make User.authenticate an instance function

revert main.py
2022-03-20 04:00:14 +00:00 · 2022-03-20 03:59:25 +00:00
3 changed files with 52 additions and 54 deletions
--- a/api/kiwi_vpn_api/db/schemas.py
+++ b/api/kiwi_vpn_api/db/schemas.py
@ -76,8 +76,8 @@ class UserCreate(UserBase):


 class User(UserBase):
-    certificates: list[Certificate]
-    capabilities: list[UserCapability]
+    certificates: list[Certificate] = []
+    capabilities: list[UserCapability] = []

    class Config:
        orm_mode = True
@ -109,29 +109,6 @@ class User(UserBase):

        return cls.from_orm(db_user)

-    @classmethod
-    def authenticate(
-        cls,
-        db: Session,
-        name: str,
-        password: str,
-        crypt_context: CryptContext,
-    ) -> User | None:
-        """
-        Authenticate with name/password against users in database.
-        """
-
-        if (db_user := models.User.load(db, name)) is None:
-            # nonexistent user, fake doing password verification
-            crypt_context.dummy_verify()
-            return None
-
-        if not crypt_context.verify(password, db_user.password):
-            # password hash mismatch
-            return None
-
-        return cls.from_orm(db_user)
-
    @classmethod
    def create(
        cls,
@ -160,6 +137,29 @@ class User(UserBase):
            # user already existed
            pass

+    def authenticate(
+        self,
+        db: Session,
+        password: str,
+        crypt_context: CryptContext,
+    ) -> User | None:
+        """
+        Authenticate with name/password against users in database.
+        """
+
+        if (db_user := models.User.load(db, self.name)) is None:
+            # nonexistent user, fake doing password verification
+            crypt_context.dummy_verify()
+            return False
+
+        if not crypt_context.verify(password, db_user.password):
+            # password hash mismatch
+            return False
+
+        self.from_orm(db_user)
+
+        return True
+
    def add_capabilities(
        self,
        db: Session,
--- a/api/kiwi_vpn_api/main.py
+++ b/api/kiwi_vpn_api/main.py
@ -17,8 +17,31 @@ from .db import Connection
 from .db.schemas import User
 from .routers import admin, user

+settings = Settings.get()
+
 app = FastAPI()

+api = FastAPI(
+    title="kiwi-vpn API",
+    description="This API enables the `kiwi-vpn` service.",
+    contact={
+        "name": "Jörn-Michael Miehe",
+        "email": "40151420+ldericher@users.noreply.github.com",
+    },
+    license_info={
+        "name": "MIT License",
+        "url": "https://opensource.org/licenses/mit-license.php",
+    },
+    openapi_url=settings.openapi_url,
+    docs_url=settings.docs_url if not settings.production_mode else None,
+    redoc_url=settings.redoc_url if not settings.production_mode else None,
+)
+
+api.include_router(admin.router)
+api.include_router(user.router)
+
+app.mount("/api", api)
+

@app.on_event("startup")
 async def on_startup() -> None:
@ -34,29 +57,6 @@ async def on_startup() -> None:


 def main() -> None:
-    settings = Settings.get()
-
-    api = FastAPI(
-        title="kiwi-vpn API",
-        description="This API enables the `kiwi-vpn` service.",
-        contact={
-            "name": "Jörn-Michael Miehe",
-            "email": "40151420+ldericher@users.noreply.github.com",
-        },
-        license_info={
-            "name": "MIT License",
-            "url": "https://opensource.org/licenses/mit-license.php",
-        },
-        openapi_url=settings.openapi_url,
-        docs_url=settings.docs_url if not settings.production_mode else None,
-        redoc_url=settings.redoc_url if not settings.production_mode else None,
-    )
-
-    api.include_router(admin.router)
-    api.include_router(user.router)
-
-    app.mount("/api", api)
-
    uvicorn.run(
        "kiwi_vpn_api.main:app",
        host="0.0.0.0",
--- a/api/kiwi_vpn_api/routers/user.py
+++ b/api/kiwi_vpn_api/routers/user.py
@ -39,15 +39,13 @@ async def login(
        raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST)

    # try logging in
-    user = User.authenticate(
+    user = User(name=form_data.username)
+    if not user.authenticate(
        db=db,
-        name=form_data.username,
        password=form_data.password,
        crypt_context=await current_config.crypto.crypt_context,
-    )
-
-    # authentication failed
-    if user is None:
+    ):
+        # authentication failed
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Could not validate credentials",
Author	SHA1	Message	Date
Jörn-Michael Miehe	692bf0ef63	make User.authenticate an instance function	2022-03-20 04:00:14 +00:00
Jörn-Michael Miehe	ecb97df3d6	revert main.py	2022-03-20 03:59:25 +00:00