users¶
models¶
User domain models.
- class User[source]¶
Bases:
UUIDAuditBase- __init__(**kwargs)¶
A simple constructor that allows initialization from kwargs.
Sets attributes on the constructed instance using the names and values in
kwargs.Only keys that are present as attributes of the instance’s class are allowed. These could be, for example, any mapped columns or relationships.
- created_at: Mapped[datetime.datetime]¶
Date/time of instance creation.
- id: Mapped[UUID]¶
UUID Primary key column.
- updated_at: Mapped[datetime.datetime]¶
Date/time of instance last update.
- class Membership[source]¶
Bases:
UUIDAuditBase- __init__(**kwargs)¶
A simple constructor that allows initialization from kwargs.
Sets attributes on the constructed instance using the names and values in
kwargs.Only keys that are present as attributes of the instance’s class are allowed. These could be, for example, any mapped columns or relationships.
- created_at: Mapped[datetime.datetime]¶
Date/time of instance creation.
- id: Mapped[UUID]¶
UUID Primary key column.
- updated_at: Mapped[datetime.datetime]¶
Date/time of instance last update.
- class UserGroup[source]¶
Bases:
UUIDAuditBase- __init__(**kwargs)¶
A simple constructor that allows initialization from kwargs.
Sets attributes on the constructed instance using the names and values in
kwargs.Only keys that are present as attributes of the instance’s class are allowed. These could be, for example, any mapped columns or relationships.
- created_at: Mapped[datetime.datetime]¶
Date/time of instance creation.
- id: Mapped[UUID]¶
UUID Primary key column.
- updated_at: Mapped[datetime.datetime]¶
Date/time of instance last update.
schemas¶
User domain Pydantic schemas.
- class UserBase[source]¶
Bases:
BaseModelBase user schema with common fields.
- model_config: ClassVar[ConfigDict] = {}¶
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
- class UserCreate[source]¶
Bases:
UserBaseSchema for creating a new user.
- model_config: ClassVar[ConfigDict] = {'json_schema_extra': {'example': {'bio': 'Python creator and BDFL', 'email': 'guido@python.org', 'email_privacy': 'private', 'first_name': 'Guido', 'last_name': 'van Rossum', 'password': 'SecurePass123!', 'public_profile': True, 'search_visibility': 'public', 'username': 'guido_van_rossum'}}}¶
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
- class UserUpdate[source]¶
Bases:
BaseModelSchema for updating an existing user.
- model_config: ClassVar[ConfigDict] = {'json_schema_extra': {'example': {'bio': 'Python creator, former BDFL, now retired from leadership but still contributing to Python development', 'email_privacy': 'private', 'first_name': 'Guido', 'last_name': 'van Rossum', 'search_visibility': 'public'}}}¶
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
- class UserRead[source]¶
Bases:
UserBaseSchema for reading user data.
- model_config: ClassVar[ConfigDict] = {'from_attributes': True, 'json_schema_extra': {'example': {'bio': 'Python creator and BDFL', 'created_at': '2025-01-15T10:30:00Z', 'date_joined': '2025-01-15T10:30:00Z', 'email': 'guido@python.org', 'email_privacy': 'private', 'first_name': 'Guido', 'id': '550e8400-e29b-41d4-a716-446655440000', 'is_active': True, 'is_staff': False, 'is_superuser': False, 'last_login': '2025-11-29T08:45:00Z', 'last_name': 'van Rossum', 'public_profile': True, 'search_visibility': 'public', 'updated_at': '2025-11-20T14:22:00Z', 'username': 'guido_van_rossum'}}}¶
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
- class UserPublic[source]¶
Bases:
BaseModelPublic user schema with limited fields.
- model_config: ClassVar[ConfigDict] = {'from_attributes': True}¶
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
- class MembershipBase[source]¶
Bases:
BaseModelBase membership schema.
- model_config: ClassVar[ConfigDict] = {}¶
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
- class MembershipCreate[source]¶
Bases:
MembershipBaseSchema for creating a new membership.
