make User.authenticate an instance function

This commit is contained in:
Jörn-Michael Miehe 2022-03-20 04:00:14 +00:00
parent ecb97df3d6
commit 692bf0ef63
2 changed files with 29 additions and 31 deletions

View file

@ -76,8 +76,8 @@ class UserCreate(UserBase):
class User(UserBase): class User(UserBase):
certificates: list[Certificate] certificates: list[Certificate] = []
capabilities: list[UserCapability] capabilities: list[UserCapability] = []
class Config: class Config:
orm_mode = True orm_mode = True
@ -109,29 +109,6 @@ class User(UserBase):
return cls.from_orm(db_user) return cls.from_orm(db_user)
@classmethod
def authenticate(
cls,
db: Session,
name: str,
password: str,
crypt_context: CryptContext,
) -> User | None:
"""
Authenticate with name/password against users in database.
"""
if (db_user := models.User.load(db, name)) is None:
# nonexistent user, fake doing password verification
crypt_context.dummy_verify()
return None
if not crypt_context.verify(password, db_user.password):
# password hash mismatch
return None
return cls.from_orm(db_user)
@classmethod @classmethod
def create( def create(
cls, cls,
@ -160,6 +137,29 @@ class User(UserBase):
# user already existed # user already existed
pass pass
def authenticate(
self,
db: Session,
password: str,
crypt_context: CryptContext,
) -> User | None:
"""
Authenticate with name/password against users in database.
"""
if (db_user := models.User.load(db, self.name)) is None:
# nonexistent user, fake doing password verification
crypt_context.dummy_verify()
return False
if not crypt_context.verify(password, db_user.password):
# password hash mismatch
return False
self.from_orm(db_user)
return True
def add_capabilities( def add_capabilities(
self, self,
db: Session, db: Session,

View file

@ -39,15 +39,13 @@ async def login(
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST) raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST)
# try logging in # try logging in
user = User.authenticate( user = User(name=form_data.username)
if not user.authenticate(
db=db, db=db,
name=form_data.username,
password=form_data.password, password=form_data.password,
crypt_context=await current_config.crypto.crypt_context, crypt_context=await current_config.crypto.crypt_context,
) ):
# authentication failed # authentication failed
if user is None:
raise HTTPException( raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED, status_code=status.HTTP_401_UNAUTHORIZED,
detail="Could not validate credentials", detail="Could not validate credentials",