refactor(tables): change enum, str to StrEnum

Reviewed-on: #9
Reviewed-by: cyrussmeat <dr.cyrill@gmail.com>

Makefile

@@ -39,12 +39,22 @@ revision:
 
 venv-api:
 	cd api && \
+	poetry env activate \
 	poetry install
 
 install:
 	make migrate head && \
 	cd api && \
-	poetry run python3 api/utils/init.py
+	poetry run python3  -m api.utils.init
 
 %::
 	echo $(MESSAGE)
+
+format-api:
+	cd api && \
+	poetry run ruff format .
+
+
+check-api:
+	cd api && \
+	poetry run ruff format . --check

api/api/__main__.py

@@ -9,9 +9,10 @@ from uvicorn import run
 from api.config import get_settings, DefaultSettings
 from api.endpoints import list_of_routes
 from api.utils.common import get_hostname
+from api.services.middleware import MiddlewareAccessTokenValidadtion
 
 logger = logging.getLogger()
-logger.setLevel(logging.INFO)
+logger.setLevel(logging.DEBUG)
 
 
 def bind_routes(application: FastAPI, setting: DefaultSettings) -> None:
@@ -32,7 +33,7 @@ def get_app() -> FastAPI:
         description=description,
         docs_url="/swagger",
         openapi_url="/openapi",
-        version="0.1.0",
+        version="0.0.2",
     )
     settings = get_settings()
     bind_routes(application, settings)
@@ -44,6 +45,7 @@ app = get_app()
 
 dev_origins = [
     "http://localhost:3000",
+    "http://127.0.0.1:64775",
 ]
 
 prod_origins = [""]
@@ -78,3 +80,5 @@ app.add_middleware(
     allow_methods=["GET", "POST", "OPTIONS", "DELETE", "PUT"],
     allow_headers=["*"],
 )
+
+app.add_middleware(MiddlewareAccessTokenValidadtion)

api/api/config/default.py

@@ -44,6 +44,12 @@ class DefaultSettings(BaseSettings):
     REDIS_DB: int = int(environ.get("REDIS_DB", "0"))
     REDIS_PASSWORD: str = environ.get("REDIS_PASSWORD", "hackme")
 
+    SECRET_KEY: str = environ.get("SECRET_KEY", "secret")
+    ALGORITHM: str = environ.get("ALGORITHM", "HS256")
+    ACCESS_TOKEN_EXPIRE_MINUTES: int = int(environ.get("ACCESS_TOKEN_EXPIRE_MINUTES", 600))
+
+    REFRESH_TOKEN_EXPIRE_DAYS: int = int(environ.get("REFRESH_TOKEN_EXPIRE_DAYS_LONG", 365))
+
     @cached_property
     def database_settings(self) -> dict:
         """Get all settings for connection with database."""

