add firebase

.env

@@ -27,6 +27,7 @@ BEDROCK_PROVIDER=anthropic
 AWS_ACCESS_KEY=
 AWS_SECRET_KEY=
 AWS_REGION=us-east-1
+FIREBASE_API_KEY=AIzaSyDGHPfzwPiVGWccTnnyPcEoS-FU6He6tDs
 
 
 

app/api/endpoints/v1/firebaseauth/app.py

@@ -1,4 +1,6 @@
+import os
 import datetime
+import requests
 from app import router
 from fastapi import FastAPI, Depends, HTTPException, status, Request, APIRouter
 from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
@@ -6,13 +8,12 @@ import firebase_admin
 from firebase_admin import credentials, auth
 from sqlalchemy.ext.asyncio import AsyncSession
 from sqlalchemy import select
-from app.models.api.user import UserCreate, UserSignIn, PasswordReset, TokenVerify, UserResponse,EmailVerifyRequest
+from app.models.api.user import UserCreate, UserSignIn, PasswordReset, TokenVerify, UserResponse, EmailVerifyRequest
 from app.models.database.DBUser import DBUser
 from app.core.database.session_manager import get_db_session as get_db
-import os 
 
 
-router=APIRouter(prefix="/FirebaseAuth", tags=["Firebase Auth"])
+router = APIRouter(prefix="/FirebaseAuth", tags=["Firebase Auth"])
 
 # Initialize OAuth2 scheme
 oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/FirebaseAuth/token")
@@ -42,7 +43,6 @@ async def verify_firebase_token(token: str = Depends(oauth2_scheme)) -> dict:
 
 # Initialize Firebase Admin SDK with better error handling
 try:
-    
     current_dir = os.path.dirname(os.path.abspath(__file__))
     # Try multiple possible paths for the service account file
     service_account_paths = [
@@ -148,15 +148,41 @@ async def create_user(user_data: UserCreate, db: AsyncSession = Depends(get_db))
 async def signin_user(user_data: UserSignIn, db: AsyncSession = Depends(get_db)):
     """Sign in user and return token"""
     try:
-        # Verify user exists in Firebase
-        firebase_user = auth.get_user_by_email(user_data.email)
+        # Get Firebase API key from environment variable
+        api_key = os.getenv("FIREBASE_API_KEY")
+        if not api_key:
+            raise ValueError("FIREBASE_API_KEY environment variable is not set")
+            
+        # Call Firebase Auth REST API to sign in with email/password
+        response = requests.post(
+            f"https://identitytoolkit.googleapis.com/v1/accounts:signInWithPassword?key={api_key}",
+            json={
+                "email": user_data.email,
+                "password": user_data.password,
+                "returnSecureToken": True
+            }
+        )
+        
+        if response.status_code != 200:
+            error_data = response.json()
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                detail=f"Authentication failed: {error_data.get('error', {}).get('message', 'Invalid credentials')}"
+            )
+            
+        auth_data = response.json()
+        id_token = auth_data["idToken"]
         
-        # Generate custom token
-        custom_token = auth.create_custom_token(firebase_user.uid)
+        # Verify the ID token
+        decoded_token = auth.verify_id_token(id_token)
+        user_id = decoded_token["uid"]
+        
+        # Get user from Firebase
+        firebase_user = auth.get_user(user_id)
         
         # Update last login in database
         result = await db.execute(
-            select(DBUser).filter(DBUser.firebase_uid == firebase_user.uid)
+            select(DBUser).filter(DBUser.firebase_uid == user_id)
         )
         db_user = result.scalar_one_or_none()
         
@@ -165,7 +191,7 @@ async def signin_user(user_data: UserSignIn, db: AsyncSession = Depends(get_db))
             await db.commit()
         
         return {
-            "access_token": custom_token.decode() if isinstance(custom_token, bytes) else custom_token,
+            "access_token": id_token,
             "token_type": "bearer",
             "user": {
                 "firebase_uid": firebase_user.uid,
@@ -175,6 +201,8 @@ async def signin_user(user_data: UserSignIn, db: AsyncSession = Depends(get_db))
             }
         }
     except Exception as e:
+        if isinstance(e, HTTPException):
+            raise e
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
             detail=f"Authentication failed: {str(e)}"
@@ -218,7 +246,7 @@ async def get_current_user(
 @router.post("/resend-verification", status_code=status.HTTP_200_OK)
 async def resend_verification_email(
     email_data: EmailVerifyRequest = None,
-    current_user: UserResponse = Depends(get_current_user)
+    current_user: dict = Depends(verify_firebase_token)
 ):
     """
     Resend verification email to a user
@@ -229,7 +257,7 @@ async def resend_verification_email(
     try:
         # If email is provided in request body, use that
         # Otherwise use logged in user's email
-        email = email_data.email if email_data else current_user.email
+        email = email_data.email if email_data and email_data.email else current_user["email"]
         
