERE id = $1 """ await self.connection_manager.execute_query(query, [id]) async def get_users_overview( self, offset: int, limit: int, user_ids: Optional[list[UUID]] = None, ) -> dict[str, list[User] | int]: """Return users with document usage and total entries.""" query = f""" WITH user_document_ids AS ( SELECT u.id as user_id, ARRAY_AGG(d.id) FILTER (WHERE d.id IS NOT NULL) AS doc_ids FROM {self._get_table_name(PostgresUserHandler.TABLE_NAME)} u LEFT JOIN {self._get_table_name("documents")} d ON u.id = d.owner_id GROUP BY u.id ), user_docs AS ( SELECT u.id, u.email, u.is_superuser, u.is_active, u.is_verified, u.name, u.bio, u.profile_picture, u.collection_ids, u.created_at, u.updated_at, COUNT(d.id) AS num_files, COALESCE(SUM(d.size_in_bytes), 0) AS total_size_in_bytes, ud.doc_ids as document_ids FROM {self._get_table_name(PostgresUserHandler.TABLE_NAME)} u LEFT JOIN {self._get_table_name("documents")} d ON u.id = d.owner_id LEFT JOIN user_document_ids ud ON u.id = ud.user_id {" WHERE u.id = ANY($3::uuid[])" if user_ids else ""} GROUP BY u.id, u.email, u.is_superuser, u.is_active, u.is_verified, u.created_at, u.updated_at, u.collection_ids, ud.doc_ids ) SELECT user_docs.*, COUNT(*) OVER() AS total_entries FROM user_docs ORDER BY email OFFSET $1 """ params: list = [offset] if limit != -1: query += " LIMIT $2" params.append(limit) if user_ids: params.append(user_ids) results = await self.connection_manager.fetch_query(query, params) if not results: raise R2RException(status_code=404, message="No users found") users_list = [] for row in results: users_list.append( User( id=row["id"], email=row["email"], is_superuser=row["is_superuser"], is_active=row["is_active"], is_verified=row["is_verified"], name=row["name"], bio=row["bio"], created_at=row["created_at"], updated_at=row["updated_at"], profile_picture=row["profile_picture"], collection_ids=row["collection_ids"] or [], num_files=row["num_files"], total_size_in_bytes=row["total_size_in_bytes"], document_ids=( list(row["document_ids"]) if row["document_ids"] else [] ), ) ) total_entries = results[0]["total_entries"] return {"results": users_list, "total_entries": total_entries} async def _collection_exists(self, collection_id: UUID) -> bool: """Check if a collection exists.""" query = f""" SELECT 1 FROM {self._get_table_name(PostgresCollectionsHandler.TABLE_NAME)} WHERE id = $1 """ result = await self.connection_manager.fetchrow_query( query, [collection_id] ) return result is not None async def get_user_validation_data( self, user_id: UUID, ) -> dict: """Get verification data for a specific user. This method should be called after superuser authorization has been verified. """ query = f""" SELECT verification_code, verification_code_expiry, reset_token, reset_token_expiry FROM {self._get_table_name("users")} WHERE id = $1 """ result = await self.connection_manager.fetchrow_query(query, [user_id]) if not result: raise R2RException(status_code=404, message="User not found") return { "verification_data": { "verification_code": result["verification_code"], "verification_code_expiry": ( result["verification_code_expiry"].isoformat() if result["verification_code_expiry"] else None ), "reset_token": result["reset_token"], "reset_token_expiry": ( result["reset_token_expiry"].isoformat() if result["reset_token_expiry"] else None ), } } # API Key methods async def store_user_api_key( self, user_id: UUID, key_id: str, hashed_key: str, name: Optional[str] = None, description: Optional[str] = None, ) -> UUID: """Store a new API key for a user with optional name and description.""" query = f""" INSERT INTO {self._get_table_name(PostgresUserHandler.API_KEYS_TABLE_NAME)} (user_id, public_key, hashed_key, name, description) VALUES ($1, $2, $3, $4, $5) RETURNING id """ result = await self.connection_manager.fetchrow_query( query, [user_id, key_id, hashed_key, name or "", description or ""] ) if not result: raise R2RException( status_code=500, message="Failed to store API key" ) return result["id"] async def get_api_key_record(self, key_id: str) -> Optional[dict]: """Get API key record by 'public_key' and update 'updated_at' to now. Returns { "user_id", "hashed_key" } or None if not found. """ query = f""" UPDATE {self._get_table_name(PostgresUserHandler.API_KEYS_TABLE_NAME)} SET updated_at = NOW() WHERE public_key = $1 RETURNING user_id, hashed_key """ result = await self.connection_manager.fetchrow_query(query, [key_id]) if not result: return None return { "user_id": result["user_id"], "hashed_key": result["hashed_key"], } async def get_user_api_keys(self, user_id: UUID) -> list[dict]: """Get all API keys for a user.""" query = f""" SELECT id, public_key, name, description, created_at, updated_at FROM {self._get_table_name(PostgresUserHandler.API_KEYS_TABLE_NAME)} WHERE user_id = $1 ORDER BY created_at DESC """ results = await self.connection_manager.fetch_query(query, [user_id]) return [ { "key_id": str(row["id"]), "public_key": row["public_key"], "name": row["name"] or "", "description": row["description"] or "", "updated_at": row["updated_at"], } for row in results ] async def delete_api_key(self, user_id: UUID, key_id: UUID) -> bool: """Delete a specific API key.""" query = f""" DELETE FROM {self._get_table_name(PostgresUserHandler.API_KEYS_TABLE_NAME)} WHERE id = $1 AND user_id = $2 RETURNING id, public_key, name, description """ result = await self.connection_manager.fetchrow_query( query, [key_id, user_id] ) if