updated

Author: wpcodevo

app/email.py

@@ -32,8 +32,8 @@ async def sendMail(self, subject, template):
             MAIL_FROM=settings.EMAIL_FROM,
             MAIL_PORT=settings.EMAIL_PORT,
             MAIL_SERVER=settings.EMAIL_HOST,
-            MAIL_TLS=True,
-            MAIL_SSL=False,
+            MAIL_STARTTLS=False,
+            MAIL_SSL_TLS=False,
             USE_CREDENTIALS=True,
             VALIDATE_CERTS=True
         )

app/routers/post.py

@@ -1,4 +1,3 @@
-from datetime import datetime
 import uuid
 from .. import schemas, models
 from sqlalchemy.orm import Session
@@ -31,20 +30,18 @@ def create_post(post: schemas.CreatePostSchema, db: Session = Depends(get_db), o
 @router.put('/{id}', response_model=schemas.PostResponse)
 def update_post(id: str, post: schemas.UpdatePostSchema, db: Session = Depends(get_db), user_id: str = Depends(require_user)):
     post_query = db.query(models.Post).filter(models.Post.id == id)
-    db_post = post_query.first()
+    updated_post = post_query.first()
 
-    if not db_post:
+    if not updated_post:
         raise HTTPException(status_code=status.HTTP_200_OK,
                             detail=f'No post with this id: {id} found')
-    if db_post.user_id != uuid.UUID(user_id):
+    if updated_post.user_id != uuid.UUID(user_id):
         raise HTTPException(status_code=status.HTTP_403_FORBIDDEN,
                             detail='You are not allowed to perform this action')
-    post.user_id = db_post.user_id
-    post.created_at = db_post.created_at
-    post.updated_at = datetime.utcnow()
-    post_query.update(post.dict(exclude_none=True), synchronize_session=False)
+    post.user_id = user_id
+    post_query.update(post.dict(exclude_unset=True), synchronize_session=False)
     db.commit()
-    return db_post
+    return updated_post
 
 
 @router.get('/{id}', response_model=schemas.PostResponse)
@@ -63,6 +60,10 @@ def delete_post(id: str, db: Session = Depends(get_db), user_id: str = Depends(r
     if not post:
         raise HTTPException(status_code=status.HTTP_404_NOT_FOUND,
                             detail=f'No post with this id: {id} found')
+
+    if str(post.user_id) != user_id:
+        raise HTTPException(status_code=status.HTTP_403_FORBIDDEN,
+                            detail='You are not allowed to perform this action')
     post_query.delete(synchronize_session=False)
     db.commit()
     return Response(status_code=status.HTTP_204_NO_CONTENT)

requirements.txt

@@ -1,46 +1,46 @@
-alembic==1.8.0
-anyio==3.6.1
-asgiref==3.5.2
-autopep8==1.6.0
-bcrypt==3.2.2
-certifi==2022.6.15
+aiosmtplib==1.1.7
+alembic==1.9.0
+anyio==3.6.2
+autopep8==2.0.1
+bcrypt==4.0.1
+blinker==1.5
+certifi==2022.12.7
 cffi==1.15.1
-charset-normalizer==2.1.0
 click==8.1.3
-colorama==0.4.5
+colorama==0.4.6
 cryptography==3.4.8
 dnspython==2.2.1
-email-validator==1.2.1
-fastapi==0.78.0
+email-validator==1.3.0
+fastapi==0.88.0
 fastapi-jwt-auth==0.5.0
-greenlet==1.1.2
-h11==0.13.0
-httptools==0.4.0
-idna==3.3
+fastapi-mail==1.2.2
+greenlet==2.0.1
+h11==0.14.0
+httpcore==0.16.3
+httptools==0.5.0
+httpx==0.23.1
+idna==3.4
 itsdangerous==2.1.2
 Jinja2==3.1.2
-Mako==1.2.1
+Mako==1.2.4
 MarkupSafe==2.1.1
-orjson==3.7.6
+orjson==3.8.3
 passlib==1.7.4
-psycopg2==2.9.3
-pycodestyle==2.8.0
+psycopg2==2.9.5
+pycodestyle==2.10.0
 pycparser==2.21
-pydantic==1.9.1
+pydantic==1.10.2
 PyJWT==1.7.1
-python-dotenv==0.20.0
+python-dotenv==0.21.0
 python-multipart==0.0.5
 PyYAML==6.0
-requests==2.28.1
+rfc3986==1.5.0
 six==1.16.0
-sniffio==1.2.0
-SQLAlchemy==1.4.39
-starlette==0.19.1
-toml==0.10.2
-typing_extensions==4.3.0
-tzdata==2022.1
-ujson==5.4.0
-urllib3==1.26.9
-uvicorn==0.17.6
-watchgod==0.8.2
-websockets==10.3
+sniffio==1.3.0
+SQLAlchemy==1.4.45
+starlette==0.21.0
+typing_extensions==4.4.0
+ujson==5.6.0
+uvicorn==0.20.0
+watchfiles==0.18.1
+websockets==10.4