api/api/db/alembic/versions/f1b06efacec0_.py

@@ -0,0 +1,138 @@
+"""empty message
+
+Revision ID: f1b06efacec0
+Revises: 
+Create Date: 2025-04-23 15:09:14.833213
+
+"""
+from typing import Sequence, Union
+
+from alembic import op
+import sqlalchemy as sa
+from sqlalchemy.dialects import mysql
+
+# revision identifiers, used by Alembic.
+revision: str = 'f1b06efacec0'
+down_revision: Union[str, None] = None
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    """Upgrade schema."""
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.create_table('account',
+    sa.Column('id', sa.Integer().with_variant(mysql.INTEGER(unsigned=True), 'mysql'), autoincrement=True, nullable=False),
+    sa.Column('name', sa.String(length=100), nullable=False),
+    sa.Column('login', sa.String(length=100), nullable=False),
+    sa.Column('email', sa.String(length=100), nullable=True),
+    sa.Column('bind_tenant_id', sa.String(length=40), nullable=True),
+    sa.Column('role', sa.Enum('OWNER', 'ADMIN', 'EDITOR', 'VIEWER', name='accountrole'), nullable=False),
+    sa.Column('meta', sa.JSON(), nullable=True),
+    sa.Column('creator_id', sa.Integer().with_variant(mysql.INTEGER(unsigned=True), 'mysql'), nullable=True),
+    sa.Column('created_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=True),
+    sa.Column('status', sa.Enum('ACTIVE', 'DISABLED', 'BLOCKED', 'DELETED', name='accountstatus'), nullable=False),
+    sa.ForeignKeyConstraint(['creator_id'], ['account.id'], ),
+    sa.PrimaryKeyConstraint('id')
+    )
+    op.create_index('idx_login', 'account', ['login'], unique=False)
+    op.create_index('idx_name', 'account', ['name'], unique=False)
+    op.create_table('account_keyring',
+    sa.Column('owner_id', sa.Integer().with_variant(mysql.INTEGER(unsigned=True), 'mysql'), nullable=False),
+    sa.Column('key_type', sa.Enum('PASSWORD', 'ACCESS_TOKEN', 'REFRESH_TOKEN', 'API_KEY', name='keytype'), nullable=False),
+    sa.Column('key_id', sa.String(length=40), nullable=False),
+    sa.Column('key_value', sa.String(length=255), nullable=False),
+    sa.Column('created_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=True),
+    sa.Column('expiry', sa.DateTime(timezone=True), nullable=True),
+    sa.Column('status', sa.Enum('ACTIVE', 'EXPIRED', 'DELETED', name='keystatus'), nullable=False),
+    sa.ForeignKeyConstraint(['owner_id'], ['account.id'], ),
+    sa.PrimaryKeyConstraint('owner_id', 'key_type', 'key_id')
+    )
+    op.create_table('list_events',
+    sa.Column('id', sa.Integer().with_variant(mysql.INTEGER(unsigned=True), 'mysql'), autoincrement=True, nullable=False),
+    sa.Column('name', sa.String(length=40, collation='latin1_bin'), nullable=False),
+    sa.Column('title', sa.String(length=64), nullable=False),
+    sa.Column('creator_id', sa.Integer().with_variant(mysql.INTEGER(unsigned=True), 'mysql'), nullable=False),
+    sa.Column('created_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=True),
+    sa.Column('schema', sa.JSON(), nullable=True),
+    sa.Column('state', sa.Enum('AUTO', 'DESCRIPTED', name='eventstate'), nullable=False),
+    sa.Column('status', sa.Enum('ACTIVE', 'DISABLED', 'DELETED', name='eventstatus'), nullable=False),
+    sa.ForeignKeyConstraint(['creator_id'], ['account.id'], ),
+    sa.PrimaryKeyConstraint('id'),
+    sa.UniqueConstraint('name')
+    )
+    op.create_table('process_schema',
+    sa.Column('id', sa.Integer().with_variant(mysql.INTEGER(unsigned=True), 'mysql'), autoincrement=True, nullable=False),
+    sa.Column('title', sa.String(length=100), nullable=False),
+    sa.Column('description', sa.Text(), nullable=False),
+    sa.Column('owner_id', sa.Integer().with_variant(mysql.INTEGER(unsigned=True), 'mysql'), nullable=False),
+    sa.Column('creator_id', sa.Integer().with_variant(mysql.INTEGER(unsigned=True), 'mysql'), nullable=False),
+    sa.Column('created_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=True),
+    sa.Column('settings', sa.JSON(), nullable=True),
+    sa.Column('status', sa.Enum('ACTIVE', 'STOPPING', 'STOPPED', 'DELETED', name='processstatus'), nullable=False),
+    sa.ForeignKeyConstraint(['creator_id'], ['account.id'], ),
+    sa.ForeignKeyConstraint(['owner_id'], ['account.id'], ),
+    sa.PrimaryKeyConstraint('id')
+    )
+    op.create_index('idx_owner_id', 'process_schema', ['owner_id'], unique=False)
+    op.create_table('process_version_archive',
+    sa.Column('id', sa.Integer().with_variant(mysql.INTEGER(unsigned=True), 'mysql'), autoincrement=True, nullable=False),
+    sa.Column('ps_id', sa.Integer().with_variant(mysql.INTEGER(unsigned=True), 'mysql'), nullable=False),
+    sa.Column('version', sa.Integer().with_variant(mysql.INTEGER(unsigned=True), 'mysql'), nullable=False),
+    sa.Column('snapshot', sa.JSON(), nullable=True),
+    sa.Column('owner_id', sa.Integer().with_variant(mysql.INTEGER(unsigned=True), 'mysql'), nullable=False),
+    sa.Column('created_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=True),
+    sa.Column('is_last', sa.Integer().with_variant(mysql.INTEGER(unsigned=True), 'mysql'), nullable=True),
+    sa.ForeignKeyConstraint(['owner_id'], ['account.id'], ),
+    sa.ForeignKeyConstraint(['ps_id'], ['process_schema.id'], ),
+    sa.PrimaryKeyConstraint('id', 'version')
+    )
+    op.create_table('ps_node',
+    sa.Column('id', sa.Integer().with_variant(mysql.INTEGER(unsigned=True), 'mysql'), autoincrement=True, nullable=False),
+    sa.Column('ps_id', sa.Integer().with_variant(mysql.INTEGER(unsigned=True), 'mysql'), nullable=False),
+    sa.Column('node_type', sa.Enum('TYPE1', 'TYPE2', 'TYPE3', name='nodetype'), nullable=False),
+    sa.Column('settings', sa.JSON(), nullable=True),
+    sa.Column('creator_id', sa.Integer().with_variant(mysql.INTEGER(unsigned=True), 'mysql'), nullable=False),
+    sa.Column('created_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=True),
+    sa.Column('status', sa.Enum('ACTIVE', 'DISABLED', 'DELETED', name='nodestatus'), nullable=False),
+    sa.ForeignKeyConstraint(['creator_id'], ['account.id'], ),
+    sa.ForeignKeyConstraint(['ps_id'], ['process_schema.id'], ),
+    sa.PrimaryKeyConstraint('id')
+    )
+    op.create_index('idx_ps_id', 'ps_node', ['ps_id'], unique=False)
+    op.create_table('node_link',
+    sa.Column('id', sa.Integer().with_variant(mysql.INTEGER(unsigned=True), 'mysql'), autoincrement=True, nullable=False),
+    sa.Column('link_name', sa.String(length=20), nullable=False),
+    sa.Column('node_id', sa.Integer().with_variant(mysql.INTEGER(unsigned=True), 'mysql'), nullable=False),
+    sa.Column('next_node_id', sa.Integer().with_variant(mysql.INTEGER(unsigned=True), 'mysql'), nullable=False),
+    sa.Column('settings', sa.JSON(), nullable=True),
+    sa.Column('creator_id', sa.Integer().with_variant(mysql.INTEGER(unsigned=True), 'mysql'), nullable=False),
+    sa.Column('created_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=True),
+    sa.Column('status', sa.Enum('ACTIVE', 'STOPPING', 'STOPPED', 'DELETED', name='nodelinkstatus'), nullable=False),
+    sa.ForeignKeyConstraint(['creator_id'], ['account.id'], ),
+    sa.ForeignKeyConstraint(['next_node_id'], ['ps_node.id'], ),
+    sa.ForeignKeyConstraint(['node_id'], ['ps_node.id'], ),
+    sa.PrimaryKeyConstraint('id')
+    )
+    op.create_index('idx_next_node_id', 'node_link', ['next_node_id'], unique=False)
+    op.create_index('idx_node_id', 'node_link', ['node_id'], unique=False)
+    # ### end Alembic commands ###
+
+
+def downgrade() -> None:
+    """Downgrade schema."""
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_index('idx_node_id', table_name='node_link')
+    op.drop_index('idx_next_node_id', table_name='node_link')
+    op.drop_table('node_link')
+    op.drop_index('idx_ps_id', table_name='ps_node')
+    op.drop_table('ps_node')
+    op.drop_table('process_version_archive')
+    op.drop_index('idx_owner_id', table_name='process_schema')
+    op.drop_table('process_schema')
+    op.drop_table('list_events')
+    op.drop_table('account_keyring')
+    op.drop_index('idx_name', table_name='account')
+    op.drop_index('idx_login', table_name='account')
+    op.drop_table('account')
+    # ### end Alembic commands ###

api/api/db/connection/session.py

@@ -15,11 +15,9 @@ from api.config import get_settings
 from api.config.default import DbCredentialsSchema
 