- model_config: ClassVar[ConfigDict] = {}¶
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
- class MembershipUpdate[source]¶
Bases:
BaseModelSchema for updating a membership.
- model_config: ClassVar[ConfigDict] = {}¶
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
- class MembershipRead[source]¶
Bases:
MembershipBaseSchema for reading membership data.
- model_config: ClassVar[ConfigDict] = {'from_attributes': True}¶
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
- class UserGroupBase[source]¶
Bases:
BaseModelBase user group schema.
- model_config: ClassVar[ConfigDict] = {}¶
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
- class UserGroupCreate[source]¶
Bases:
UserGroupBaseSchema for creating a new user group.
- model_config: ClassVar[ConfigDict] = {}¶
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
- class UserGroupUpdate[source]¶
Bases:
BaseModelSchema for updating a user group.
- model_config: ClassVar[ConfigDict] = {}¶
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
- class UserGroupRead[source]¶
Bases:
UserGroupBaseSchema for reading user group data.
- model_config: ClassVar[ConfigDict] = {'from_attributes': True}¶
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
- class APIKeyCreate[source]¶
Bases:
BaseModelSchema for creating a new API key.
- model_config: ClassVar[ConfigDict] = {'json_schema_extra': {'example': {'description': 'API key for automated deployments', 'expires_in_days': 365, 'name': 'CI/CD Pipeline Key'}}}¶
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
- class APIKeyRead[source]¶
Bases:
BaseModelSchema for reading API key data (without the actual key).
- model_config: ClassVar[ConfigDict] = {'from_attributes': True}¶
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
- class APIKeyCreated[source]¶
Bases:
APIKeyReadSchema returned when creating a new API key (includes the raw key).
- model_config: ClassVar[ConfigDict] = {'from_attributes': True, 'json_schema_extra': {'example': {'created_at': '2025-12-13T18:00:00Z', 'description': 'API key for automated deployments', 'expires_at': '2026-12-13T18:00:00Z', 'id': '550e8400-e29b-41d4-a716-446655440000', 'is_active': True, 'key': 'pyorg_abc123xyz789...', 'key_prefix': 'pyorg_abc123', 'last_used_at': None, 'name': 'CI/CD Pipeline Key', 'updated_at': '2025-12-13T18:00:00Z', 'user_id': '550e8400-e29b-41d4-a716-446655440001'}}}¶
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
services¶
User domain services for business logic.
- class UserService[source]¶
Bases:
SQLAlchemyAsyncRepositoryService[User, Any]Service for User business logic.
- repository_type¶
alias of
UserRepository
- match_fields: ClassVar[Optional[Union[list[str], str]]] = ['email', 'username']¶
List of dialects that prefer to use
field.id = ANY(:1)instead offield.id IN (...).
- async create_user(data)[source]¶
Create a new user with hashed password.
- Parameters:
data (
UserCreate) – User creation data including plain-text password.- Return type:
- Returns:
The created user instance.
- Raises:
ValueError – If email or username already exists.
- class MembershipService[source]¶
Bases:
SQLAlchemyAsyncRepositoryService[Membership, Any]Service for Membership business logic.
- repository_type¶
alias of
MembershipRepository
- match_fields: ClassVar[Optional[Union[list[str], str]]] = ['user_id']¶
List of dialects that prefer to use
field.id = ANY(:1)instead offield.id IN (...).
- async get_by_user_id(user_id)[source]¶
Get a membership by user ID.
- Parameters:
user_id (
UUID) – The user ID to search for.- Return type:
- Returns:
The membership if found, None otherwise.
- async create_for_user(user_id, membership_data)[source]¶
Create a membership for a specific user.
- Parameters:
- Return type:
- Returns:
The created membership instance.
- Raises:
ValueError – If user already has a membership.
- class UserGroupService[source]¶
Bases:
SQLAlchemyAsyncRepositoryService[UserGroup, Any]Service for UserGroup business logic.
- repository_type¶
alias of
UserGroupRepository
- match_fields: ClassVar[Optional[Union[list[str], str]]] = ['name']¶
List of dialects that prefer to use
field.id = ANY(:1)instead offield.id IN (...).
