chore: refactor app dir & add .devcontainer

[qlawmarq]

Description

• Refactor: API, database connector.
• Add .devcontainer.

Summary by CodeRabbit

• New Features

  • Transitioned to a DatabaseConnector class for centralized database operations.
  • Improved password validation in user update requests to enforce security standards.

• Documentation

  • Streamlined the pull request template by removing the section for related issues.

• Environment Updates

  • Upgraded the Python version used in Dockerfiles for both development and production.
  • Adjusted environment variables for database configuration and application secrets.

• API Enhancements

  • Introduced versioning to authentication endpoints for improved API management.
  • Updated Python package versions to ensure compatibility and security.

• User Management

  • Updated setup instructions with new options and tools in the README.

• Database

  • Implemented a development container environment for better setup consistency.
  • Updated MySQL Dockerfile to use a newer base image version.

• Extensions

  • Recommended "Remote - Containers" extension for VS Code users working with dev containers.

[coderabbitai]

Walkthrough

The project has undergone significant changes, primarily focused on database interactions and API restructuring. The introduction of the DatabaseConnector class has revamped the way database queries are handled, affecting multiple files across the codebase. Additionally, environment configurations have been updated, and the codebase now aligns with more robust and scalable practices.

Changes

Files	Change Summary
.api/auth/controllers.py, .api/auth/provider.py, .api/user/controllers.py	Replaced direct database function calls with DatabaseConnector. Altered control flow for database operations.
.api/database/connector.py	Added methods for handling database connections and queries within DatabaseConnector class.
.api/auth/provider.py	Modified import statements and added assignments for DatabaseConnector methods.
.api/dev.Dockerfile, .api/prod.Dockerfile	Upgraded to Python 3.12 and updated environment variables.
.api/local.env, .mysql/local.env	Updated environment variable values and introduced DATABASE_PORT.
.api/requirements.txt	Updated package versions and separated dependencies.
.api/auth/routers.py	Modified authentication API endpoint paths.
.api/user/models.py	Renamed and enhanced password validation method.
.mysql/Dockerfile	Updated MySQL base image version.
.devcontainer/devcontainer.json	Added configurations for the development container environment.
.github/PULL_REQUEST_TEMPLATE.md, .vscode/extensions.json	Updated PR template and recommended extensions.
README.md	Revised setup instructions and updated tool references.

Poem

🐇✨
In code's burrow, deep and wide,
A rabbit's touch has turned the tide.
With Python's leap and Docker's ship,
Our project hops with a techy skip! 🚀🎉

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on X ?

---

Tips

Chat with CodeRabbit Bot (@coderabbitai)

• You can reply to a review comment made by CodeRabbit.
• You can tag CodeRabbit on specific lines of code or files in the PR by tagging @coderabbitai in a comment.
• You can tag @coderabbitai in a PR comment and ask one-off questions about the PR and the codebase. Use quoted replies to pass the context for follow-up questions.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• The JSON schema for the configuration file is available here.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/coderabbit-overrides.v2.json

[coderabbitai]

Review Status

Actionable comments generated: 13

Configuration used: CodeRabbit UI

Commits

Files that changed from the base of the PR and between 6e484d4 and 91151eb.

Files selected for processing (16)

• .devcontainer/devcontainer.json (1 hunks)
• .github/PULL_REQUEST_TEMPLATE.md (1 hunks)
• .vscode/extensions.json (1 hunks)
• README.md (4 hunks)
• api/auth/controllers.py (2 hunks)
• api/auth/provider.py (1 hunks)
• api/auth/routers.py (3 hunks)
• api/database/connector.py (1 hunks)
• api/dev.Dockerfile (1 hunks)
• api/local.env (1 hunks)
• api/prod.Dockerfile (1 hunks)
• api/requirements.txt (1 hunks)
• api/user/controllers.py (7 hunks)
• api/user/models.py (1 hunks)
• mysql/Dockerfile (1 hunks)
• mysql/local.env (1 hunks)

Files skipped from review due to trivial changes (7)

• .devcontainer/devcontainer.json
• .github/PULL_REQUEST_TEMPLATE.md
• .vscode/extensions.json
• README.md
• api/dev.Dockerfile
• api/local.env
• mysql/Dockerfile

Additional comments: 21

api/auth/controllers.py (2)

• 2-2: The import statement for DatabaseConnector is correct and aligns with the PR's objective to centralize database operations.

• 19-19: Ensure that the query_put method of the DatabaseConnector class is used correctly, with the appropriate SQL query and parameters. The actual query is not visible in the hunk, so it should be reviewed in the full context of the file.

api/auth/provider.py (4)

• 3-3: The import statement correctly reflects the new structure of the database connector module.

• 1-15: > Note: This review was outside the patches, and no patch overlapping with it was found. Original lines [24-24]

Ensure that all required environment variables are checked during initialization to prevent runtime errors.

• 1-15: > Note: This review was outside the patches, and no patch overlapping with it was found. Original lines [24-24]

Verify that the refactoring has not affected the JWT token handling and that all related endpoints and configurations are updated accordingly.

