make User.authenticate an instance function
This commit is contained in:
parent
ecb97df3d6
commit
692bf0ef63
2 changed files with 29 additions and 31 deletions
|
@ -76,8 +76,8 @@ class UserCreate(UserBase):
|
||||||
|
|
||||||
|
|
||||||
class User(UserBase):
|
class User(UserBase):
|
||||||
certificates: list[Certificate]
|
certificates: list[Certificate] = []
|
||||||
capabilities: list[UserCapability]
|
capabilities: list[UserCapability] = []
|
||||||
|
|
||||||
class Config:
|
class Config:
|
||||||
orm_mode = True
|
orm_mode = True
|
||||||
|
@ -109,29 +109,6 @@ class User(UserBase):
|
||||||
|
|
||||||
return cls.from_orm(db_user)
|
return cls.from_orm(db_user)
|
||||||
|
|
||||||
@classmethod
|
|
||||||
def authenticate(
|
|
||||||
cls,
|
|
||||||
db: Session,
|
|
||||||
name: str,
|
|
||||||
password: str,
|
|
||||||
crypt_context: CryptContext,
|
|
||||||
) -> User | None:
|
|
||||||
"""
|
|
||||||
Authenticate with name/password against users in database.
|
|
||||||
"""
|
|
||||||
|
|
||||||
if (db_user := models.User.load(db, name)) is None:
|
|
||||||
# nonexistent user, fake doing password verification
|
|
||||||
crypt_context.dummy_verify()
|
|
||||||
return None
|
|
||||||
|
|
||||||
if not crypt_context.verify(password, db_user.password):
|
|
||||||
# password hash mismatch
|
|
||||||
return None
|
|
||||||
|
|
||||||
return cls.from_orm(db_user)
|
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def create(
|
def create(
|
||||||
cls,
|
cls,
|
||||||
|
@ -160,6 +137,29 @@ class User(UserBase):
|
||||||
# user already existed
|
# user already existed
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
def authenticate(
|
||||||
|
self,
|
||||||
|
db: Session,
|
||||||
|
password: str,
|
||||||
|
crypt_context: CryptContext,
|
||||||
|
) -> User | None:
|
||||||
|
"""
|
||||||
|
Authenticate with name/password against users in database.
|
||||||
|
"""
|
||||||
|
|
||||||
|
if (db_user := models.User.load(db, self.name)) is None:
|
||||||
|
# nonexistent user, fake doing password verification
|
||||||
|
crypt_context.dummy_verify()
|
||||||
|
return False
|
||||||
|
|
||||||
|
if not crypt_context.verify(password, db_user.password):
|
||||||
|
# password hash mismatch
|
||||||
|
return False
|
||||||
|
|
||||||
|
self.from_orm(db_user)
|
||||||
|
|
||||||
|
return True
|
||||||
|
|
||||||
def add_capabilities(
|
def add_capabilities(
|
||||||
self,
|
self,
|
||||||
db: Session,
|
db: Session,
|
||||||
|
|
|
@ -39,15 +39,13 @@ async def login(
|
||||||
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST)
|
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST)
|
||||||
|
|
||||||
# try logging in
|
# try logging in
|
||||||
user = User.authenticate(
|
user = User(name=form_data.username)
|
||||||
|
if not user.authenticate(
|
||||||
db=db,
|
db=db,
|
||||||
name=form_data.username,
|
|
||||||
password=form_data.password,
|
password=form_data.password,
|
||||||
crypt_context=await current_config.crypto.crypt_context,
|
crypt_context=await current_config.crypto.crypt_context,
|
||||||
)
|
):
|
||||||
|
|
||||||
# authentication failed
|
# authentication failed
|
||||||
if user is None:
|
|
||||||
raise HTTPException(
|
raise HTTPException(
|
||||||
status_code=status.HTTP_401_UNAUTHORIZED,
|
status_code=status.HTTP_401_UNAUTHORIZED,
|
||||||
detail="Could not validate credentials",
|
detail="Could not validate credentials",
|
||||||
|
|
Loading…
Reference in a new issue