 
-
 class SessionManager:
     engines: Any
 
-
     def __init__(self, database_uri=get_settings().database_uri) -> None:
         self.database_uri = database_uri
         self.refresh(database_uri)
@@ -44,9 +42,11 @@ class SessionManager:
                 pool_size=get_settings().CONNECTION_POOL_SIZE,
                 max_overflow=get_settings().CONNECTION_OVERFLOW,
             )
+
     def get_engine_by_db_uri(self, database_uri) -> AsyncEngine:
         return self.engines[database_uri]
 
+
 @contextlib.asynccontextmanager
 async def get_connection(
     database_uri=None,
@@ -58,6 +58,7 @@ async def get_connection(
     async with engine.connect() as conn:
         yield conn
 
+
 async def get_connection_dep() -> AsyncConnection:
     async with get_connection() as conn:
         yield conn

api/api/db/logic/account.py

@@ -0,0 +1,130 @@
+from typing import Optional
+import math
+
+from datetime import datetime, timezone
+
+from sqlalchemy import insert, select, func
+from sqlalchemy.ext.asyncio import AsyncConnection
+from enum import Enum
+
+from api.db.tables.account import account_table
+
+from api.schemas.account.account import User
+from api.schemas.endpoints.account import AllUserResponse, all_user_adapter
+
+
+async def get_user_accaunt_page(connection: AsyncConnection, page, limit) -> Optional[User]:
+    """
+    Получает список ползовелей заданных значениями  page, limit.
+    """
+
+    first_user = page * limit - (limit)
+
+    query = (
+        select(
+            account_table.c.id,
+            account_table.c.name,
+            account_table.c.login,
+            account_table.c.email,
+            account_table.c.bind_tenant_id,
+            account_table.c.role,
+            account_table.c.created_at,
+            account_table.c.status,
+        )
+        .order_by(account_table.c.id)
+        .offset(first_user)
+        .limit(limit)
+    )
+
+    count_query = select(func.count()).select_from(account_table)
+
+    result = await connection.execute(query)
+    count_result = await connection.execute(count_query)
+
+    users_data = result.mappings().all()
+    total_count = count_result.scalar()
+    total_pages = math.ceil(total_count / limit)
+
+    validated_users = all_user_adapter.validate_python(users_data)
+
+    return AllUserResponse(users=validated_users, amount_count=total_count, amount_pages=total_pages)
+
+
+async def get_user_by_id(connection: AsyncConnection, id: int) -> Optional[User]:
+    """
+    Получает юзера по id.
+    """
+    query = select(account_table).where(account_table.c.id == id)
+
+    user_db_cursor = await connection.execute(query)
+    user_db = user_db_cursor.one_or_none()
+
+    if not user_db:
+        return None
+
+    user_data = {
+        column.name: (
+            getattr(user_db, column.name).name
+            if isinstance(getattr(user_db, column.name), Enum)
+            else getattr(user_db, column.name)
+        )
+        for column in account_table.columns
+    }
+
+    return User.model_validate(user_data)
+
+
+async def get_user_by_login(connection: AsyncConnection, login: str) -> Optional[User]:
+    """
+    Получает юзера по login.
+    """
+    query = select(account_table).where(account_table.c.login == login)
+
+    user_db_cursor = await connection.execute(query)
+    user_db = user_db_cursor.one_or_none()
+
+    if not user_db:
+        return None
+
+    user_data = {
+        column.name: (
+            getattr(user_db, column.name).name
+            if isinstance(getattr(user_db, column.name), Enum)
+            else getattr(user_db, column.name)
+        )
+        for column in account_table.columns
+    }
+
+    return User.model_validate(user_data)
+
+
+async def update_user_by_id(connection: AsyncConnection, update_values, user) -> Optional[User]:
+    """
+    Вносит изменеия в нужное поле таблицы account_table.
+    """
+    await connection.execute(account_table.update().where(account_table.c.id == user.id).values(**update_values))
+
+    await connection.commit()
+
+
+async def create_user(connection: AsyncConnection, user: User, creator_id: int) -> Optional[User]:
+    """
+    Создает нове поле в таблице account_table.
+    """
+    query = insert(account_table).values(
+        name=user.name,
+        login=user.login,
+        email=user.email,
+        bind_tenant_id=user.bind_tenant_id,
+        role=user.role.value,
+        meta=user.meta,
+        creator_id=creator_id,
+        created_at=datetime.now(timezone.utc),
+        status=user.status.value,
+    )
+
+    await connection.execute(query)
+
+    await connection.commit()
+
+    return user

api/api/db/logic/auth.py

@@ -0,0 +1,87 @@
+from typing import Optional
+
+from sqlalchemy import select, update
+from sqlalchemy.ext.asyncio import AsyncConnection
+from enum import Enum
+
+from api.db.tables.account import account_table, account_keyring_table, KeyType, KeyStatus
+
+from api.schemas.account.account import User
+from api.schemas.account.account_keyring import AccountKeyring
+
+from api.utils.key_id_gen import KeyIdGenerator
+
+from datetime import datetime, timezone
+
+
+async def get_user(connection: AsyncConnection, login: str) -> Optional[User]:
+    query = (
+        select(account_table, account_keyring_table)
+        .join(account_keyring_table, account_table.c.id == account_keyring_table.c.owner_id)
+        .where(account_table.c.login == login, account_keyring_table.c.key_type == KeyType.PASSWORD)
+    )
+
+    user_db_cursor = await connection.execute(query)
+    user_db = user_db_cursor.one_or_none()
+
+    if not user_db:
+        return None, None
+
+    user_data = {
+        column.name: (
+            getattr(user_db, column.name).name
+            if isinstance(getattr(user_db, column.name), Enum)
+            else getattr(user_db, column.name)
+        )
+        for column in account_table.columns
+    }
+
+    password_data = {
+        column.name: (
+            getattr(user_db, column.name).name
+            if isinstance(getattr(user_db, column.name), Enum)
+            else getattr(user_db, column.name)
+        )
+        for column in account_keyring_table.columns
+    }
+
+    user = User.model_validate(user_data)
+    password = AccountKeyring.model_validate(password_data)
+    return user, password
+
+
+async def upgrade_old_refresh_token(connection: AsyncConnection, user, refresh_token) -> Optional[User]:
+    new_status = KeyStatus.EXPIRED
+
+    update_query = (
+        update(account_keyring_table)
+        .where(
+            account_table.c.id == user.id,
+            account_keyring_table.c.status == KeyStatus.ACTIVE,
+            account_keyring_table.c.key_type == KeyType.REFRESH_TOKEN,
+            account_keyring_table.c.key_value == refresh_token,
+        )
+        .values(status=new_status)
+    )
+
+    await connection.execute(update_query)
+
+    await connection.commit()
+
+
+async def add_new_refresh_token(
+    connection: AsyncConnection, new_refresh_token, new_refresh_token_expires_time, user
+) -> Optional[User]:
+    new_refresh_token = account_keyring_table.insert().values(
+        owner_id=user.id,
+        key_type=KeyType.REFRESH_TOKEN,
+        key_id=KeyIdGenerator(),
+        key_value=new_refresh_token,
+        created_at=datetime.now(timezone.utc),
+        expiry=new_refresh_token_expires_time,
+        status=KeyStatus.ACTIVE,
+    )
+
+    await connection.execute(new_refresh_token)
+
+    await connection.commit()