• 1-15: > Note: This review was outside the patches, and no patch overlapping with it was found. Original lines [24-24]

Verify that the refactoring has not affected password hashing and verification and that all related endpoints and configurations are updated accordingly.

api/auth/routers.py (7)

• 20-23: The endpoint path has been correctly updated to /v1/auth/signup. Ensure that corresponding changes are made in the documentation, client-side code, and any other place where the old endpoint might be referenced.

• 39-42: The endpoint path has been correctly updated to /v1/auth/signin. Similar to the signup endpoint, verify that all references to the old endpoint are updated accordingly.

• 58-61: The endpoint path has been correctly updated to /v1/auth/refresh-token. As with the other endpoints, ensure that all references to the old endpoint are updated throughout the codebase and documentation.

• 17-23: > Note: This review was outside the patches, so it was mapped to the patch with the greatest overlap. Original lines [17-61]

While the changes to the endpoint paths are approved, ensure to verify the security and functionality of the new .devcontainer configuration, Dockerfile updates, and environment variable changes as these are critical to the application's operation and security.

• 17-23: > Note: This review was outside the patches, so it was mapped to the patch with the greatest overlap. Original lines [17-61]

Ensure that the refactoring to use the new DatabaseConnector class is consistently applied across all API controllers and that it does not introduce any regressions or performance issues.

• 17-23: > Note: This review was outside the patches, so it was mapped to the patch with the greatest overlap. Original lines [17-61]

Confirm that the updated dependencies in api/requirements.txt do not introduce any compatibility issues with the existing codebase and that all necessary migrations or code changes have been made to accommodate these updates.

• 17-23: > Note: This review was outside the patches, so it was mapped to the patch with the greatest overlap. Original lines [17-61]

Verify that the new password_validator method in the UserUpdateRequestModel is correctly implemented and does not introduce any security vulnerabilities, especially considering the importance of password validation in authentication.

api/prod.Dockerfile (1)

• 13-13: The change from DATABASE_SOCKET to DATABASE_PORT with the value 3306 is appropriate for MySQL connections. Ensure that this change is reflected in the application's database configuration.

Verification successful

---

The verification process has confirmed that the DATABASE_PORT environment variable is being used in the api/database/connector.py file, where it is read and converted to an integer for the database connection configuration. This aligns with the changes made in the api/prod.Dockerfile, where the DATABASE_PORT environment variable was set to 3306.

Scripts Executed

The following scripts were executed for the analysis:

---

Script:

#!/bin/bash
# Verify that the application's database configuration has been updated to use DATABASE_PORT.
rg --type python 'DATABASE_PORT' -- 'api/**/*.py'

Length of output: 80

---

---

Script:

#!/bin/bash
# Verify that the application's database configuration has been updated to use DATABASE_PORT.
rg 'DATABASE_PORT' -- 'api/**/*.py'

Length of output: 87

---

---

Script:

#!/bin/bash
# Find all Python files and search for the DATABASE_PORT variable.
fd --extension py | xargs rg 'DATABASE_PORT'

Length of output: 122

api/requirements.txt (1)

• 1-8: The updates to the dependencies in api/requirements.txt look appropriate, but it's crucial to ensure that these new versions do not introduce breaking changes or incompatibilities with the existing code. It would be beneficial to run tests and check the changelogs of these dependencies for any breaking changes or required migration steps.

api/user/controllers.py (4)

• 8-8: The instantiation of DatabaseConnector is correct and follows the PR's objective to centralize database operations.

• 23-26: Ensure that the DatabaseConnector.query_put method is correctly implemented and that its usage here correctly replaces the previous query_put function.

• 60-63: Ensure that the DatabaseConnector.query_get method is correctly implemented and that its usage here correctly replaces the previous query_get function.

• 2-2: Verify that the DatabaseConnector class is correctly implemented and used consistently across the codebase.

Verification successful

---

The output from the shell scripts provides the following information:

1. The DatabaseConnector class is indeed implemented in api/database/connector.py with the methods get_connection, query_get, query_put, and query_update. This confirms that the class exists and has the expected methods for database operations.

2. The DatabaseConnector is being used in api/auth/controllers.py, api/auth/provider.py, and api/user/controllers.py. The context provided around the matches shows that the class is instantiated and its methods are being called, which suggests consistent usage across these parts of the codebase.

Based on this information, it can be concluded that the DatabaseConnector class is correctly implemented and is being used consistently in the files where it was expected to be used. Therefore, the changes related to the DatabaseConnector in the PR seem to be correctly implemented.