- class APIKeyService[source]¶
Bases:
SQLAlchemyAsyncRepositoryService[APIKey, Any]Service for API key management.
- repository_type¶
alias of
APIKeyRepository
- match_fields: ClassVar[Optional[Union[list[str], str]]] = ['key_hash']¶
List of dialects that prefer to use
field.id = ANY(:1)instead offield.id IN (...).
- async create_key(user_id, data)[source]¶
Create a new API key for a user.
- Parameters:
user_id (
UUID) – The user ID to create the key for.data (
APIKeyCreate) – API key creation data.
- Return type:
- Returns:
Tuple of (APIKey instance, raw key string).
controllers¶
User domain API controllers.
- class UserController[source]¶
Bases:
ControllerController for User CRUD operations.
- path: str¶
A path fragment for the controller.
All route handlers under the controller will have the fragment appended to them. If not set it defaults to
/.
- tags: Sequence[str] | None¶
A sequence of string tags that will be appended to the schema of all route handlers under the controller.
- after_request: AfterRequestHookHandler | None¶
A sync or async function executed before a
Requestis passed to any route handler.If this function returns a value, the request will not reach the route handler, and instead this value will be used.
- after_response: AfterResponseHookHandler | None¶
A sync or async function called after the response has been awaited.
It receives the
Requestinstance and should not return any values.
- before_request: BeforeRequestHookHandler | None¶
A sync or async function called immediately before calling the route handler.
It receives the
Requestinstance and any non-Nonereturn value is used for the response, bypassing the route handler.
- cache_control: CacheControlHeader | None¶
A
CacheControlHeaderheader to add to route handlers of this controller.Can be overridden by route handlers.
- dependencies: Dependencies | None¶
A string keyed dictionary of dependency
Providerinstances.
- dto: type[AbstractDTO] | None | EmptyType¶
AbstractDTOto use for (de)serializing and validation of request data.
- etag: ETag | None¶
An
etagheader of typeETagto add to route handlers of this controller.Can be overridden by route handlers.
- exception_handlers: ExceptionHandlersMap | None¶
A map of handler functions to status codes and/or exception types.
- guards: Sequence[Guard] | None¶
A sequence of
Guardcallables.
- include_in_schema: bool | EmptyType¶
A boolean flag dictating whether the route handler should be documented in the OpenAPI schema
- middleware: Sequence[Middleware] | None¶
A sequence of
Middleware.
- opt: Mapping[str, Any] | None¶
A string key mapping of arbitrary values that can be accessed in
Guardsor wherever you have access toRequestorASGI Scope.
- owner: Router¶
The
RouterorLitestarapp that owns the controller.This value is set internally by Litestar and it should not be set when subclassing the controller.
- parameters: ParametersMap | None¶
A mapping of
Parameterdefinitions available to all application paths.
- request_class: type[Request] | None¶
A custom subclass of
Requestto be used as the default request for all route handlers under the controller.
- request_max_body_size: int | None | EmptyType¶
Maximum allowed size of the request body in bytes. If this size is exceeded, a ‘413 - Request Entity Too Large’ error response is returned.
- response_class: type[Response] | None¶
A custom subclass of
Responseto be used as the default response for all route handlers under the controller.
- response_cookies: ResponseCookies | None¶
A list of
Cookieinstances.
- response_headers: ResponseHeaders | None¶
A string keyed dictionary mapping
ResponseHeaderinstances.
- return_dto: type[AbstractDTO] | None | EmptyType¶
AbstractDTOto use for serializing outbound response data.
- security: Sequence[SecurityRequirement] | None¶
A sequence of dictionaries that to the schema of all route handlers under the controller.
- signature_namespace: dict[str, Any]¶
A mapping of names to types for use in forward reference resolution during signature modelling.
- signature_types: Sequence[Any]¶
A sequence of types for use in forward reference resolution during signature modelling.
