Merge branch 'master' into VORKOUT-7
This commit is contained in:
TheNoxium
@@ -2,11 +2,8 @@ from api.endpoints.auth import api_router as auth_router
|
||||
from api.endpoints.profile import api_router as profile_router
|
||||
from api.endpoints.account import api_router as account_router
|
||||
from api.endpoints.keyring import api_router as keyring_router
|
||||
list_of_routes = [
|
||||
auth_router,
|
||||
profile_router,
|
||||
account_router,
|
||||
keyring_router]
|
||||
|
||||
list_of_routes = [auth_router, profile_router, account_router, keyring_router]
|
||||
|
||||
__all__ = [
|
||||
"list_of_routes",
|
||||
|
||||
@@ -28,7 +28,6 @@ api_router = APIRouter(
|
||||
tags=["User accountModel"],
|
||||
)
|
||||
|
||||
|
||||
@api_router.get("",response_model=AllUserResponse)
|
||||
async def get_all_account(
|
||||
|
||||
@@ -87,33 +86,23 @@ async def create_account(
|
||||
|
||||
else:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_400_BAD_REQUEST,
|
||||
detail="An account with this information already exists.")
|
||||
|
||||
|
||||
status_code=status.HTTP_400_BAD_REQUEST, detail="An account with this information already exists."
|
||||
)
|
||||
|
||||
|
||||
@api_router.put("/{user_id}", response_model=User)
|
||||
async def update_account(
|
||||
user_id: int,
|
||||
request: Request,
|
||||
user_update: UserUpdate,
|
||||
connection: AsyncConnection = Depends(get_connection_dep)
|
||||
):
|
||||
|
||||
user_id: int, request: Request, user_update: UserUpdate, connection: AsyncConnection = Depends(get_connection_dep)
|
||||
):
|
||||
current_user = request.state.current_user
|
||||
|
||||
authorize_user = await db_user_role_validation(connection, current_user)
|
||||
|
||||
|
||||
user = await get_user_by_id(connection, user_id)
|
||||
if user is None:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_404_NOT_FOUND,
|
||||
detail="Account not found")
|
||||
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Account not found")
|
||||
|
||||
|
||||
update_values = update_user_data_changes(user_update,user)
|
||||
update_values = update_user_data_changes(user_update, user)
|
||||
|
||||
if update_values is None:
|
||||
return user
|
||||
@@ -139,17 +128,13 @@ async def delete_account(
|
||||
|
||||
authorize_user = await db_user_role_validation(connection, current_user)
|
||||
|
||||
|
||||
user = await get_user_by_id(connection, user_id)
|
||||
if user is None:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_404_NOT_FOUND,
|
||||
detail="Account not found")
|
||||
|
||||
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Account not found")
|
||||
|
||||
user_update = UserUpdate(status=AccountStatus.DELETED.value)
|
||||
|
||||
update_values = update_user_data_changes(user_update,user)
|
||||
update_values = update_user_data_changes(user_update, user)
|
||||
|
||||
if update_values is None:
|
||||
return user
|
||||
|
||||
@@ -9,9 +9,7 @@ from fastapi import (
|
||||
status,
|
||||
)
|
||||
|
||||
|
||||
from loguru import logger
|
||||
from pydantic.main import BaseModel
|
||||
from fastapi_jwt_auth import AuthJWT
|
||||
|
||||
from pydantic import BaseModel
|
||||
@@ -22,7 +20,7 @@ from api.config import get_settings
|
||||
from api.db.connection.session import get_connection_dep
|
||||
from api.services.auth import authenticate_user
|
||||
|
||||
from api.db.logic.auth import add_new_refresh_token,upgrade_old_refresh_token
|
||||
from api.db.logic.auth import add_new_refresh_token, upgrade_old_refresh_token
|
||||
|
||||
from api.schemas.endpoints.auth import Auth, Access
|
||||
|
||||
@@ -52,12 +50,11 @@ def get_config():
|
||||
|
||||
@api_router.post("", response_model=Access)
|
||||
async def login_for_access_token(
|
||||
user: Auth,
|
||||
response: Response,
|
||||
connection: AsyncConnection = Depends(get_connection_dep),
|
||||
Authorize: AuthJWT = Depends(),
|
||||
):
|
||||
|
||||
user: Auth,
|
||||
response: Response,
|
||||
connection: AsyncConnection = Depends(get_connection_dep),
|
||||
Authorize: AuthJWT = Depends(),
|
||||
):
|
||||
"""Авторизирует, выставляет токены в куки."""
