fix user router

api/kiwi_vpn_api/routers/__init__.py

@@ -1,12 +1,10 @@
 from fastapi import APIRouter
 
-from . import admin
+from . import admin, user
 
-# from . import user
-
-main_router = APIRouter(prefix="/api/v1")
+main_router = APIRouter()
 
 main_router.include_router(admin.router)
-# main_router.include_router(user.router)
+main_router.include_router(user.router)
 
 __all__ = ["main_router"]

api/kiwi_vpn_api/routers/_common.py

@@ -6,10 +6,12 @@ Common dependencies for routers.
 from fastapi import Depends, HTTPException, status
 from fastapi.security import OAuth2PasswordBearer
 
-from ..config import Config
+from ..config import Config, Settings
 from ..db import Capability, User
 
-oauth2_scheme = OAuth2PasswordBearer(tokenUrl="user/authenticate")
+oauth2_scheme = OAuth2PasswordBearer(
+    tokenUrl=f"{Settings._.api_v1_prefix}/user/authenticate"
+)
 
 
 class Responses:

api/kiwi_vpn_api/routers/user.py

@@ -5,11 +5,9 @@
 from fastapi import APIRouter, Depends, HTTPException, status
 from fastapi.security import OAuth2PasswordRequestForm
 from pydantic import BaseModel
-from sqlalchemy.orm import Session
 
 from ..config import Config
-from ..db import Connection
-from ..db.schemata import User, UserCapability, UserCreate
+from ..db import Capability, User, UserCreate, UserRead
 from ._common import Responses, get_current_user, get_current_user_if_admin
 
 router = APIRouter(prefix="/user", tags=["user"])
@@ -28,7 +26,6 @@ class Token(BaseModel):
 async def login(
     form_data: OAuth2PasswordRequestForm = Depends(),
     current_config: Config | None = Depends(Config.load),
-    db: Session | None = Depends(Connection.get),
 ):
     """
     POST ./authenticate: Authenticate a user. Issues a bearer token.
@@ -39,12 +36,10 @@ async def login(
         raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST)
 
     # try logging in
-    user = User(name=form_data.username)
-    if not user.authenticate(
-        db=db,
+    if not (user := User.authenticate(
+        name=form_data.username,
         password=form_data.password,
-        crypt_context=current_config.crypto.crypt_context,
-    ):
+    )):
         # authentication failed
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
@@ -57,7 +52,7 @@ async def login(
     return {"access_token": access_token, "token_type": "bearer"}
 
 
-@router.get("/current", response_model=User)
+@router.get("/current", response_model=UserRead)
 async def get_current_user(
     current_user: User | None = Depends(get_current_user),
 ):
@@ -81,20 +76,14 @@ async def get_current_user(
 )
 async def add_user(
     user: UserCreate,
-    current_config: Config | None = Depends(Config.load),
     _: User = Depends(get_current_user_if_admin),
-    db: Session | None = Depends(Connection.get),
 ):
     """
     POST ./: Create a new user in the database.
     """
 
     # actually create the new user
-    new_user = User.create(
-        db=db,
-        user=user,
-        crypt_context=current_config.crypto.crypt_context,
-    )
+    new_user = User.create(**user.dict())
 
     # fail if creation was unsuccessful
     if new_user is None:
@@ -118,22 +107,21 @@ async def add_user(
 async def remove_user(
     user_name: str,
     _: User = Depends(get_current_user_if_admin),
-    db: Session | None = Depends(Connection.get),
 ):
     """
     DELETE ./{user_name}: Remove a user from the database.
     """
 
     # get the user
-    user = User.from_db(
-        db=db,
-        name=user_name,
-    )
+    user = User.get(user_name)
 
-    # fail if deletion was unsuccessful
-    if user is None or not user.delete(db):
+    # fail if user not found
+    if user is None:
         raise HTTPException(status_code=status.HTTP_404_NOT_FOUND)
 
+    # delete user
+    user.delete()
+
 
 @router.post(
     "/{user_name}/capabilities",
@@ -146,22 +134,21 @@ async def remove_user(
 )
 async def extend_capabilities(
     user_name: str,
-    capabilities: list[UserCapability],
+    capabilities: list[Capability],
     _: User = Depends(get_current_user_if_admin),
-    db: Session | None = Depends(Connection.get),
 ):
     """
     POST ./{user_name}/capabilities: Add capabilities to a user.
     """
 
     # get and change the user
-    user = User.from_db(
-        db=db,
-        name=user_name,
+    user = User.get(user_name)
+
+    user.set_capabilities(
+        user.get_capabilities() | set(capabilities)
     )
 
-    user.capabilities.extend(capabilities)
-    user.update(db)
+    user.update()
 
 
 @router.delete(
@@ -175,21 +162,18 @@ async def extend_capabilities(
 )
 async def remove_capabilities(
     user_name: str,
-    capabilities: list[UserCapability],
+    capabilities: list[Capability],
     _: User = Depends(get_current_user_if_admin),
-    db: Session | None = Depends(Connection.get),
 ):
     """
     DELETE ./{user_name}/capabilities: Remove capabilities from a user.
     """
 
     # get and change the user
-    user = User.from_db(
-        db=db,
-        name=user_name,
+    user = User.get(user_name)
+
+    user.set_capabilities(
+        user.get_capabilities() - set(capabilities)
     )
 
-    for capability in capabilities:
-        user.capabilities.remove(capability)
-
-    user.update(db)
+    user.update()