These types will be added to the signature namespace using their
__name__attribute.
- type_decoders: TypeDecodersSequence | None¶
A sequence of tuples, each composed of a predicate testing for type identity and a msgspec hook for deserialization.
- type_encoders: TypeEncodersMap | None¶
A mapping of types to callables that transform them into types supported for serialization.
- websocket_class: type[WebSocket] | None¶
A custom subclass of
WebSocketto be used as the default websocket for all route handlers under the controller.
- class MembershipController[source]¶
Bases:
ControllerController for Membership CRUD operations.
- path: str¶
A path fragment for the controller.
All route handlers under the controller will have the fragment appended to them. If not set it defaults to
/.
- tags: Sequence[str] | None¶
A sequence of string tags that will be appended to the schema of all route handlers under the controller.
- after_request: AfterRequestHookHandler | None¶
A sync or async function executed before a
Requestis passed to any route handler.If this function returns a value, the request will not reach the route handler, and instead this value will be used.
- after_response: AfterResponseHookHandler | None¶
A sync or async function called after the response has been awaited.
It receives the
Requestinstance and should not return any values.
- before_request: BeforeRequestHookHandler | None¶
A sync or async function called immediately before calling the route handler.
It receives the
Requestinstance and any non-Nonereturn value is used for the response, bypassing the route handler.
- cache_control: CacheControlHeader | None¶
A
CacheControlHeaderheader to add to route handlers of this controller.Can be overridden by route handlers.
- dependencies: Dependencies | None¶
A string keyed dictionary of dependency
Providerinstances.
- dto: type[AbstractDTO] | None | EmptyType¶
AbstractDTOto use for (de)serializing and validation of request data.
- etag: ETag | None¶
An
etagheader of typeETagto add to route handlers of this controller.Can be overridden by route handlers.
- exception_handlers: ExceptionHandlersMap | None¶
A map of handler functions to status codes and/or exception types.
- guards: Sequence[Guard] | None¶
A sequence of
Guardcallables.
- include_in_schema: bool | EmptyType¶
A boolean flag dictating whether the route handler should be documented in the OpenAPI schema
- middleware: Sequence[Middleware] | None¶
A sequence of
Middleware.
- opt: Mapping[str, Any] | None¶
A string key mapping of arbitrary values that can be accessed in
Guardsor wherever you have access toRequestorASGI Scope.
- owner: Router¶
The
RouterorLitestarapp that owns the controller.This value is set internally by Litestar and it should not be set when subclassing the controller.
- parameters: ParametersMap | None¶
A mapping of
Parameterdefinitions available to all application paths.
- request_class: type[Request] | None¶
A custom subclass of
Requestto be used as the default request for all route handlers under the controller.
- request_max_body_size: int | None | EmptyType¶
Maximum allowed size of the request body in bytes. If this size is exceeded, a ‘413 - Request Entity Too Large’ error response is returned.
- response_class: type[Response] | None¶
A custom subclass of
Responseto be used as the default response for all route handlers under the controller.
- response_cookies: ResponseCookies | None¶
A list of
Cookieinstances.
- response_headers: ResponseHeaders | None¶
A string keyed dictionary mapping
ResponseHeaderinstances.
- return_dto: type[AbstractDTO] | None | EmptyType¶
AbstractDTOto use for serializing outbound response data.
- security: Sequence[SecurityRequirement] | None¶
A sequence of dictionaries that to the schema of all route handlers under the controller.
- signature_namespace: dict[str, Any]¶
A mapping of names to types for use in forward reference resolution during signature modelling.
- signature_types: Sequence[Any]¶
A sequence of types for use in forward reference resolution during signature modelling.
These types will be added to the signature namespace using their
__name__attribute.
- type_decoders: TypeDecodersSequence | None¶
A sequence of tuples, each composed of a predicate testing for type identity and a msgspec hook for deserialization.
- type_encoders: TypeEncodersMap | None¶
A mapping of types to callables that transform them into types supported for serialization.
- websocket_class: type[WebSocket] | None¶
A custom subclass of
WebSocketto be used as the default websocket for all route handlers under the controller.
