fix: create user session asynchronously to prevent latency

Author: Tha-Orakkle

api/utils/session_helpers.py

@@ -1,32 +1,38 @@
-import requests
-
-from fastapi import Request
+import httpx
+from fastapi import Request, BackgroundTasks
+from sqlalchemy.orm import Session
 
+from api.db.database import get_db
 from api.v1.schemas.session import SessionCreate
+from api.v1.services.session import SessionService
 from api.utils.client_helpers import get_ip_address
 
 
-def get_ip_location(ip):
+async def get_ip_location(ip):
     """ Get IP location.
     
     Args:
         ip (str): IP address
     """
     country = region = "Unknown"
-    
+
     try:
-        response = requests.get(f"https://ipinfo.io/{ip}/json/", timeout=10)
-        if response.status_code != 200:
-            return f"{region}, {country}"
-        data = response.json()
-        region = data.get("region", "Unknown")
-        country = data.get("country", "Unknown")
-    except Exception as e:
-        return f"{region}, {country}"
+        async with httpx.AsyncClient() as client:
+            response = await client.get(f"https://ipinfo.io/{ip}/json/", timeout=10)
+            response.raise_for_status()
+            data = response.json()
+            region = data.get("region", "Unknown")
+            country = data.get("country", "Unknown")
+    except httpx.RequestError as exc:
+        print(f"An error occurred while requesting {exc.request.url!r}.")
+    except httpx.HTTPStatusError as exc:
+        print(f"Error response {exc.response.status_code} while requesting {exc.request.url!r}.")
+    except Exception as exc:
+        print(f"An unexpected error occurred: {exc}")
+    
     return f"{region}, {country}"
-
-
-def get_session_schema_data(request: Request, refresh_token: str = "", expires_at: str = ""):
+    
+async def get_session_schema_data(request: Request, refresh_token: str = "", expires_at: str = ""):
     """Get session schema data.
     
     Args:
@@ -35,12 +41,34 @@ def get_session_schema_data(request: Request, refresh_token: str = "", expires_a
         expires_at (str): Expiry date
     """
     ip = get_ip_address(request)
-    user_agent= request.headers.get("User-Agent")
     return SessionCreate(
         ip_address=ip,
-        location=get_ip_location(ip),
-        device=user_agent,
+        location=await get_ip_location(ip),
+        device=request.headers.get("User-Agent"),
         is_revoked=False,
         refresh_token=refresh_token,
         expires_at=expires_at
     )
+
+async def create_session_for_user(
+        request: Request,
+        user_id: str,
+        refresh_token: str = "",
+        expires_at: str = "",
+    ):
+    """Create session for user.
+    
+    Args:
+        request (Request): Request object
+        db: Database session
+        refresh_token (str): Refresh token
+        expires_at (str): Expiry date
+    """
+    session_data: SessionCreate = await get_session_schema_data(
+        request,
+        refresh_token=refresh_token,
+        expires_at=expires_at,
+    )
+    db = next(get_db())
+    session_service = SessionService(db)
+    session_service.create(schema=session_data, user_id=user_id)

api/v1/routes/auth.py

@@ -23,7 +23,7 @@
 from api.utils.success_response import auth_response, success_response
 from api.utils.send_mail import send_magic_link
 from api.utils.settings import settings
-from api.utils.session_helpers import get_session_schema_data
+from api.utils.session_helpers import create_session_for_user
 from api.v1.models import User
 from api.v1.schemas.user import Token, UserEmailSender
 from api.v1.schemas.user import (
@@ -34,7 +34,7 @@
     UserData2,
 )
 from api.v1.schemas.token import TokenRequest
-from api.v1.schemas.session import SessionCreate
+# from api.v1.schemas.session import SessionCreate
 from api.v1.schemas.user import (MagicLinkRequest,
                                  ChangePasswordSchema,
                                  AuthMeResponse)
@@ -53,7 +53,7 @@
 )
 from api.v1.services.totp import totp_service
 from api.utils.settings import settings
-from api.v1.services.session import SessionService
+# from api.v1.services.session import SessionService
 
 auth = APIRouter(prefix="/auth", tags=["Authentication"])
 
