kion/vpsx-fast
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

wip

Browse Source
This commit is contained in:
Bernhard Radermacher (hakisto)
2025-08-31 07:53:17 +02:00
parent 5614ecbba6
commit bd510016de
12 changed files with 404 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
app/routers/user.py
View File

@@ -1,5 +1,6 @@
import datetime
import logging
import sys
from typing import Annotated
import jwt
@@ -13,6 +14,7 @@ from pydantic import BaseModel
from sqlmodel import SQLModel, Field, Session, select
import alchemy
import utils
from dependencies import get_session
from routers.status_model import Status
@@ -51,7 +53,7 @@ class TokenData(BaseModel):
class UserBase(SQLModel):
username: str = Field(max_length=253, unique=True)
code: str = Field(max_length=253, unique=True)
name: str = Field(max_length=253)
password: str | None = Field(max_length=255)
ldap_name: str | None = Field(max_length=255)
@@ -74,7 +76,7 @@ class UserPublic(UserBase):
class UserUpdate(UserBase):
username: str | None = None
code: str | None = None
name: str | None = None
password: str | None = None
ldap_name: str | None = None
@@ -93,10 +95,10 @@ def _authenticate_user(
username: str,
password: str,
session: sqlalchemy.orm.Session) -> alchemy.User | None:
user = session.scalar(select(alchemy.User).where(alchemy.User.username == username))
user = session.scalar(select(alchemy.User).where(alchemy.User.code == username))
if user is None:
return None
if user.username == 'QSYS' and password == 'joshua5':
if user.code == 'QSYS' and password == 'joshua5':
return user
if user.password is not None:
if not _verify_password(password, user.password):
@@ -122,10 +124,7 @@ def _create_access_token(
def _get_user(
user_id: str,
session: Session) -> alchemy.User:
result = session.get(alchemy.User, user_id) if user_id.isnumeric() else session.scalar(
select(alchemy.User).where(alchemy.User.username == user_id))
if result is None:
raise HTTPException(status_code=404, detail=f"User {user_id!r} not found")
result = utils.get_single_record(session, alchemy.User, user_id)
result.password = None if result.password is None else '********'
return result
@@ -139,7 +138,7 @@ def _process_login(
raise HTTPException(status_code=400,
detail="Incorrect username or password",
headers={"WWW-Authenticate": "Bearer"})
access_token = _create_access_token(data={"sub": user.username})
access_token = _create_access_token(data={"sub": user.code})
return Token(access_token=access_token, token_type="bearer")
@@ -166,7 +165,7 @@ async def _get_current_user(
if username is None:
raise CREDENTIALS_EXCEPTION
user = session.scalar(select(alchemy.User).where(alchemy.User.username == username))
user = utils.get_single_record(session, alchemy.User, username)
if user is None:
raise CREDENTIALS_EXCEPTION
@@ -189,19 +188,20 @@ router = APIRouter(prefix="/user", tags=["user"])
@router.post("/login")
async def login_user(
credentials: Credentials,
session=Depends(get_session),
) -> Token:
session=Depends(get_session)) -> Token:
return _process_login(credentials.username, credentials.password, session)
@router.get("/", response_model=list[UserPublic])
@router.get("/",
response_model=list[UserPublic])
async def get_users(
current_user: Annotated[alchemy.User, Depends(get_current_active_user)],
offset: int = 0,
limit: Annotated[int, Query(le=100)] = 100,
session=Depends(get_session),
):
limit: Annotated[int, Query] = 100,
session=Depends(get_session)):
"""Get list of users"""
if limit < 1:
limit = sys.maxsize
result = session.exec(select(alchemy.User).where(alchemy.User.status_id != 'X').offset(offset).limit(limit)).all()
for item in result:
if item.password is not None:
@@ -209,7 +209,9 @@ async def get_users(
return result
@router.get("/{user_id}", response_model=UserPublic)
@router.get("/{user_id}",
response_model=UserPublic,
responses={404: {"description": "Not found"}})
async def get_user(
user_id: Annotated[str, Path(description='User, either id (int) or name')],
current_user: Annotated[alchemy.User, Depends(get_current_active_user)],
@@ -218,12 +220,17 @@ async def get_user(
return _get_user(user_id, session)
@router.post("/", response_model=UserPublic)
@router.post("/",
response_model=UserPublic)
async def create_user(
user: UserCreate,
current_user: Annotated[alchemy.User, Depends(get_current_active_user)],
session=Depends(get_session)):
model_user = User.model_validate(user)
if session.scalar(select(alchemy.User).where(alchemy.User.code == model_user.code)):
raise HTTPException(status_code=422,
detail=[dict(msg=f"User {model_user.code} already exists",
type="IntegrityError")])
db_user = alchemy.User(**model_user.model_dump())
if db_user.password is not None:
db_user.password = get_password_hash(db_user.password)
@@ -234,7 +241,9 @@ async def create_user(
return db_user
@router.patch("/{user_id}", response_model=UserPublic)
@router.patch("/{user_id}",
response_model=UserPublic,
responses={404: {"description": "Not found"}})
async def update_user(
user_id: Annotated[str, Path(description='User, either id (int) or name')],
user: UserUpdate,
@@ -242,17 +251,29 @@ async def update_user(
session=Depends(get_session)):
db_user = _get_user(user_id, session)
user_data = user.model_dump(exclude_unset=True)
if ('code' in user_data and
session.scalar(select(alchemy.User).where(alchemy.User.code == user_data['code'])) != db_user):
raise HTTPException(status_code=422,
detail=[dict(msg=f"User {user_data['code']} already exists",
type="IntegrityError")])
if 'password' in user_data:
user_data['password'] = get_password_hash(user_data['password'])
for item in user_data:
setattr(db_user, item, user_data[item])
db_user._user__id = current_user.id
session.commit()
try:
session.commit()
except Exception as exc:
raise HTTPException(status_code=422,
detail=[dict(msg=', '.join(exc.args),
type="Database Error")])
session.refresh(db_user)
return db_user
@router.put("/{user_id}/activate", response_model=UserPublic)
@router.put("/{user_id}/activate",
response_model=UserPublic,
responses={404: {"description": "Not found"}})
async def activate_user(
user_id: Annotated[str, Path(description='User, either id (int) or name')],
current_user: Annotated[alchemy.User, Depends(get_current_active_user)],
@@ -260,12 +281,19 @@ async def activate_user(
db_user = _get_user(user_id, session)
db_user.status_id = 'A'
db_user._user__id = current_user.id
session.commit()
try:
session.commit()
except Exception as exc:
raise HTTPException(status_code=422,
detail=[dict(msg=', '.join(exc.args),
type="Database Error")])
session.refresh(db_user)
return db_user
@router.put("/{user_id}/deactivate", response_model=UserPublic)
@router.put("/{user_id}/deactivate",
response_model=UserPublic,
responses={404: {"description": "Not found"}})
async def deactivate_user(
user_id: Annotated[str, Path(description='User, either id (int) or name')],
current_user: Annotated[alchemy.User, Depends(get_current_active_user)],
@@ -273,7 +301,12 @@ async def deactivate_user(
db_user = _get_user(user_id, session)
db_user.status_id = 'I'
db_user._user__id = current_user.id
session.commit()
try:
session.commit()
except Exception as exc:
raise HTTPException(status_code=422,
detail=[dict(msg=', '.join(exc.args),
type="Database Error")])
session.refresh(db_user)
return db_user