make User.authenticate an instance function

2022-03-20 04:00:14 +00:00 · 2022-03-20 04:00:14 +00:00 · 692bf0ef63
commit 692bf0ef63
parent ecb97df3d6
2 changed files with 29 additions and 31 deletions
--- a/api/kiwi_vpn_api/db/schemas.py
+++ b/api/kiwi_vpn_api/db/schemas.py
@ -76,8 +76,8 @@ class UserCreate(UserBase):


 class User(UserBase):
-    certificates: list[Certificate]
-    capabilities: list[UserCapability]
+    certificates: list[Certificate] = []
+    capabilities: list[UserCapability] = []

    class Config:
        orm_mode = True
@ -109,29 +109,6 @@ class User(UserBase):

        return cls.from_orm(db_user)

-    @classmethod
-    def authenticate(
-        cls,
-        db: Session,
-        name: str,
-        password: str,
-        crypt_context: CryptContext,
-    ) -> User | None:
-        """
-        Authenticate with name/password against users in database.
-        """
-
-        if (db_user := models.User.load(db, name)) is None:
-            # nonexistent user, fake doing password verification
-            crypt_context.dummy_verify()
-            return None
-
-        if not crypt_context.verify(password, db_user.password):
-            # password hash mismatch
-            return None
-
-        return cls.from_orm(db_user)
-
    @classmethod
    def create(
        cls,
@ -160,6 +137,29 @@ class User(UserBase):
            # user already existed
            pass

+    def authenticate(
+        self,
+        db: Session,
+        password: str,
+        crypt_context: CryptContext,
+    ) -> User | None:
+        """
+        Authenticate with name/password against users in database.
+        """
+
+        if (db_user := models.User.load(db, self.name)) is None:
+            # nonexistent user, fake doing password verification
+            crypt_context.dummy_verify()
+            return False
+
+        if not crypt_context.verify(password, db_user.password):
+            # password hash mismatch
+            return False
+
+        self.from_orm(db_user)
+
+        return True
+
    def add_capabilities(
        self,
        db: Session,
--- a/api/kiwi_vpn_api/routers/user.py
+++ b/api/kiwi_vpn_api/routers/user.py
@ -39,15 +39,13 @@ async def login(
        raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST)

    # try logging in
-    user = User.authenticate(
+    user = User(name=form_data.username)
+    if not user.authenticate(
        db=db,
-        name=form_data.username,
        password=form_data.password,
        crypt_context=await current_config.crypto.crypt_context,
-    )
-
-    # authentication failed
-    if user is None:
+    ):
+        # authentication failed
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Could not validate credentials",