Yavook.de/kiwi-vpn
1
0
Fork 1
Code Issues Pull requests Projects Releases Wiki Activity

Compare commits

base: Yavook.de:799b2f7585c97adea0a5ed8dc00b26cb39a5561a
Branches Tags
Yavook.de:master
Yavook.de:develop
Yavook.de:permission_exceptions
...
compare: Yavook.de:3d2abbc39bc7a089bed6624933666ee23fd506e6
Branches Tags
Yavook.de:develop
Yavook.de:permission_exceptions
Yavook.de:master

4 commits
799b2f7585 ... 3d2abbc39b

Author SHA1 Message Date
Jörn-Michael Miehe
3d2abbc39b fix user router 2022-03-28 20:18:19 +00:00
Jörn-Michael Miehe
77b40cb836 User.delete return value 2022-03-28 20:18:00 +00:00
Jörn-Michael Miehe
a5783a0c40 fix: typing 2022-03-28 20:04:49 +00:00
Jörn-Michael Miehe
aa8563995e Settings.get() -> Settings._ 2022-03-28 20:04:19 +00:00
7 changed files with 45 additions and 62 deletions
Show stats Expand all files Collapse all files

14
api/kiwi_vpn_api/config.py
View file

@ -29,14 +29,16 @@ class Settings(BaseSettings):
production_mode: bool = False
data_dir: Path = Path("./tmp")
api_v1_prefix: str = "api/v1"
openapi_url: str = "/openapi.json"
docs_url: str | None = "/docs"
redoc_url: str | None = "/redoc"
@staticmethod
@classmethod
@property
@functools.lru_cache
def get() -> Settings:
return Settings()
def _(cls) -> Settings:
return cls()
@property
def config_file(self) -> Path:
@ -61,7 +63,7 @@ class DBConfig(BaseModel):
user: str | None = None
password: str | None = None
host: str | None = None
database: str | None = Settings.get().data_dir.joinpath("vpn.db")
database: str | None = Settings._.data_dir.joinpath("vpn.db")
mysql_driver: str = "pymysql"
mysql_args: list[str] = ["charset=utf8mb4"]
@ -201,7 +203,7 @@ class Config(BaseModel):
return cls.__singleton
try:
with open(Settings.get().config_file, "r") as config_file:
with open(Settings._.config_file, "r") as config_file:
cls.__singleton = Config.parse_obj(json.load(config_file))
return cls.__singleton
@ -222,5 +224,5 @@ class Config(BaseModel):
Save configuration to config file
"""
with open(Settings.get().config_file, "w") as config_file:
with open(Settings._.config_file, "w") as config_file:
config_file.write(self.json(indent=2))

2
api/kiwi_vpn_api/db/user.py
View file

@ -100,7 +100,7 @@ class User(UserBase, table=True):
db.commit()
db.refresh(self)
def delete(self) -> bool:
def delete(self) -> None:
"""
Delete this user from the database.
"""

11
api/kiwi_vpn_api/main.py
View file

@ -16,9 +16,6 @@ from .config import Config, Settings
from .db import Connection, User
from .routers import main_router
settings = Settings.get()
app = FastAPI(
title="kiwi-vpn API",
description="This API enables the `kiwi-vpn` service.",
@ -30,12 +27,12 @@ app = FastAPI(
"name": "MIT License",
"url": "https://opensource.org/licenses/mit-license.php",
},
openapi_url=settings.openapi_url,
docs_url=settings.docs_url if not settings.production_mode else None,
redoc_url=settings.redoc_url if not settings.production_mode else None,
openapi_url=Settings._.openapi_url,
docs_url=Settings._.docs_url if not Settings._.production_mode else None,
redoc_url=Settings._.redoc_url if not Settings._.production_mode else None,
)
app.include_router(main_router)
app.include_router(main_router, prefix=f"/{Settings._.api_v1_prefix}")
@app.on_event("startup")

8
api/kiwi_vpn_api/routers/__init__.py
View file

@ -1,12 +1,10 @@
from fastapi import APIRouter
from . import admin
from . import admin, user
# from . import user
main_router = APIRouter(prefix="/api/v1")
main_router = APIRouter()
main_router.include_router(admin.router)
# main_router.include_router(user.router)
main_router.include_router(user.router)
__all__ = ["main_router"]

6
api/kiwi_vpn_api/routers/_common.py
View file

@ -6,10 +6,12 @@ Common dependencies for routers.
from fastapi import Depends, HTTPException, status
from fastapi.security import OAuth2PasswordBearer
from ..config import Config
from ..config import Config, Settings
from ..db import Capability, User
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="user/authenticate")
oauth2_scheme = OAuth2PasswordBearer(
tokenUrl=f"{Settings._.api_v1_prefix}/user/authenticate"
)
class Responses:

2
api/kiwi_vpn_api/routers/admin.py
View file

@ -78,7 +78,7 @@ async def create_initial_admin(
)
async def set_config(
config: Config,
_: User | None = Depends(get_current_user_if_admin),
_: User = Depends(get_current_user_if_admin),
):
"""
PUT ./config: Edit `kiwi-vpn` main config.