api/api/db/logic/keyring.py

@@ -0,0 +1,69 @@
+from typing import Optional
+from datetime import datetime, timezone
+from enum import Enum
+
+from sqlalchemy import insert, select
+from sqlalchemy.ext.asyncio import AsyncConnection
+
+from api.db.tables.account import account_keyring_table
+
+from api.schemas.account.account_keyring import AccountKeyring
+
+
+async def get_key_by_id(connection: AsyncConnection, key_id: str) -> Optional[AccountKeyring]:
+    """
+    Получает key по key_id.
+    """
+    query = select(account_keyring_table).where(account_keyring_table.c.key_id == key_id)
+
+    user_db_cursor = await connection.execute(query)
+    user_db = user_db_cursor.one_or_none()
+
+    if not user_db:
+        return None
+
+    user_data = {
+        column.name: (
+            getattr(user_db, column.name).name
+            if isinstance(getattr(user_db, column.name), Enum)
+            else getattr(user_db, column.name)
+        )
+        for column in account_keyring_table.columns
+    }
+
+    return AccountKeyring.model_validate(user_data)
+
+
+async def update_key_by_id(connection: AsyncConnection, update_values, key) -> Optional[AccountKeyring]:
+    """
+    Вносит изменеия в нужное поле таблицы account_keyring_table.
+    """
+    await connection.execute(
+        account_keyring_table.update().where(account_keyring_table.c.key_id == key.key_id).values(**update_values)
+    )
+
+    await connection.commit()
+
+
+async def create_key(connection: AsyncConnection, key: AccountKeyring, key_id: int) -> Optional[AccountKeyring]:
+    """
+    Создает нове поле в таблице account_keyring_table).
+    """
+    query = insert(account_keyring_table).values(
+        owner_id=key.owner_id,
+        key_type=key.key_type.value,
+        key_id=key_id,
+        key_value=key.key_value,
+        created_at=datetime.now(timezone.utc),
+        expiry=key.expiry,
+        status=key.status.value,
+    )
+
+    key.created_at = datetime.now(timezone.utc)
+    key.key_id = key_id
+
+    await connection.execute(query)
+
+    await connection.commit()
+
+    return key

api/api/db/tables/account.py

@@ -1,73 +1,67 @@
-from sqlalchemy import Table, Column, Integer, String, Enum as SQLAEnum, JSON, ForeignKey, DateTime, Index
+import enum
+
+from sqlalchemy import Table, Column, String, Enum as SQLAEnum, JSON, ForeignKey, DateTime, Index
 from sqlalchemy.sql import func
 
-from datetime import datetime, timedelta
+from enum import Enum
-
-from enum import Enum, auto
 
 from api.db.sql_types import UnsignedInt
-
 from api.db import metadata
 
 
-class AccountRole(str,Enum):
+class AccountRole(enum.StrEnum):
-    OWNER = auto()
+    OWNER = "OWNER"
-    ADMIN = auto()
+    ADMIN = "ADMIN"
-    EDITOR = auto()
+    EDITOR = "EDITOR"
-    VIEWER = auto()
+    VIEWER = "VIEWER"
 
-class AccountStatus(str,Enum):
-    ACTIVE = auto()
-    DISABLED = auto()
-    BLOCKED = auto()
-    DELETED = auto()
 
+class AccountStatus(enum.StrEnum):
+    ACTIVE = "ACTIVE"
+    DISABLED = "DISABLED"
+    BLOCKED = "BLOCKED"
+    DELETED = "DELETED"
 
 
 account_table = Table(
-    'account', metadata,
+    "account",
-    Column('id', UnsignedInt, primary_key=True, autoincrement=True),
+    metadata,
-    Column('name', String(100), nullable=False),
+    Column("id", UnsignedInt, primary_key=True, autoincrement=True),
-    Column('login', String(100), nullable=False),
+    Column("name", String(100), nullable=False),
-    Column('email', String(100), nullable=True),
+    Column("login", String(100), nullable=False),
-    Column('bind_tenant_id', String(40), nullable=True),
+    Column("email", String(100), nullable=True),
-    Column('role', SQLAEnum(AccountRole), nullable=False),
+    Column("bind_tenant_id", String(40), nullable=True),
-    Column('meta', JSON, default={}),
+    Column("role", SQLAEnum(AccountRole), nullable=False),
-    Column('creator_id', UnsignedInt, ForeignKey('account.id'), nullable=True),
+    Column("meta", JSON, default={}),
-    Column('created_at', DateTime(timezone=True), server_default=func.now()),
+    Column("creator_id", UnsignedInt, ForeignKey("account.id"), nullable=True),
-    Column('status', SQLAEnum(AccountStatus), nullable=False),
+    Column("created_at", DateTime(timezone=True), server_default=func.now()),
-
+    Column("status", SQLAEnum(AccountStatus), nullable=False),
-    Index('idx_login', 'login'),
+    Index("idx_login", "login"),
-    Index('idx_name', 'name'),
+    Index("idx_name", "name"),
 )
 
