fixed firebase issues

ebwu95 · ebwu95 · commit 29a0ef93546a · 2025-05-24T00:25:30.000-04:00
diff --git a/backend/README.md b/backend/README.md
@@ -110,6 +110,21 @@ pdm run ruff format .
 ## Environment Variables
 Environment variables are currently stored in an .env file within the base repository (not the backend folder). You will need to copy the local environment variables stored in the following notion [page](https://www.notion.so/uwblueprintexecs/Environment-Variables-11910f3fb1dc80e4bc67d35c3d65d073?pvs=4) to get the database working.
 
+### Firebase Configuration
+To set up Firebase authentication:
+
+1. Place your `serviceAccountKey.json` file in the `backend/` directory
+   - This file should be obtained from your Firebase Console
+   - Go to Project Settings > Service Accounts > Generate New Private Key
+   - The file contains sensitive credentials and is automatically gitignored
+
+2. Ensure your `.env` file includes the following Firebase-related variables:
+   ```
+   FIREBASE_WEB_API_KEY=your_web_api_key
+   ```
+   You can find these values in your Firebase Console under Project Settings.
+
+Note: Never commit `serviceAccountKey.json` to version control. It's already added to `.gitignore` for security.
 
 ## Adding a new model
 When adding a new model, make sure to add it to `app/models/__init__.py` so that the migration script can pick it up when autogenerating the new migration.
diff --git a/backend/app/routes/auth.py b/backend/app/routes/auth.py
@@ -2,12 +2,25 @@
 from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
 
 from ..schemas.auth import AuthResponse, LoginRequest, RefreshRequest, Token
+from ..schemas.user import UserCreateRequest, UserCreateResponse
 from ..services.implementations.auth_service import AuthService
-from ..utilities.service_utils import get_auth_service
+from ..services.implementations.user_service import UserService
+from ..utilities.service_utils import get_auth_service, get_user_service
 
 router = APIRouter(prefix="/auth", tags=["auth"])
 security = HTTPBearer()
 
+#TODO: ADD RATE LIMITING
+@router.post("/register", response_model=UserCreateResponse)
+async def register_user(
+    user: UserCreateRequest, user_service: UserService = Depends(get_user_service)
+):
+    try:
+        return await user_service.create_user(user)
+    except HTTPException as http_ex:
+        raise http_ex
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=str(e))
 
 @router.post("/login", response_model=AuthResponse)
 async def login(
diff --git a/backend/app/routes/user.py b/backend/app/routes/user.py
@@ -1,6 +1,7 @@
 from fastapi import APIRouter, Depends, HTTPException
 
-from app.schemas.user import UserCreateRequest, UserCreateResponse
+from app.middleware.auth import has_roles
+from app.schemas.user import UserCreateRequest, UserCreateResponse, UserRole
 from app.services.implementations.user_service import UserService
 from app.utilities.service_utils import get_user_service
 
@@ -13,10 +14,12 @@
 # send email verification via auth_service
 # allow signup methods other than email (like sign up w Google)??
 
-
+#admin only manually create user, not sure if this is needed
 @router.post("/", response_model=UserCreateResponse)
 async def create_user(
-    user: UserCreateRequest, user_service: UserService = Depends(get_user_service)
+    user: UserCreateRequest,
+    user_service: UserService = Depends(get_user_service),
+    authorized: bool = has_roles([UserRole.ADMIN])
 ):
     try:
         return await user_service.create_user(user)