- class UserGroupController[source]¶
Bases:
ControllerController for UserGroup CRUD operations.
- path: str¶
A path fragment for the controller.
All route handlers under the controller will have the fragment appended to them. If not set it defaults to
/.
- tags: Sequence[str] | None¶
A sequence of string tags that will be appended to the schema of all route handlers under the controller.
- after_request: AfterRequestHookHandler | None¶
A sync or async function executed before a
Requestis passed to any route handler.If this function returns a value, the request will not reach the route handler, and instead this value will be used.
- after_response: AfterResponseHookHandler | None¶
A sync or async function called after the response has been awaited.
It receives the
Requestinstance and should not return any values.
- before_request: BeforeRequestHookHandler | None¶
A sync or async function called immediately before calling the route handler.
It receives the
Requestinstance and any non-Nonereturn value is used for the response, bypassing the route handler.
- cache_control: CacheControlHeader | None¶
A
CacheControlHeaderheader to add to route handlers of this controller.Can be overridden by route handlers.
- dependencies: Dependencies | None¶
A string keyed dictionary of dependency
Providerinstances.
- dto: type[AbstractDTO] | None | EmptyType¶
AbstractDTOto use for (de)serializing and validation of request data.
- etag: ETag | None¶
An
etagheader of typeETagto add to route handlers of this controller.Can be overridden by route handlers.
- exception_handlers: ExceptionHandlersMap | None¶
A map of handler functions to status codes and/or exception types.
- guards: Sequence[Guard] | None¶
A sequence of
Guardcallables.
- include_in_schema: bool | EmptyType¶
A boolean flag dictating whether the route handler should be documented in the OpenAPI schema
- middleware: Sequence[Middleware] | None¶
A sequence of
Middleware.
- opt: Mapping[str, Any] | None¶
A string key mapping of arbitrary values that can be accessed in
Guardsor wherever you have access toRequestorASGI Scope.
- owner: Router¶
The
RouterorLitestarapp that owns the controller.This value is set internally by Litestar and it should not be set when subclassing the controller.
- parameters: ParametersMap | None¶
A mapping of
Parameterdefinitions available to all application paths.
- request_class: type[Request] | None¶
A custom subclass of
Requestto be used as the default request for all route handlers under the controller.
- request_max_body_size: int | None | EmptyType¶
Maximum allowed size of the request body in bytes. If this size is exceeded, a ‘413 - Request Entity Too Large’ error response is returned.
- response_class: type[Response] | None¶
A custom subclass of
Responseto be used as the default response for all route handlers under the controller.
- response_cookies: ResponseCookies | None¶
A list of
Cookieinstances.
- response_headers: ResponseHeaders | None¶
A string keyed dictionary mapping
ResponseHeaderinstances.
- return_dto: type[AbstractDTO] | None | EmptyType¶
AbstractDTOto use for serializing outbound response data.
- security: Sequence[SecurityRequirement] | None¶
A sequence of dictionaries that to the schema of all route handlers under the controller.
- signature_namespace: dict[str, Any]¶
A mapping of names to types for use in forward reference resolution during signature modelling.
- signature_types: Sequence[Any]¶
A sequence of types for use in forward reference resolution during signature modelling.
These types will be added to the signature namespace using their
__name__attribute.
- type_decoders: TypeDecodersSequence | None¶
A sequence of tuples, each composed of a predicate testing for type identity and a msgspec hook for deserialization.
- type_encoders: TypeEncodersMap | None¶
A mapping of types to callables that transform them into types supported for serialization.
- websocket_class: type[WebSocket] | None¶
A custom subclass of
WebSocketto be used as the default websocket for all route handlers under the controller.
- class APIKeyController[source]¶
Bases:
ControllerController for API key management.
API keys allow programmatic access to the API. Users can create multiple keys with optional expiration dates. Keys are shown only once at creation time.
- path: str¶
A path fragment for the controller.
All route handlers under the controller will have the fragment appended to them. If not set it defaults to
/.