-class KeyType(str,Enum):
-    PASSWORD = auto()
-    ACCESS_TOKEN = auto()
-    REFRESH_TOKEN = auto()
-    API_KEY = auto()
 
-class KeyStatus(str,Enum):
+class KeyType(enum.StrEnum):
-    ACTIVE = auto()
+    PASSWORD = "PASSWORD"
-    EXPIRED = auto()
+    ACCESS_TOKEN = "ACCESS_TOKEN"
-    DELETED = auto()
+    REFRESH_TOKEN = "REFRESH_TOKEN"
+    API_KEY = "API_KEY"
+
+
+class KeyStatus(enum.StrEnum):
+    ACTIVE = "ACTIVE"
+    EXPIRED = "EXPIRED"
+    DELETED = "DELETED"
+
 
 account_keyring_table = Table(
-    'account_keyring', metadata,
+    "account_keyring",
-    Column('owner_id', UnsignedInt, ForeignKey('account.id'), primary_key=True, nullable=False),
+    metadata,
-    Column('key_type', SQLAEnum(KeyType), primary_key=True, nullable=False),
+    Column("owner_id", UnsignedInt, ForeignKey("account.id"), primary_key=True, nullable=False),
-    Column('key_id', String(40), default=None),
+    Column("key_type", SQLAEnum(KeyType), primary_key=True, nullable=False),
-    Column('key_value', String(64), nullable=False),
+    Column("key_id", String(40), primary_key=True, default=None),
-    Column('created_at', DateTime(timezone=True), server_default=func.now()),
+    Column("key_value", String(255), nullable=False),
-    Column('expiry', DateTime(timezone=True), nullable=True),
+    Column("created_at", DateTime(timezone=True), server_default=func.now()),
-    Column('status', SQLAEnum(KeyStatus), nullable=False), )
+    Column("expiry", DateTime(timezone=True), nullable=True),
-
+    Column("status", SQLAEnum(KeyStatus), nullable=False),
-
+)
-def set_expiry_for_key_type(key_type: KeyType) -> datetime:
-    match key_type:
-        case KeyType.ACCESS_TOKEN:
-            return datetime.now() + timedelta(hours=1)  # 1 hour
-        case KeyType.REFRESH_TOKEN:
-            return datetime.now() + timedelta(days=365)  # 1 year
-        case KeyType.API_KEY:
-            return datetime.max  # max datetime

api/api/db/tables/events.py

@@ -1,3 +1,5 @@
+import enum
+
 from sqlalchemy import Table, Column, Integer, String, Enum as SQLAEnum, JSON, ForeignKey, DateTime, Index
 from sqlalchemy.sql import func
 from enum import Enum, auto
@@ -6,24 +8,27 @@ from api.db.sql_types import UnsignedInt
 
 from api.db import metadata
 
-class EventState(str, Enum):
-    AUTO = auto()
-    DESCRIPTED = auto()
 
-class EventStatus(str, Enum):
+class EventState(enum.StrEnum):
-    ACTIVE = auto()
+    AUTO = "AUTO"
-    DISABLED = auto()
+    DESCRIPTED = "DESCRIPTED"
-    DELETED = auto()
+
+
+class EventStatus(enum.StrEnum):
+    ACTIVE = "ACTIVE"
+    DISABLED = "DISABLED"
+    DELETED = "DELETED"
 
 
 list_events_table = Table(
-    'list_events', metadata,
+    "list_events",
-    Column('id', UnsignedInt, primary_key=True, autoincrement=True),
+    metadata,
-    Column('name', String(40, collation='latin1_bin'), nullable=False,unique=True),
+    Column("id", UnsignedInt, primary_key=True, autoincrement=True),
-    Column('title', String(64), nullable=False),
+    Column("name", String(40, collation="latin1_bin"), nullable=False, unique=True),
-    Column('creator_id', UnsignedInt, ForeignKey('account.id'), nullable=False),
+    Column("title", String(64), nullable=False),
-    Column('created_at', DateTime(timezone=True), server_default=func.now()),
+    Column("creator_id", UnsignedInt, ForeignKey("account.id"), nullable=False),
-    Column('schema', JSON, default={}),
+    Column("created_at", DateTime(timezone=True), server_default=func.now()),
-    Column('state', SQLAEnum(EventState), nullable=False),
+    Column("schema", JSON, default={}),
-    Column('status', SQLAEnum(EventStatus), nullable=False),
+    Column("state", SQLAEnum(EventState), nullable=False),
+    Column("status", SQLAEnum(EventStatus), nullable=False),
 )

api/api/db/tables/process.py

@@ -1,4 +1,18 @@
-from sqlalchemy import Table, Column, Integer, String, Text, Enum as SQLAEnum, JSON, ForeignKey, DateTime, Index, PrimaryKeyConstraint
+import enum
+
+from sqlalchemy import (
+    Table,
+    Column,
+    Integer,
+    String,
+    Text,
+    Enum as SQLAEnum,
+    JSON,
+    ForeignKey,
+    DateTime,
+    Index,
+    PrimaryKeyConstraint,
+)
 from sqlalchemy.sql import func
 from enum import Enum, auto
 
@@ -7,78 +21,88 @@ from api.db.sql_types import UnsignedInt
 from api.db import metadata
 
 
-# Определение перечислений для статуса процесса
+class ProcessStatus(enum.StrEnum):
-class ProcessStatus(str, Enum):
+    ACTIVE = "ACTIVE"
-    ACTIVE = auto()
+    STOPPING = "STOPPING"
-    STOPPING = auto()
+    STOPPED = "STOPPED"
-    STOPPED = auto()
+    DELETED = "DELETED"
-    DELETED = auto()
+
 
