feat(account): GET /me user endpoint only, disable cache and extra routers

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-12 20:44:35 +03:00
commit d94dd31439
107 changed files with 5083 additions and 0 deletions
--- a/src/application/commands/update_bank_details_start.py
+++ b/src/application/commands/update_bank_details_start.py
@@ -0,0 +1,126 @@
+import secrets
+from datetime import datetime, timezone
+from ulid import ULID
+from src.application.abstractions import IUnitOfWork
+from src.application.contracts import IHashService, ICache, ILogger, IQueueMessanger
+from src.application.domain.exceptions import ApplicationException
+from src.infrastructure.config import settings
+from src.infrastructure.context_vars import trace_id_var
+from src.infrastructure.database.decorators import transactional
+
+
+class UpdateBankDetailsStartCommand:
+    def __init__(
+            self,
+            hash_service: IHashService,
+            cache: ICache,
+            unit_of_work: IUnitOfWork,
+            logger: ILogger,
+            messanger: IQueueMessanger,
+    ):
+        self._hash_service = hash_service
+        self._unit_of_work = unit_of_work
+        self._cache = cache
+        self._logger = logger
+        self._messanger = messanger
+
+    @transactional
+    async def __call__(self, user_id: str) -> bool:
+        TTL = 300
+        LOCK_TTL = 30
+        MAX_ATTEMPTS = 20
+
+        USER_PREFIX = 'bank_details:user:'
+        CODE_PREFIX = 'bank_details:code:'
+        LOCK_PREFIX = 'bank_details:lock:'
+
+        user = await self._unit_of_work.user_repository.get_user_by_id(user_id=user_id)
+
+        if not user.email:
+            self._logger.warning(f'User {user_id} does not have an email address')
+            raise ApplicationException(status_code=404, message=f'User {user_id} does not have an email address')
+
+        trace_id = trace_id_var.get()
+        if not trace_id or trace_id == 'N/A':
+            trace_id = None
+
+        lock_key = f'{LOCK_PREFIX}{user_id}'
+        locked = await self._cache.set_nx(lock_key, '1', ttl=LOCK_TTL)
+        if not locked:
+            self._logger.info(f'Bank details update throttled by lock (user_id={user_id})')
+            raise ApplicationException(429, 'Too many requests. Please wait.')
+
+        try:
+            user_key = f'{USER_PREFIX}{user_id}'
+
+            existing = await self._cache.get(user_key)
+            if existing:
+                self._logger.info(f'Bank details update denied: code already exists for user_id={user_id}')
+                raise ApplicationException(429, 'Code already sent. Please wait before retrying.')
+
+            for _ in range(MAX_ATTEMPTS):
+                code = f'{secrets.randbelow(1_000_000):06d}'
+                code_key = f'{CODE_PREFIX}{code}'
+
+                code_hash = await self._hash_service.hash(code)
+
+                reserved = await self._cache.set_nx(code_key, user_id, ttl=TTL)
+                if not reserved:
+                    continue
+
+                saved = await self._cache.set(user_key, code_hash, ttl=TTL)
+                if not saved:
+                    await self._cache.delete(code_key)
+                    self._logger.error(f'Bank details update failed: cannot save code hash for user_id={user_id}')
+                    raise ApplicationException(503, 'Temporary error. Please try again.')
+
+                message_id = str(ULID())
+                now = datetime.now(timezone.utc).isoformat()
+
+                metadata = {
+                    'trace_id': trace_id,
+                    'source': 'user-service',
+                    'timestamp': now,
+                    'message_id': message_id,
+                }
+
+                payload = {
+                    'email': user.email,
+                    'code': code,
+                    'ttl_seconds': TTL,
+                }
+
+                message = {
+                    'event': 'bank_details_update',
+                    'payload': payload,
+                    'metadata': metadata,
+                }
+
+                self._logger.info(f'Bank details update code created for user_id={user_id}')
+
+                try:
+                    await self._messanger.publish_to_queue(
+                        queue=settings.RABBIT_EMAIL_CODE_QUEUE,
+                        message=message,
+                        persist=True,
+                        correlation_id=trace_id,
+                        message_id=message_id,
+                        headers={'trace_id': trace_id} if trace_id else None,
+                    )
+                except Exception as exception:
+                    try:
+                        await self._cache.delete(user_key)
+                        await self._cache.delete(code_key)
+                    except Exception as rollback_err:
+                        self._logger.error(f'Publish failed and rollback cache failed for user_id={user_id}: {str(rollback_err)}')
+
+                    self._logger.error(f'Failed to publish bank details update email for user_id={user_id}: {str(exception)}')
+                    raise ApplicationException(503, 'Temporary error. Please try again.')
+
+                return True
+
+            self._logger.error(f'Bank details update failed: code space exhausted for user_id={user_id}')
+            raise ApplicationException(503, 'Temporary error. Please try again.')
+
+        finally:
+            await self._cache.delete(lock_key)