dudikbender / fast-graph Goto Github PK
View Code? Open in Web Editor NEWApplication integrating FastAPI with a Neo4j graph database.
fast-graph's People
Contributors
Stargazers
Watchers
Forkers
seflaherty yeongrokgim projetsplusia apititan nguyendao3105 brahimmade howard-haowen jizaymes danielchudc har1n galdavidi mohsspark829 mehrnooshda jmbayu murat-u-saglam touchthesunfast-graph's Issues
User Update
Currently the function that allow you to update the user doesn't check if the new username already exist, this could cause authentication issue as the username is used to differentiates between user.
My solutions :
# UPDATE User profile
@router.put('/{username}/update', response_model=User)
async def update_user(attributes: dict, username: str):
# Add check to stop call if password is being changed
for k in attributes:
if k == 'hashed_password':
raise HTTPException(
status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
detail="Operation not permitted, cannot update password with this method.",
headers={"WWW-Authenticate": "Bearer"})
if k == 'username':
#print(f"\n update \n {username}\n-\n{attributes['username']}\n-\n")
query = 'MATCH (user:User) WHERE user.username = $username RETURN user'
name = attributes['username']
with neo4j_driver.session() as session:
user_in_db = session.run(query=query, parameters={'username': name})
data = user_in_db.data()
#print(f"data {data}\n")
if data:
raise HTTPException(
status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
detail="Username already exists.",
headers={"WWW-user-delete": "Bearer"})
if attributes:
unpacked_attributes = 'SET ' + ', '.join(f'user.{key}=\'{value}\'' for (key, value) in attributes.items())
else:
unpacked_attributes = ''
# Execute Cypher query to update the user attributes
cypher_update_user = ('MATCH (user: User) WHERE user.username = $user\n'
f'{unpacked_attributes}\n'
'RETURN user')
with neo4j_driver.session() as session:
updated_user = session.run(query=cypher_update_user,
parameters={'user': username})
user_data = updated_user.data()[0]['user']
return User(**user_data)Query request Enhancement
I suggest a rework of the query route. Currently, the cypher string is passed through a URL path variable but do to URL encoding some character are lost in the process like the '+' character. So modifying the request to make the variables pass through the body of the request like bellow would solve those problems.
# Query endpoint
@router.get('/q', response_model=Query, summary='Query the database with a custom Cypher string')
async def cypher_query(attributes: dict):
print(attributes["cypher_string"])
if attributes["cypher_string"] is not None and attributes["cypher_string"] != "":
with neo4j_driver.session() as session:
response = session.run(query=attributes["cypher_string"])
return Query(response=response.data())
else:
raise HTTPException(
status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
detail="Empty or null cypher string.",
headers={"WWW-Authenticate": "Bearer"})Doubt regarding update query in the `crud.py` file
Hello, I have been using your project as a reference to understand how neo4j works better and it has been a big help to me thus far.
I had a doubt regarding the update node aspect in the application here.
Will the backslashes f'new_node.{key}=\'{value}\'' near the value variable help escape characters and be secure from cypher injection attacks?
I tried looking around but could not find a conclusive answer to the same.
Thank you.
question about neo4j connectivity
https://github.com/dudikbender/fast-graph/blob/main/app/utils/db.py#L7
you are importing thisneo4j_driver variable where it's needed but it's not recommended as it's expensive to create.
do you have any other idea how can we not create it everytime?
uvicorn may not deal good with virtual python
uvicorn may not deal good with virtual python, i cannot import jose or app.stuff .
It may caused by directory error.
Using gunicorn, seems work
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.