|
||||
|
||||
user = await authenticate_user(connection, user.login, user.password)
|
||||
@@ -71,25 +68,18 @@ async def login_for_access_token(
|
||||
# headers={"WWW-Authenticate": "Bearer"},
|
||||
)
|
||||
|
||||
access_token_expires = timedelta(
|
||||
minutes=get_settings().ACCESS_TOKEN_EXPIRE_MINUTES)
|
||||
access_token_expires = timedelta(minutes=get_settings().ACCESS_TOKEN_EXPIRE_MINUTES)
|
||||
|
||||
refresh_token_expires = timedelta(
|
||||
days=get_settings().REFRESH_TOKEN_EXPIRE_DAYS
|
||||
)
|
||||
refresh_token_expires = timedelta(days=get_settings().REFRESH_TOKEN_EXPIRE_DAYS)
|
||||
|
||||
logger.debug(f"refresh_token_expires {refresh_token_expires}")
|
||||
|
||||
access_token = Authorize.create_access_token(
|
||||
subject=user.login, expires_time=access_token_expires
|
||||
)
|
||||
refresh_token = Authorize.create_refresh_token(
|
||||
subject=user.login, expires_time=refresh_token_expires
|
||||
)
|
||||
access_token = Authorize.create_access_token(subject=user.login, expires_time=access_token_expires)
|
||||
refresh_token = Authorize.create_refresh_token(subject=user.login, expires_time=refresh_token_expires)
|
||||
|
||||
refresh_token_expires_time = datetime.now(timezone.utc) + refresh_token_expires
|
||||
|
||||
await add_new_refresh_token(connection,refresh_token,refresh_token_expires_time,user)
|
||||
await add_new_refresh_token(connection, refresh_token, refresh_token_expires_time, user)
|
||||
|
||||
Authorize.set_refresh_cookies(refresh_token)
|
||||
|
||||
@@ -99,11 +89,8 @@ async def login_for_access_token(
|
||||
|
||||
@api_router.post("/refresh",response_model=Access)
|
||||
async def refresh(
|
||||
request: Request,
|
||||
connection: AsyncConnection = Depends(get_connection_dep),
|
||||
Authorize: AuthJWT = Depends()
|
||||
):
|
||||
|
||||
request: Request, connection: AsyncConnection = Depends(get_connection_dep), Authorize: AuthJWT = Depends()
|
||||
):
|
||||
refresh_token = request.cookies.get("refresh_token_cookie")
|
||||
# print("Refresh Token:", refresh_token)
|
||||
|
||||
@@ -111,24 +98,19 @@ async def refresh(
|
||||
raise HTTPException(status_code=401, detail="Refresh token is missing")
|
||||
|
||||
try:
|
||||
|
||||
Authorize.jwt_refresh_token_required()
|
||||
current_user = Authorize.get_jwt_subject()
|
||||
|
||||
|
||||
except Exception as e:
|
||||
|
||||
await upgrade_old_refresh_token(connection,current_user,refresh_token)
|
||||
await upgrade_old_refresh_token(connection, current_user, refresh_token)
|
||||
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_401_UNAUTHORIZED,
|
||||
detail="Invalid refresh token",
|
||||
)
|
||||
status_code=status.HTTP_401_UNAUTHORIZED,
|
||||
detail="Invalid refresh token",
|
||||
)
|
||||
|
||||
access_token_expires = timedelta(minutes=get_settings().ACCESS_TOKEN_EXPIRE_MINUTES)
|
||||
|
||||
new_access_token = Authorize.create_access_token(
|
||||
subject=current_user, expires_time=access_token_expires
|
||||
)
|
||||
new_access_token = Authorize.create_access_token(subject=current_user, expires_time=access_token_expires)
|
||||
|
||||
return Access(access_token=new_access_token)
|
||||
|
||||
@@ -47,22 +47,19 @@ async def get_keyring(
|
||||
keyring = await get_key_by_id(connection, key_id)
|
||||
|
||||
if keyring is None:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_404_NOT_FOUND,
|
||||
detail="Key not found")
|
||||
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Key not found")
|
||||
|
||||
return keyring
|
||||
|
||||
|
||||
@api_router.post("/{user_id}/{key_id}", response_model=AccountKeyring)
|
||||
async def create_keyring(
|
||||
user_id: int,
|
||||
key_id: str,
|
||||
request: Request,
|
||||
key: AccountKeyringUpdate,
|
||||
connection: AsyncConnection = Depends(get_connection_dep)
|
||||
):
|
||||
|
||||
user_id: int,
|
||||
key_id: str,
|
||||
request: Request,
|
||||
key: AccountKeyringUpdate,
|
||||
connection: AsyncConnection = Depends(get_connection_dep),
|
||||
):
|
||||
current_user = request.state.current_user
|
||||
|
||||
authorize_user = await db_user_role_validation(connection, current_user)
|
||||
@@ -75,40 +72,33 @@ async def create_keyring(
|
||||
|
||||
else:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_400_BAD_REQUEST,
|
||||
detail="An keyring with this information already exists.")
|
||||
|
||||
status_code=status.HTTP_400_BAD_REQUEST, detail="An keyring with this information already exists."