result is None: raise R2RException(status_code=404, message="API key not found") return True async def update_api_key_name( self, user_id: UUID, key_id: UUID, name: str ) -> bool: """Update the name of an existing API key.""" query = f""" UPDATE {self._get_table_name(PostgresUserHandler.API_KEYS_TABLE_NAME)} SET name = $1, updated_at = NOW() WHERE id = $2 AND user_id = $3 RETURNING id """ result = await self.connection_manager.fetchrow_query( query, [name, key_id, user_id] ) if result is None: raise R2RException(status_code=404, message="API key not found") return True async def export_to_csv( self, columns: Optional[list[str]] = None, filters: Optional[dict] = None, include_header: bool = True, ) -> tuple[str, IO]: """Creates a CSV file from the PostgreSQL data and returns the path to the temp file.""" valid_columns = { "id", "email", "is_superuser", "is_active", "is_verified", "name", "bio", "collection_ids", "created_at", "updated_at", } if not columns: columns = list(valid_columns) elif invalid_cols := set(columns) - valid_columns: raise ValueError(f"Invalid columns: {invalid_cols}") select_stmt = f""" SELECT id::text, email, is_superuser, is_active, is_verified, name, bio, collection_ids::text, to_char(created_at, 'YYYY-MM-DD HH24:MI:SS') AS created_at, to_char(updated_at, 'YYYY-MM-DD HH24:MI:SS') AS updated_at FROM {self._get_table_name(self.TABLE_NAME)} """ params = [] if filters: conditions = [] param_index = 1 for field, value in filters.items(): if field not in valid_columns: continue if isinstance(value, dict): for op, val in value.items(): if op == "$eq": conditions.append(f"{field} = ${param_index}") params.append(val) param_index += 1 elif op == "$gt": conditions.append(f"{field} > ${param_index}") params.append(val) param_index += 1 elif op == "$lt": conditions.append(f"{field} < ${param_index}") params.append(val) param_index += 1 else: # Direct equality conditions.append(f"{field} = ${param_index}") params.append(value) param_index += 1 if conditions: select_stmt = f"{select_stmt} WHERE {' AND '.join(conditions)}" select_stmt = f"{select_stmt} ORDER BY created_at DESC" temp_file = None try: temp_file = tempfile.NamedTemporaryFile( mode="w", delete=True, suffix=".csv" ) writer = csv.writer(temp_file, quoting=csv.QUOTE_ALL) async with self.connection_manager.pool.get_connection() as conn: # type: ignore async with conn.transaction(): cursor = await conn.cursor(select_stmt, *params) if include_header: writer.writerow(columns) chunk_size = 1000 while True: rows = await cursor.fetch(chunk_size) if not rows: break for row in rows: row_dict = { "id": row[0], "email": row[1], "is_superuser": row[2], "is_active": row[3], "is_verified": row[4], "name": row[5], "bio": row[6], "collection_ids": row[7], "created_at": row[8], "updated_at": row[9], } writer.writerow([row_dict[col] for col in columns]) temp_file.flush() return temp_file.name, temp_file except Exception as e: if temp_file: temp_file.close() raise HTTPException( status_code=500, detail=f"Failed to export data: {str(e)}", ) from e async def get_user_by_google_id(self, google_id: str) -> Optional[User]: """Return a User if the google_id is found; otherwise None.""" query, params = ( QueryBuilder(self._get_table_name("users")) .select( [ "id", "email", "is_superuser", "is_active", "is_verified", "created_at", "updated_at", "name", "profile_picture", "bio", "collection_ids", "limits_overrides", "metadata", "account_type", "hashed_password", "google_id", "github_id", ] ) .where("google_id = $1") .build() ) result = await self.connection_manager.fetchrow_query( query, [google_id] ) if not result: return None return User( id=result["id"], email=result["email"], is_superuser=result["is_superuser"], is_active=result["is_active"], is_verified=result["is_verified"], created_at=result["created_at"], updated_at=result["updated_at"], name=result["name"], profile_picture=result["profile_picture"], bio=result["bio"], collection_ids=result["collection_ids"] or [], limits_overrides=json.loads(result["limits_overrides"] or "{}"), metadata=json.loads(result["metadata"] or "{}"), account_type=result["account_type"], hashed_password=result["hashed_password"], google_id=result["google_id"], github_id=result["github_id"], ) async def get_user_by_github_id(self, github_id: str) -> Optional[User]: """Return a User if the github_id is found; otherwise None.""" query, params = ( QueryBuilder(self._get_table_name("users")) .select( [ "id", "email", "is_superuser", "is_active", "is_verified", "created_at", "updated_at", "name", "profile_picture", "bio", "collection_ids", "limits_overrides", "metadata", "account_type", "hashed_password", "google_id", "github_id", ] ) .where("github_id = $1") .build() ) result = await self.connection_manager.fetchrow_query( query, [github_id] ) if not result: return None return User( id=result["id"], email=result["email"], is_superuser=result["is_superuser"], is_active=result["is_active"], is_verified=result["is_verified"], created_at=result["created_at"], updated_at=result["updated_at"], name=result["name"], profile_picture=result["profile_picture"], bio=result["bio"], collection_ids=result["collection_ids"] or [], limits_overrides=json.loads(result["limits_overrides"] or "{}"), metadata=json.loads(result["metadata"] or "{}"), account_type=result["account_type"], hashed_password=result["hashed_password"], google_id=result["google_id"], github_id=result["github_id"], )