64
api/kiwi_vpn_api/routers/user.py
View file

@ -5,11 +5,9 @@
from fastapi import APIRouter, Depends, HTTPException, status
from fastapi.security import OAuth2PasswordRequestForm
from pydantic import BaseModel
from sqlalchemy.orm import Session
from ..config import Config
from ..db import Connection
from ..db.schemata import User, UserCapability, UserCreate
from ..db import Capability, User, UserCreate, UserRead
from ._common import Responses, get_current_user, get_current_user_if_admin
router = APIRouter(prefix="/user", tags=["user"])
@ -28,7 +26,6 @@ class Token(BaseModel):
async def login(
form_data: OAuth2PasswordRequestForm = Depends(),
current_config: Config | None = Depends(Config.load),
db: Session | None = Depends(Connection.get),
):
"""
POST ./authenticate: Authenticate a user. Issues a bearer token.
@ -39,12 +36,10 @@ async def login(
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST)
# try logging in
user = User(name=form_data.username)
if not user.authenticate(
db=db,
if not (user := User.authenticate(
name=form_data.username,
password=form_data.password,
crypt_context=current_config.crypto.crypt_context,
):
)):
# authentication failed
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
@ -57,7 +52,7 @@ async def login(
return {"access_token": access_token, "token_type": "bearer"}
@router.get("/current", response_model=User)
@router.get("/current", response_model=UserRead)
async def get_current_user(
current_user: User | None = Depends(get_current_user),
):
@ -81,20 +76,14 @@ async def get_current_user(
)
async def add_user(
user: UserCreate,
current_config: Config | None = Depends(Config.load),
_: User = Depends(get_current_user_if_admin),
db: Session | None = Depends(Connection.get),
):
"""
POST ./: Create a new user in the database.
"""
# actually create the new user
new_user = User.create(
db=db,
user=user,
crypt_context=current_config.crypto.crypt_context,
)
new_user = User.create(**user.dict())
# fail if creation was unsuccessful
if new_user is None:
@ -118,22 +107,21 @@ async def add_user(
async def remove_user(
user_name: str,
_: User = Depends(get_current_user_if_admin),
db: Session | None = Depends(Connection.get),
):
"""
DELETE ./{user_name}: Remove a user from the database.
"""
# get the user
user = User.from_db(
db=db,
name=user_name,
)
user = User.get(user_name)
# fail if deletion was unsuccessful
if user is None or not user.delete(db):
# fail if user not found
if user is None:
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND)
# delete user
user.delete()
@router.post(
"/{user_name}/capabilities",
@ -146,22 +134,21 @@ async def remove_user(
)
async def extend_capabilities(
user_name: str,
capabilities: list[UserCapability],
capabilities: list[Capability],
_: User = Depends(get_current_user_if_admin),
db: Session | None = Depends(Connection.get),
):
"""
POST ./{user_name}/capabilities: Add capabilities to a user.
"""
# get and change the user
user = User.from_db(
db=db,
name=user_name,
user = User.get(user_name)
user.set_capabilities(
user.get_capabilities() | set(capabilities)
)
user.capabilities.extend(capabilities)
user.update(db)
user.update()
@router.delete(
@ -175,21 +162,18 @@ async def extend_capabilities(
)
async def remove_capabilities(
user_name: str,
capabilities: list[UserCapability],
capabilities: list[Capability],
_: User = Depends(get_current_user_if_admin),
db: Session | None = Depends(Connection.get),
):
"""
DELETE ./{user_name}/capabilities: Remove capabilities from a user.
"""
# get and change the user
user = User.from_db(
db=db,
name=user_name,
user = User.get(user_name)
user.set_capabilities(
user.get_capabilities() - set(capabilities)
)
for capability in capabilities:
user.capabilities.remove(capability)
user.update(db)
user.update()