         # Check if user exists
         try:
@@ -266,9 +294,6 @@ async def resend_verification_email(
             detail=f"Failed to resend verification email: {str(e)}"
         )
 
-
-    email: EmailStr
-
 @router.post("/check-email-verified")
 async def check_email_verified(email_data: EmailVerifyRequest):
     """Check if a user's email is verified"""
@@ -354,24 +379,60 @@ async def verify_token(token_data: TokenVerify, db: AsyncSession = Depends(get_d
             status_code=status.HTTP_401_UNAUTHORIZED,
             detail=f"Token verification failed: {str(e)}"
         )
+
 @router.post("/token")
-async def get_token(form_data: OAuth2PasswordRequestForm = Depends()):
-    """Get access token"""
+async def get_token(form_data: OAuth2PasswordRequestForm = Depends(), db: AsyncSession = Depends(get_db)):
+    """Get access token using OAuth2 form"""
     try:
-        # Get Firebase user
-        firebase_user = auth.get_user_by_email(form_data.username)
+        # Get Firebase API key from environment variable
+        api_key = os.getenv("FIREBASE_API_KEY")
+        if not api_key:
+            raise ValueError("FIREBASE_API_KEY environment variable is not set")
+            
+        # Call Firebase Auth REST API to sign in with email/password
+        response = requests.post(
+            f"https://identitytoolkit.googleapis.com/v1/accounts:signInWithPassword?key={api_key}",
+            json={
+                "email": form_data.username,  # Username field contains email
+                "password": form_data.password,
+                "returnSecureToken": True
+            }
+        )
+        
+        if response.status_code != 200:
+            error_data = response.json()
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                detail=f"Authentication failed: {error_data.get('error', {}).get('message', 'Invalid credentials')}"
+            )
+            
+        auth_data = response.json()
+        id_token = auth_data["idToken"]
+        
+        # Verify the ID token
+        decoded_token = auth.verify_id_token(id_token)
+        user_id = decoded_token["uid"]
+        
+        # Update last login in database
+        result = await db.execute(
+            select(DBUser).filter(DBUser.firebase_uid == user_id)
+        )
+        db_user = result.scalar_one_or_none()
         
-        # Create custom token
-        custom_token = auth.create_custom_token(firebase_user.uid)
+        if db_user:
+            db_user.last_login = datetime.datetime.utcnow()
+            await db.commit()
         
         return {
-            "access_token": custom_token.decode() if isinstance(custom_token, bytes) else custom_token,
+            "access_token": id_token,
             "token_type": "bearer"
         }
     except Exception as e:
+        if isinstance(e, HTTPException):
+            raise e
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
-            detail="Invalid credentials"
+            detail=f"Authentication failed: {str(e)}"
         )
 
 # Function to verify token
@@ -388,5 +449,5 @@ async def verify_token(token: str = Depends(oauth2_scheme)):
 
 # Example protected route
 @router.get("/protected")
-async def protected_route(token: str = Depends(verify_token)):
+async def protected_route(token: dict = Depends(verify_token)):
     return {"message": "You have access!", "token_info": token}

logs/app.log

@@ -18,3 +18,11 @@
 2025-04-18T15:44:43.336345Z [info     ] Started server process [8]     [uvicorn.error] filename=server.py func_name=serve lineno=76
 2025-04-18T15:44:43.338237Z [info     ] Waiting for application startup. [uvicorn.error] filename=on.py func_name=startup lineno=48
 2025-04-18T15:44:43.342127Z [info     ] Application startup complete.  [uvicorn.error] filename=on.py func_name=startup lineno=62
+2025-04-18T16:13:09.189653Z [info     ] Shutting down                  [uvicorn.error] filename=server.py func_name=shutdown lineno=265
+2025-04-18T16:13:09.329875Z [info     ] Waiting for application shutdown. [uvicorn.error] filename=on.py func_name=shutdown lineno=67
+2025-04-18T16:13:09.363708Z [info     ] Application shutdown complete. [uvicorn.error] filename=on.py func_name=shutdown lineno=78
+2025-04-18T16:13:09.375566Z [info     ] Finished server process [8]    [uvicorn.error] filename=server.py func_name=serve lineno=86
+2025-04-18T16:13:31.420177Z [info     ] Application started            [app.main] filename=main.py func_name=<module> lineno=37 project=MailPilot_ai_agents version=0.1.0-alpha
+2025-04-18T16:13:31.425990Z [info     ] Started server process [11]    [uvicorn.error] filename=server.py func_name=serve lineno=76
+2025-04-18T16:13:31.427509Z [info     ] Waiting for application startup. [uvicorn.error] filename=on.py func_name=startup lineno=48
+2025-04-18T16:13:31.430441Z [info     ] Application startup complete.  [uvicorn.error] filename=on.py func_name=startup lineno=62