Scripts Executed

The following scripts were executed for the analysis:

---

Script:

#!/bin/bash
# Verify the correct implementation of DatabaseConnector
ast-grep --lang python --pattern $'class DatabaseConnector {
  $$$
  def query_get($_, $_) {
    $$$
  }
  $$$
  def query_put($_, $_) {
    $$$
  }
  $$$
  def query_update($_, $_) {
    $$$
  }
  $$$
}'

# Search for usage of DatabaseConnector across the codebase
rg --type python 'DatabaseConnector' --files-with-matches

Length of output: 639

---

---

Script:

#!/bin/bash
# Verify the correct implementation of DatabaseConnector
ast-grep --lang python --pattern $'class DatabaseConnector {
  $$$
}'

# Search for usage of DatabaseConnector across the codebase without specifying file type
rg 'DatabaseConnector' --files-with-matches

Length of output: 665

---

---

Script:

#!/bin/bash
# Output the contents of the api/database/connector.py file to verify the implementation of DatabaseConnector
rg --files-with-matches --no-messages 'class DatabaseConnector' api/database/connector.py | xargs cat

# Check the usage of DatabaseConnector in the other files to ensure consistency
rg 'DatabaseConnector' api/user/controllers.py api/auth/provider.py api/auth/controllers.py -C 5

Length of output: 4653

api/user/models.py (2)

• 13-20: The password_validator method correctly handles empty or short passwords by raising a validation error if the password length is less than 8 characters. This change aligns with the PR's objective to enhance password validation.

• 13-13: Verify that the renaming of the empty_str_to_none method to password_validator and its updated logic are correctly integrated into the codebase, and that all references to this method have been updated accordingly.

[coderabbitai]

Review Status

Actionable comments generated: 4

Configuration used: CodeRabbit UI

Commits

Files that changed from the base of the PR and between 91151eb and e7ce85a.

Files selected for processing (4)

• api/auth/controllers.py (2 hunks)
• api/auth/provider.py (1 hunks)
• api/database/connector.py (1 hunks)
• api/user/controllers.py (6 hunks)

Files skipped from review as they are similar to previous changes (2)

• api/auth/controllers.py
• api/user/controllers.py

Additional comments: 6

api/auth/provider.py (5)

• 3-3: The import change reflects the refactoring to use the new DatabaseConnector class.

• 11-11: Verify that the DatabaseConnector is designed to be safely instantiated at the module level and that it does not hold state that should be unique per request or usage.

• 3-12: Ensure that the refactored query_get method is compatible with its usage in the AuthProvider class and that any necessary adjustments have been made to accommodate the changes.

• 1-9: Verify that the changes to environment variables in api/local.env and api/prod.Dockerfile are correctly reflected and handled in the AuthProvider class, particularly for self.SECRET_KEY.

• 1-9: Review the SQL query and parameter passing in the AuthProvider class's get_user_by_email method to ensure compatibility with the new query_get method from the DatabaseConnector class.

api/database/connector.py (1)

• 39-63: Ensure that the parameters passed to query_get and query_put methods are properly sanitized to prevent SQL injection vulnerabilities. It's good practice to validate or sanitize input at the boundaries of your system.

[coderabbitai]

Review Status

Actionable comments generated: 0

Configuration used: CodeRabbit UI

Commits

Files that changed from the base of the PR and between e7ce85a and 2ae7f1d.

Files selected for processing (1)

• api/auth/provider.py (2 hunks)

Additional comments: 4

api/auth/provider.py (4)

• 3-3: The import statement correctly reflects the new location of the DatabaseConnector class after refactoring.

• 11-11: Consider the implications of instantiating DatabaseConnector at the module level, as this could lead to potential issues with database connection management if not handled correctly within the class.

• 127-130: The get_user_by_email method has been updated to use the db_connector for database queries, which aligns with the PR's refactoring goals.

• 1-15: > Note: This review was outside the patches, so it was mapped to the patch with the greatest overlap. Original lines [1-130]

Verify that all parts of the codebase that previously accessed the database directly have been updated to use the new DatabaseConnector class.

Verification successful

---

The executed shell scripts did not produce any output, which suggests that there are no occurrences of the old direct database access pattern query_get( or direct imports from database without using database.connector in Python files within the codebase. This indicates that the refactoring to use the new DatabaseConnector class may have been successfully applied throughout the codebase.

Based on the information gathered from the scripts, it appears that the necessary changes have been made in accordance with the PR's objectives.

Scripts Executed

The following scripts were executed for the analysis:

---

Script:

#!/bin/bash
# Search for old direct database access pattern and ensure it's replaced with DatabaseConnector usage.
rg --type python 'query_get\(' --files-with-matches | xargs -L1 ast-grep --lang python --pattern $'query_get($_)'
# Expecting no results for the old pattern, only results where DatabaseConnector.query_get is used.

Length of output: 145

---

---

Script:

#!/bin/bash
# Search for old direct database access pattern and ensure it's replaced with DatabaseConnector usage.
rg 'query_get\(' --files-with-matches | grep '\.py$' | xargs -L1 ast-grep --lang python --pattern $'query_get($_)'
# Expecting no results for the old pattern, only results where DatabaseConnector.query_get is used.

Length of output: 115

---

---

Script:

#!/bin/bash
# Search for any direct imports from `database` that do not use `database.connector`.
rg --type py 'from\s+database\s+import' --files-with-matches
# Expecting no results for the old import pattern.

Length of output: 62