@@ -79,14 +79,9 @@ def register(
     # Create user account
     user = user_service.create(db=db, schema=user_schema)
 
-
     verification_token = user_service.create_verification_token(user.id)
     verification_link = f"{base_url}/api/v1/auth/verify-email?token={verification_token}"
 
-    access_token = user_service.create_access_token(user_id=user.id)
-    refresh_token = user_service.create_refresh_token(user_id=user.id)
-    cta_link = "https://anchor-python.teams.hng.tech/about-us"
-
     # create an organization for the user
     org = CreateUpdateOrganisation(
         name=f"{user.email}'s Organisation", email=user.email
@@ -98,15 +93,18 @@ def register(
     access_token = user_service.create_access_token(user_id=user.id)
     refresh_token = user_service.create_refresh_token(user_id=user.id)
     cta_link = f"{settings.ANCHOR_PYTHON_BASE_URL}/about-us"
+
+    # create session for user
     expires = dt.datetime.now(dt.timezone.utc) + (dt.timedelta(
         days=settings.JWT_REFRESH_EXPIRY) - dt.timedelta(seconds=1)
     )
-    session_schema: SessionCreate = get_session_schema_data(
-        request,
+    background_tasks.add_task(
+        create_session_for_user,
+        request=request,
+        user_id=user.id,
         refresh_token=refresh_token,
-        expires_at=expires)
-    session_service = SessionService(db)
-    session_service.create(db=db, schema=session_schema, user_id=user.id)
+        expires_at=expires
+    )
 
     # Send email in the background
     background_tasks.add_task(
@@ -257,15 +255,18 @@ def login(request: Request, login_request: LoginRequest, background_tasks: Backg
     # Generate access and refresh tokens
     access_token = user_service.create_access_token(user_id=user.id)
     refresh_token = user_service.create_refresh_token(user_id=user.id)
+
+    # create session for user
     expires = dt.datetime.now(dt.timezone.utc) + (dt.timedelta(
         days=settings.JWT_REFRESH_EXPIRY) - dt.timedelta(seconds=1)
     )
-    session_schema: SessionCreate = get_session_schema_data(
-        request,
+    background_tasks.add_task(
+        create_session_for_user,
+        request=request,
+        user_id=user.id,
         refresh_token=refresh_token,
-        expires_at=expires)
-    session_service = SessionService(db)
-    session_service.create(db=db, schema=session_schema, user_id=user.id)
+        expires_at=expires
+    )
 
     # Background task for email notification
     logger.info(f"Queueing login notification for {user.email} in the background...")

api/v1/services/session.py

@@ -10,6 +10,7 @@ class SessionService:
     """Session service functionality."""
 
     def __init__(self, db: Session):
+        """Initialize the service."""
         self.db = db
 
     def is_revoked_or_expired(self, refresh_token: str):
@@ -19,6 +20,8 @@ def is_revoked_or_expired(self, refresh_token: str):
             return True
         if isinstance(session.expires_at, str):
             session.expires_at = datetime.fromisoformat(session.expires_at)
+
+        session.expires_at = session.expires_at.astimezone(timezone.utc)
         current_time = datetime.now(timezone.utc)
         if session.is_revoked or (session.expires_at < current_time):
             return True
@@ -46,16 +49,15 @@ def fetch_by_ip_and_user_agent(self, ip_address: str, user_agent: str):
         ).all()
         return sessions
 
-    def create(self, db: Session, schema: SessionCreate, user_id: str):
+    def create(self, schema: SessionCreate, user_id: str):
         """Create a new session."""
         sessions = self.fetch_by_ip_and_user_agent(schema.ip_address, schema.device)
         if sessions:
-            print(sessions)
             self.revoke_sessions(sessions)
         new_session = UserSession(**schema.model_dump(), user_id=user_id)
-        db.add(new_session)
-        db.commit()
-        db.refresh(new_session)
+        self.db.add(new_session)
+        self.db.commit()
+        self.db.refresh(new_session)
         return new_session
 
     def fetch_all(self, user_id):