-# Определение таблицы process_schema
 process_schema_table = Table(
-    'process_schema', metadata,
+    "process_schema",
-    Column('id', UnsignedInt, primary_key=True, autoincrement=True),
+    metadata,
-    Column('title', String(100), nullable=False),
+    Column("id", UnsignedInt, primary_key=True, autoincrement=True),
-    Column('description', Text, nullable=False),
+    Column("title", String(100), nullable=False),
-    Column('owner_id', UnsignedInt, ForeignKey('account.id'), nullable=False),
+    Column("description", Text, nullable=False),
-    Column('creator_id', UnsignedInt, ForeignKey('account.id'), nullable=False),
+    Column("owner_id", UnsignedInt, ForeignKey("account.id"), nullable=False),
-    Column('created_at', DateTime(timezone=True), server_default=func.now()),
+    Column("creator_id", UnsignedInt, ForeignKey("account.id"), nullable=False),
-    Column('settings', JSON, default={}),
+    Column("created_at", DateTime(timezone=True), server_default=func.now()),
-    Column('status', SQLAEnum(ProcessStatus), nullable=False),
+    Column("settings", JSON, default={}),
-
+    Column("status", SQLAEnum(ProcessStatus), nullable=False),
-    Index('idx_owner_id', 'owner_id',)
+    Index(
+        "idx_owner_id",
+        "owner_id",
+    ),
 )
 
 process_version_archive_table = Table(
-    'process_version_archive', metadata,
+    "process_version_archive",
-    Column('id', UnsignedInt, autoincrement=True, nullable=False),
+    metadata,
-    Column('ps_id', UnsignedInt, ForeignKey('process_schema.id'), nullable=False),
+    Column("id", UnsignedInt, autoincrement=True, nullable=False),
-    Column('version', UnsignedInt, default=1, nullable=False),
+    Column("ps_id", UnsignedInt, ForeignKey("process_schema.id"), nullable=False),
-    Column('snapshot', JSON, default={}),
+    Column("version", UnsignedInt, default=1, nullable=False),
-    Column('owner_id', UnsignedInt, ForeignKey('account.id'), nullable=False),
+    Column("snapshot", JSON, default={}),
-    Column('created_at', DateTime(timezone=True), server_default=func.now()),
+    Column("owner_id", UnsignedInt, ForeignKey("account.id"), nullable=False),
-    Column('is_last', UnsignedInt, default=0),
+    Column("created_at", DateTime(timezone=True), server_default=func.now()),
-    PrimaryKeyConstraint('id', 'version') )
+    Column("is_last", UnsignedInt, default=0),
-
+    PrimaryKeyConstraint("id", "version"),
-class NodeStatus(str, Enum):
-    ACTIVE = auto()
-    DISABLED = auto()
-    DELETED = auto()
-
-class NodeType(Enum):
-    TYPE1 = 'Type1'
-    TYPE2 = 'Type2'
-    TYPE3 = 'Type3'
-
-ps_node_table = Table(
-    'ps_node', metadata,
-    Column('id', UnsignedInt, autoincrement=True, primary_key=True, nullable=False),
-    Column('ps_id', UnsignedInt, ForeignKey('process_schema.id'), nullable=False),
-    Column('node_type', SQLAEnum(NodeType), nullable=False),
-    Column('settings', JSON, default={}),
-    Column('creator_id', UnsignedInt, ForeignKey('account.id'), nullable=False),
-    Column('created_at', DateTime(timezone=True), server_default=func.now()),
-    Column('status', SQLAEnum(NodeStatus), nullable=False),
-
-    Index('idx_ps_id', 'ps_id')
 )
 
-class NodeLinkStatus(str, Enum):
+
-    ACTIVE = auto()
+class NodeStatus(enum.StrEnum):
-    STOPPING = auto()
+    ACTIVE = "ACTIVE"
-    STOPPED = auto()
+    DISABLED = "DISABLED"
-    DELETED = auto()
+    DELETED = "DELETED"
+
+
+class NodeType(Enum):
+    TYPE1 = "Type1"
+    TYPE2 = "Type2"
+    TYPE3 = "Type3"
+
+
+ps_node_table = Table(
+    "ps_node",
+    metadata,
+    Column("id", UnsignedInt, autoincrement=True, primary_key=True, nullable=False),
+    Column("ps_id", UnsignedInt, ForeignKey("process_schema.id"), nullable=False),
+    Column("node_type", SQLAEnum(NodeType), nullable=False),
+    Column("settings", JSON, default={}),
+    Column("creator_id", UnsignedInt, ForeignKey("account.id"), nullable=False),
+    Column("created_at", DateTime(timezone=True), server_default=func.now()),
+    Column("status", SQLAEnum(NodeStatus), nullable=False),
+    Index("idx_ps_id", "ps_id"),
+)
+
+
+class NodeLinkStatus(enum.StrEnum):
+    ACTIVE = "ACTIVE"
+    STOPPING = "STOPPING"
+    STOPPED = "STOPPED"
+    DELETED = "DELETED"
+
 
 node_link_table = Table(
-    'node_link', metadata,
+    "node_link",
-    Column('id', UnsignedInt, autoincrement=True, primary_key=True, nullable=False),
+    metadata,
-    Column('link_name', String(20), nullable=False),
+    Column("id", UnsignedInt, autoincrement=True, primary_key=True, nullable=False),
-    Column('node_id', UnsignedInt, ForeignKey('ps_node.id'), nullable=False),
+    Column("link_name", String(20), nullable=False),
-    Column('next_node_id', UnsignedInt, ForeignKey('ps_node.id'), nullable=False),
+    Column("node_id", UnsignedInt, ForeignKey("ps_node.id"), nullable=False),
-    Column('settings', JSON, default={}),
+    Column("next_node_id", UnsignedInt, ForeignKey("ps_node.id"), nullable=False),
-    Column('creator_id', UnsignedInt, ForeignKey('account.id'), nullable=False),
+    Column("settings", JSON, default={}),
-    Column('created_at', DateTime(timezone=True), server_default=func.now()),
+    Column("creator_id", UnsignedInt, ForeignKey("account.id"), nullable=False),
-    Column('status', SQLAEnum(NodeLinkStatus),nullable=False),
+    Column("created_at", DateTime(timezone=True), server_default=func.now()),
-
+    Column("status", SQLAEnum(NodeLinkStatus), nullable=False),
-    Index('idx_node_id', 'node_id'),
+    Index("idx_node_id", "node_id"),
-    Index('idx_next_node_id', 'next_node_id'))
+    Index("idx_next_node_id", "next_node_id"),
+)

api/api/endpoints/__init__.py

@@ -1,4 +1,9 @@
-list_of_routes = []
+from api.endpoints.auth import api_router as auth_router
+from api.endpoints.profile import api_router as profile_router
+from api.endpoints.account import api_router as account_router
+from api.endpoints.keyring import api_router as keyring_router
+
+list_of_routes = [auth_router, profile_router, account_router, keyring_router]
 