- tags: Sequence[str] | None¶
A sequence of string tags that will be appended to the schema of all route handlers under the controller.
- guards: Sequence[Guard] | None¶
A sequence of
Guardcallables.
- after_request: AfterRequestHookHandler | None¶
A sync or async function executed before a
Requestis passed to any route handler.If this function returns a value, the request will not reach the route handler, and instead this value will be used.
- after_response: AfterResponseHookHandler | None¶
A sync or async function called after the response has been awaited.
It receives the
Requestinstance and should not return any values.
- before_request: BeforeRequestHookHandler | None¶
A sync or async function called immediately before calling the route handler.
It receives the
Requestinstance and any non-Nonereturn value is used for the response, bypassing the route handler.
- cache_control: CacheControlHeader | None¶
A
CacheControlHeaderheader to add to route handlers of this controller.Can be overridden by route handlers.
- dependencies: Dependencies | None¶
A string keyed dictionary of dependency
Providerinstances.
- dto: type[AbstractDTO] | None | EmptyType¶
AbstractDTOto use for (de)serializing and validation of request data.
- etag: ETag | None¶
An
etagheader of typeETagto add to route handlers of this controller.Can be overridden by route handlers.
- exception_handlers: ExceptionHandlersMap | None¶
A map of handler functions to status codes and/or exception types.
- include_in_schema: bool | EmptyType¶
A boolean flag dictating whether the route handler should be documented in the OpenAPI schema
- middleware: Sequence[Middleware] | None¶
A sequence of
Middleware.
- opt: Mapping[str, Any] | None¶
A string key mapping of arbitrary values that can be accessed in
Guardsor wherever you have access toRequestorASGI Scope.
- owner: Router¶
The
RouterorLitestarapp that owns the controller.This value is set internally by Litestar and it should not be set when subclassing the controller.
- parameters: ParametersMap | None¶
A mapping of
Parameterdefinitions available to all application paths.
- request_class: type[Request] | None¶
A custom subclass of
Requestto be used as the default request for all route handlers under the controller.
- request_max_body_size: int | None | EmptyType¶
Maximum allowed size of the request body in bytes. If this size is exceeded, a ‘413 - Request Entity Too Large’ error response is returned.
- response_class: type[Response] | None¶
A custom subclass of
Responseto be used as the default response for all route handlers under the controller.
- response_cookies: ResponseCookies | None¶
A list of
Cookieinstances.
- response_headers: ResponseHeaders | None¶
A string keyed dictionary mapping
ResponseHeaderinstances.
- return_dto: type[AbstractDTO] | None | EmptyType¶
AbstractDTOto use for serializing outbound response data.
- security: Sequence[SecurityRequirement] | None¶
A sequence of dictionaries that to the schema of all route handlers under the controller.
- signature_namespace: dict[str, Any]¶
A mapping of names to types for use in forward reference resolution during signature modelling.
- signature_types: Sequence[Any]¶
A sequence of types for use in forward reference resolution during signature modelling.
These types will be added to the signature namespace using their
__name__attribute.
- type_decoders: TypeDecodersSequence | None¶
A sequence of tuples, each composed of a predicate testing for type identity and a msgspec hook for deserialization.
- type_encoders: TypeEncodersMap | None¶
A mapping of types to callables that transform them into types supported for serialization.
- websocket_class: type[WebSocket] | None¶
A custom subclass of
WebSocketto be used as the default websocket for all route handlers under the controller.
repositories¶
User domain repositories for database access.
- class UserRepository[source]¶
Bases:
SQLAlchemyAsyncRepository[User]Repository for User database operations.
- class MembershipRepository[source]¶
Bases:
SQLAlchemyAsyncRepository[Membership]Repository for Membership database operations.
- model_type¶
alias of
Membership
- class UserGroupRepository[source]¶
Bases:
SQLAlchemyAsyncRepository[UserGroup]Repository for UserGroup database operations.
- class APIKeyRepository[source]¶
Bases:
SQLAlchemyAsyncRepository[APIKey]Repository for API key database operations.
- model_type¶
alias of
APIKey