fix user router
This commit is contained in:
parent
77b40cb836
commit
3d2abbc39b
3 changed files with 31 additions and 47 deletions
|
@ -1,12 +1,10 @@
|
||||||
from fastapi import APIRouter
|
from fastapi import APIRouter
|
||||||
|
|
||||||
from . import admin
|
from . import admin, user
|
||||||
|
|
||||||
# from . import user
|
main_router = APIRouter()
|
||||||
|
|
||||||
main_router = APIRouter(prefix="/api/v1")
|
|
||||||
|
|
||||||
main_router.include_router(admin.router)
|
main_router.include_router(admin.router)
|
||||||
# main_router.include_router(user.router)
|
main_router.include_router(user.router)
|
||||||
|
|
||||||
__all__ = ["main_router"]
|
__all__ = ["main_router"]
|
||||||
|
|
|
@ -6,10 +6,12 @@ Common dependencies for routers.
|
||||||
from fastapi import Depends, HTTPException, status
|
from fastapi import Depends, HTTPException, status
|
||||||
from fastapi.security import OAuth2PasswordBearer
|
from fastapi.security import OAuth2PasswordBearer
|
||||||
|
|
||||||
from ..config import Config
|
from ..config import Config, Settings
|
||||||
from ..db import Capability, User
|
from ..db import Capability, User
|
||||||
|
|
||||||
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="user/authenticate")
|
oauth2_scheme = OAuth2PasswordBearer(
|
||||||
|
tokenUrl=f"{Settings._.api_v1_prefix}/user/authenticate"
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
class Responses:
|
class Responses:
|
||||||
|
|
|
@ -5,11 +5,9 @@
|
||||||
from fastapi import APIRouter, Depends, HTTPException, status
|
from fastapi import APIRouter, Depends, HTTPException, status
|
||||||
from fastapi.security import OAuth2PasswordRequestForm
|
from fastapi.security import OAuth2PasswordRequestForm
|
||||||
from pydantic import BaseModel
|
from pydantic import BaseModel
|
||||||
from sqlalchemy.orm import Session
|
|
||||||
|
|
||||||
from ..config import Config
|
from ..config import Config
|
||||||
from ..db import Connection
|
from ..db import Capability, User, UserCreate, UserRead
|
||||||
from ..db.schemata import User, UserCapability, UserCreate
|
|
||||||
from ._common import Responses, get_current_user, get_current_user_if_admin
|
from ._common import Responses, get_current_user, get_current_user_if_admin
|
||||||
|
|
||||||
router = APIRouter(prefix="/user", tags=["user"])
|
router = APIRouter(prefix="/user", tags=["user"])
|
||||||
|
@ -28,7 +26,6 @@ class Token(BaseModel):
|
||||||
async def login(
|
async def login(
|
||||||
form_data: OAuth2PasswordRequestForm = Depends(),
|
form_data: OAuth2PasswordRequestForm = Depends(),
|
||||||
current_config: Config | None = Depends(Config.load),
|
current_config: Config | None = Depends(Config.load),
|
||||||
db: Session | None = Depends(Connection.get),
|
|
||||||
):
|
):
|
||||||
"""
|
"""
|
||||||
POST ./authenticate: Authenticate a user. Issues a bearer token.
|
POST ./authenticate: Authenticate a user. Issues a bearer token.
|
||||||
|
@ -39,12 +36,10 @@ async def login(
|
||||||
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST)
|
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST)
|
||||||
|
|
||||||
# try logging in
|
# try logging in
|
||||||
user = User(name=form_data.username)
|
if not (user := User.authenticate(
|
||||||
if not user.authenticate(
|
name=form_data.username,
|
||||||
db=db,
|
|
||||||
password=form_data.password,
|
password=form_data.password,
|
||||||
crypt_context=current_config.crypto.crypt_context,
|
)):
|
||||||
):
|
|
||||||
# authentication failed
|
# authentication failed
|
||||||
raise HTTPException(
|
raise HTTPException(
|
||||||
status_code=status.HTTP_401_UNAUTHORIZED,
|
status_code=status.HTTP_401_UNAUTHORIZED,
|
||||||
|
@ -57,7 +52,7 @@ async def login(
|
||||||
return {"access_token": access_token, "token_type": "bearer"}
|
return {"access_token": access_token, "token_type": "bearer"}
|
||||||
|
|
||||||
|
|
||||||
@router.get("/current", response_model=User)
|
@router.get("/current", response_model=UserRead)
|
||||||
async def get_current_user(
|
async def get_current_user(
|
||||||
current_user: User | None = Depends(get_current_user),
|
current_user: User | None = Depends(get_current_user),
|
||||||
):
|
):
|
||||||
|
@ -81,20 +76,14 @@ async def get_current_user(
|
||||||
)
|
)
|
||||||
async def add_user(
|
async def add_user(
|
||||||
user: UserCreate,
|
user: UserCreate,
|
||||||
current_config: Config | None = Depends(Config.load),
|
|
||||||
_: User = Depends(get_current_user_if_admin),
|
_: User = Depends(get_current_user_if_admin),
|
||||||
db: Session | None = Depends(Connection.get),
|
|
||||||
):
|
):
|
||||||
"""
|
"""
|
||||||
POST ./: Create a new user in the database.