 __all__ = [
     "list_of_routes",

api/api/endpoints/account.py

@@ -0,0 +1,135 @@
+from fastapi import (
+    APIRouter,
+    Depends,
+    HTTPException,
+    status,
+)
+
+
+from sqlalchemy.ext.asyncio import AsyncConnection
+
+from api.db.connection.session import get_connection_dep
+
+from api.db.logic.account import (
+    get_user_by_id,
+    update_user_by_id,
+    create_user,
+    get_user_by_login,
+    get_user_accaunt_page,
+)
+
+from api.schemas.account.account import User
+from api.db.tables.account import AccountStatus
+from api.schemas.base import bearer_schema
+from api.schemas.endpoints.account import UserUpdate, AllUserResponse
+from api.services.auth import get_current_user
+
+from api.services.user_role_validation import db_user_role_validation
+from api.services.update_data_validation import update_user_data_changes
+
+
+api_router = APIRouter(
+    prefix="/account",
+    tags=["User accountModel"],
+)
+
+
+@api_router.get("", dependencies=[Depends(bearer_schema)], response_model=AllUserResponse)
+async def get_all_account(
+    page: int = 1,
+    limit: int = 10,
+    connection: AsyncConnection = Depends(get_connection_dep),
+    current_user=Depends(get_current_user),
+):
+    authorize_user = await db_user_role_validation(connection, current_user)
+
+    user_list = await get_user_accaunt_page(connection, page, limit)
+
+    if user_list is None:
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Accounts not found")
+
+    return user_list
+
+
+@api_router.get("/{user_id}", dependencies=[Depends(bearer_schema)], response_model=User)
+async def get_account(
+    user_id: int, connection: AsyncConnection = Depends(get_connection_dep), current_user=Depends(get_current_user)
+):
+    authorize_user = await db_user_role_validation(connection, current_user)
+
+    user = await get_user_by_id(connection, user_id)
+
+    if user is None:
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Account not found")
+
+    return user
+
+
+@api_router.post("", dependencies=[Depends(bearer_schema)], response_model=User)
+async def create_account(
+    user: UserUpdate, connection: AsyncConnection = Depends(get_connection_dep), current_user=Depends(get_current_user)
+):
+    authorize_user = await db_user_role_validation(connection, current_user)
+
+    user_validation = await get_user_by_login(connection, user.login)
+
+    if user_validation is None:
+        await create_user(connection, user, authorize_user.id)
+        user_new = await get_user_by_login(connection, user.login)
+        return user_new
+
+    else:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST, detail="An account with this information already exists."
+        )
+
+
+@api_router.put("/{user_id}", dependencies=[Depends(bearer_schema)], response_model=User)
+async def update_account(
+    user_id: int,
+    user_update: UserUpdate,
+    connection: AsyncConnection = Depends(get_connection_dep),
+    current_user=Depends(get_current_user),
+):
+    authorize_user = await db_user_role_validation(connection, current_user)
+
+    user = await get_user_by_id(connection, user_id)
+    if user is None:
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Account not found")
+
+    update_values = update_user_data_changes(user_update, user)
+
+    if update_values is None:
+        return user
+
+    user_update_data = User.model_validate({**user.model_dump(), **update_values})
+
+    await update_user_by_id(connection, update_values, user)
+
+    user = await get_user_by_id(connection, user_id)
+
+    return user
+
+
+@api_router.delete("/{user_id}", dependencies=[Depends(bearer_schema)], response_model=User)
+async def delete_account(
+    user_id: int, connection: AsyncConnection = Depends(get_connection_dep), current_user=Depends(get_current_user)
+):
+    authorize_user = await db_user_role_validation(connection, current_user)
+
+    user = await get_user_by_id(connection, user_id)
+    if user is None:
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Account not found")
+
+    user_update = UserUpdate(status=AccountStatus.DELETED.value)
+
+    update_values = update_user_data_changes(user_update, user)
+
+    if update_values is None:
+        return user
+
+    await update_user_by_id(connection, update_values, user)
+
+    user = await get_user_by_id(connection, user_id)
+
+    return user