|
||||
)
|
||||
|
||||
|
||||
@api_router.put("/{user_id}/{key_id}", response_model=AccountKeyring)
|
||||
async def update_keyring(
|
||||
user_id: int,
|
||||
key_id: str,
|
||||
request: Request,
|
||||
keyring_update: AccountKeyringUpdate,
|
||||
connection: AsyncConnection = Depends(get_connection_dep)
|
||||
):
|
||||
|
||||
user_id: int,
|
||||
key_id: str,
|
||||
request: Request,
|
||||
keyring_update: AccountKeyringUpdate,
|
||||
connection: AsyncConnection = Depends(get_connection_dep),
|
||||
):
|
||||
current_user = request.state.current_user
|
||||
|
||||
authorize_user = await db_user_role_validation(connection, current_user)
|
||||
|
||||
|
||||
keyring = await get_key_by_id(connection, key_id)
|
||||
if keyring is None:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_404_NOT_FOUND,
|
||||
detail="keyring not found")
|
||||
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="keyring not found")
|
||||
|
||||
|
||||
update_values = update_key_data_changes(keyring_update,keyring)
|
||||
update_values = update_key_data_changes(keyring_update, keyring)
|
||||
|
||||
if update_values is None:
|
||||
return keyring
|
||||
|
||||
keyring_update_data = AccountKeyring.model_validate({**keyring.model_dump(), **update_values})
|
||||
|
||||
|
||||
await update_key_by_id(connection, update_values, keyring)
|
||||
|
||||
|
||||
@@ -118,27 +108,19 @@ async def update_keyring(
|
||||
|
||||
@api_router.delete("/{user_id}/{key_id}", response_model=AccountKeyring)
|
||||
async def delete_keyring(
|
||||
user_id: int,
|
||||
key_id: str,
|
||||
request: Request,
|
||||
connection: AsyncConnection = Depends(get_connection_dep)
|
||||
):
|
||||
|
||||
user_id: int, key_id: str, request: Request, connection: AsyncConnection = Depends(get_connection_dep)
|
||||
):
|
||||
current_user = request.state.current_user
|
||||
|
||||
authorize_user = await db_user_role_validation(connection, current_user)
|
||||
|
||||
|
||||
keyring = await get_key_by_id(connection, key_id)
|
||||
if keyring is None:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_404_NOT_FOUND,
|
||||
detail="keyring not found")
|
||||
|
||||
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="keyring not found")
|
||||
|
||||
keyring_update = AccountKeyringUpdate(status=KeyStatus.DELETED.value)
|
||||
|
||||
update_values = update_key_data_changes(keyring_update,keyring)
|
||||
update_values = update_key_data_changes(keyring_update, keyring)
|
||||
|
||||
if update_values is None:
|
||||
return keyring
|
||||
|
||||
@@ -28,50 +28,42 @@ api_router = APIRouter(
|
||||
|
||||
@api_router.get("",response_model=User)
|
||||
async def get_profile(
|
||||
request: Request,
|
||||
connection: AsyncConnection = Depends(get_connection_dep),
|
||||
):
|
||||
request: Request,
|
||||
connection: AsyncConnection = Depends(get_connection_dep),
|
||||
):
|
||||
# Извлекаем текущего пользователя из request.state
|
||||
current_user = request.state.current_user
|
||||
|
||||
user = await get_user_by_login(connection, current_user)
|
||||
|
||||
if user is None:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_404_NOT_FOUND,
|
||||
detail="Account not found")
|
||||
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Account not found")
|
||||
|
||||
return user
|
||||
|
||||
|
||||
@api_router.put("",response_model=User)
|
||||
async def update_profile(
|
||||
request: Request,
|
||||
user_updata: UserUpdate,
|
||||
connection: AsyncConnection = Depends(get_connection_dep),
|
||||
|
||||
):
|
||||
|
||||
request: Request,
|
||||
user_updata: UserUpdate,
|
||||
connection: AsyncConnection = Depends(get_connection_dep),
|
||||
):
|
||||
current_user = request.state.current_user
|
||||
|
||||
user = await get_user_by_login(connection, current_user)
|
||||
if user is None:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_404_NOT_FOUND,
|
||||
detail="Account not found")
|
||||
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Account not found")
|
||||
|
||||
if user_updata.role == None and user_updata.login == None:
|
||||
update_values = update_user_data_changes(user_updata,user)
|
||||
update_values = update_user_data_changes(user_updata, user)
|
||||
|
||||
if update_values is None:
|
||||
return user
|
||||
if update_values is None:
|
||||
return user
|
||||
|
||||
await update_user_by_id(connection, update_values, user)
|
||||
|
||||
user = await get_user_by_id(connection, user.id)
|
||||
|
||||
return user
|
||||
return user
|
||||
else:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_422_UNPROCESSABLE_ENTITY ,
|
||||
detail="Bad body")
|
||||
raise HTTPException(status_code=status.HTTP_422_UNPROCESSABLE_ENTITY, detail="Bad body")
|
||||
|
||||
Reference in New Issue
Block a user