|
POST ./: Create a new user in the database.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
# actually create the new user
|
# actually create the new user
|
||||||
new_user = User.create(
|
new_user = User.create(**user.dict())
|
||||||
db=db,
|
|
||||||
user=user,
|
|
||||||
crypt_context=current_config.crypto.crypt_context,
|
|
||||||
)
|
|
||||||
|
|
||||||
# fail if creation was unsuccessful
|
# fail if creation was unsuccessful
|
||||||
if new_user is None:
|
if new_user is None:
|
||||||
|
@ -118,22 +107,21 @@ async def add_user(
|
||||||
async def remove_user(
|
async def remove_user(
|
||||||
user_name: str,
|
user_name: str,
|
||||||
_: User = Depends(get_current_user_if_admin),
|
_: User = Depends(get_current_user_if_admin),
|
||||||
db: Session | None = Depends(Connection.get),
|
|
||||||
):
|
):
|
||||||
"""
|
"""
|
||||||
DELETE ./{user_name}: Remove a user from the database.
|
DELETE ./{user_name}: Remove a user from the database.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
# get the user
|
# get the user
|
||||||
user = User.from_db(
|
user = User.get(user_name)
|
||||||
db=db,
|
|
||||||
name=user_name,
|
|
||||||
)
|
|
||||||
|
|
||||||
# fail if deletion was unsuccessful
|
# fail if user not found
|
||||||
if user is None or not user.delete(db):
|
if user is None:
|
||||||
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND)
|
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND)
|
||||||
|
|
||||||
|
# delete user
|
||||||
|
user.delete()
|
||||||
|
|
||||||
|
|
||||||
@router.post(
|
@router.post(
|
||||||
"/{user_name}/capabilities",
|
"/{user_name}/capabilities",
|
||||||
|
@ -146,22 +134,21 @@ async def remove_user(
|
||||||
)
|
)
|
||||||
async def extend_capabilities(
|
async def extend_capabilities(
|
||||||
user_name: str,
|
user_name: str,
|
||||||
capabilities: list[UserCapability],
|
capabilities: list[Capability],
|
||||||
_: User = Depends(get_current_user_if_admin),
|
_: User = Depends(get_current_user_if_admin),
|
||||||
db: Session | None = Depends(Connection.get),
|
|
||||||
):
|
):
|
||||||
"""
|
"""
|
||||||
POST ./{user_name}/capabilities: Add capabilities to a user.
|
POST ./{user_name}/capabilities: Add capabilities to a user.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
# get and change the user
|
# get and change the user
|
||||||
user = User.from_db(
|
user = User.get(user_name)
|
||||||
db=db,
|
|
||||||
name=user_name,
|
user.set_capabilities(
|
||||||
|
user.get_capabilities() | set(capabilities)
|
||||||
)
|
)
|
||||||
|
|
||||||
user.capabilities.extend(capabilities)
|
user.update()
|
||||||
user.update(db)
|
|
||||||
|
|
||||||
|
|
||||||
@router.delete(
|
@router.delete(
|
||||||
|
@ -175,21 +162,18 @@ async def extend_capabilities(
|
||||||
)
|
)
|
||||||
async def remove_capabilities(
|
async def remove_capabilities(
|
||||||
user_name: str,
|
user_name: str,
|
||||||
capabilities: list[UserCapability],
|
capabilities: list[Capability],
|
||||||
_: User = Depends(get_current_user_if_admin),
|
_: User = Depends(get_current_user_if_admin),
|
||||||
db: Session | None = Depends(Connection.get),
|
|
||||||
):
|
):
|
||||||
"""
|
"""
|
||||||
DELETE ./{user_name}/capabilities: Remove capabilities from a user.
|
DELETE ./{user_name}/capabilities: Remove capabilities from a user.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
# get and change the user
|
# get and change the user
|
||||||
user = User.from_db(
|
user = User.get(user_name)
|
||||||
db=db,
|
|
||||||
name=user_name,
|
user.set_capabilities(
|
||||||
|
user.get_capabilities() - set(capabilities)
|
||||||
)
|
)
|
||||||
|
|
||||||
for capability in capabilities:
|
user.update()
|
||||||
user.capabilities.remove(capability)
|
|
||||||
|
|
||||||
user.update(db)
|
|
||||||
|
|
Loading…
Reference in a new issue