api/api/endpoints/auth.py

@@ -0,0 +1,115 @@
+from datetime import datetime, timedelta, timezone
+
+from fastapi import (
+    APIRouter,
+    Depends,
+    HTTPException,
+    Request,
+    Response,
+    status,
+)
+
+from loguru import logger
+from fastapi_jwt_auth import AuthJWT
+
+from pydantic import BaseModel
+
+from sqlalchemy.ext.asyncio import AsyncConnection
+
+from api.config import get_settings
+from api.db.connection.session import get_connection_dep
+from api.services.auth import authenticate_user
+
+from api.db.logic.auth import add_new_refresh_token, upgrade_old_refresh_token
+
+from api.schemas.endpoints.auth import Auth, Access
+
+api_router = APIRouter(
+    prefix="/auth",
+    tags=["User auth"],
+)
+
+
+class Settings(BaseModel):
+    authjwt_secret_key: str = get_settings().SECRET_KEY
+    # Configure application to store and get JWT from cookies
+    authjwt_token_location: set = {"headers", "cookies"}
+    authjwt_cookie_domain: str = get_settings().DOMAIN
+
+    # Only allow JWT cookies to be sent over https
+    authjwt_cookie_secure: bool = get_settings().ENV == "prod"
+    # Enable csrf double submit protection. default is True
+    authjwt_cookie_csrf_protect: bool = False
+    authjwt_cookie_samesite: str = "lax"
+
+
+@AuthJWT.load_config
+def get_config():
+    return Settings()
+
+
+@api_router.post("", response_model=Access)
+async def login_for_access_token(
+    user: Auth,
+    response: Response,
+    connection: AsyncConnection = Depends(get_connection_dep),
+    Authorize: AuthJWT = Depends(),
+):
+    """Авторизирует, выставляет токены в куки."""
+
+    user = await authenticate_user(connection, user.login, user.password)
+
+    # print("login_for_access_token", user)
+
+    if not user:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Incorrect username or password",
+            # headers={"WWW-Authenticate": "Bearer"},
+        )
+
+    access_token_expires = timedelta(minutes=get_settings().ACCESS_TOKEN_EXPIRE_MINUTES)
+
+    refresh_token_expires = timedelta(days=get_settings().REFRESH_TOKEN_EXPIRE_DAYS)
+
+    logger.debug(f"refresh_token_expires {refresh_token_expires}")
+
+    access_token = Authorize.create_access_token(subject=user.login, expires_time=access_token_expires)
+    refresh_token = Authorize.create_refresh_token(subject=user.login, expires_time=refresh_token_expires)
+
+    refresh_token_expires_time = datetime.now(timezone.utc) + refresh_token_expires
+
+    await add_new_refresh_token(connection, refresh_token, refresh_token_expires_time, user)
+
+    Authorize.set_refresh_cookies(refresh_token)
+
+    return Access(access_token=access_token)
+
+
+@api_router.post("/refresh", response_model=Access)
+async def refresh(
+    request: Request, connection: AsyncConnection = Depends(get_connection_dep), Authorize: AuthJWT = Depends()
+):
+    refresh_token = request.cookies.get("refresh_token_cookie")
+    # print("Refresh Token:", refresh_token)
+
+    if not refresh_token:
+        raise HTTPException(status_code=401, detail="Refresh token is missing")
+
+    try:
+        Authorize.jwt_refresh_token_required()
+        current_user = Authorize.get_jwt_subject()
+
+    except Exception as e:
+        await upgrade_old_refresh_token(connection, current_user, refresh_token)
+
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Invalid refresh token",
+        )
+
+    access_token_expires = timedelta(minutes=get_settings().ACCESS_TOKEN_EXPIRE_MINUTES)
+
+    new_access_token = Authorize.create_access_token(subject=current_user, expires_time=access_token_expires)
+
+    return Access(access_token=new_access_token)

api/api/endpoints/keyring.py

@@ -0,0 +1,128 @@
+from fastapi import (
+    APIRouter,
+    Body,
+    Depends,
+    Form,
+    HTTPException,
+    Response,
+    status,
+)
+
+
+from sqlalchemy.ext.asyncio import AsyncConnection
+
+from api.db.connection.session import get_connection_dep
+
+from api.db.logic.keyring import get_key_by_id, create_key, update_key_by_id
+
+
+from api.db.tables.account import KeyStatus
+from api.schemas.base import bearer_schema
+from api.schemas.endpoints.account_keyring import AccountKeyringUpdate
+
+from api.schemas.account.account_keyring import AccountKeyring
+from api.services.auth import get_current_user
+
+from api.services.user_role_validation import db_user_role_validation
+from api.services.update_data_validation import update_key_data_changes
+
+
+api_router = APIRouter(
+    prefix="/keyring",
+    tags=["User KeyringModel"],
+)
+
+
+@api_router.get("/{user_id}/{key_id}", dependencies=[Depends(bearer_schema)], response_model=AccountKeyring)
+async def get_keyring(
+    key_id: str, connection: AsyncConnection = Depends(get_connection_dep), current_user=Depends(get_current_user)
+):
+    authorize_user = await db_user_role_validation(connection, current_user)
+
+    keyring = await get_key_by_id(connection, key_id)
+
+    if keyring is None:
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Key not found")
+
+    return keyring
+
+
+@api_router.post("/{user_id}/{key_id}", dependencies=[Depends(bearer_schema)], response_model=AccountKeyring)
+async def create_keyring(
+    user_id: int,
+    key_id: str,
+    key: AccountKeyringUpdate,
+    connection: AsyncConnection = Depends(get_connection_dep),
+    current_user=Depends(get_current_user),
+):
+    authorize_user = await db_user_role_validation(connection, current_user)
+
+    keyring = await get_key_by_id(connection, key_id)
+
+    if keyring is None:
+        keyring_new = await create_key(
+            connection,
+            key,
+            key_id,
+        )
+        return keyring_new
+
+    else:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST, detail="An keyring with this information already exists."
+        )
+
+
+@api_router.put("/{user_id}/{key_id}", dependencies=[Depends(bearer_schema)], response_model=AccountKeyring)
+async def update_keyring(
+    user_id: int,
+    key_id: str,
+    keyring_update: AccountKeyringUpdate,
+    connection: AsyncConnection = Depends(get_connection_dep),
+    current_user=Depends(get_current_user),
+):
+    authorize_user = await db_user_role_validation(connection, current_user)
+
+    keyring = await get_key_by_id(connection, key_id)
+    if keyring is None:
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="keyring not found")
+
+    update_values = update_key_data_changes(keyring_update, keyring)
+
+    if update_values is None:
+        return keyring
+
+    keyring_update_data = AccountKeyring.model_validate({**keyring.model_dump(), **update_values})
+
+    await update_key_by_id(connection, update_values, keyring)
+
+    keyring = await get_key_by_id(connection, key_id)
+
+    return keyring
+
+
+@api_router.delete("/{user_id}/{key_id}", dependencies=[Depends(bearer_schema)], response_model=AccountKeyring)
+async def delete_keyring(
+    user_id: int,
+    key_id: str,
+    connection: AsyncConnection = Depends(get_connection_dep),
+    current_user=Depends(get_current_user),
+):
+    authorize_user = await db_user_role_validation(connection, current_user)
+
+    keyring = await get_key_by_id(connection, key_id)
+    if keyring is None:
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="keyring not found")
+
+    keyring_update = AccountKeyringUpdate(status=KeyStatus.DELETED.value)
+
+    update_values = update_key_data_changes(keyring_update, keyring)
+
+    if update_values is None:
+        return keyring
+
+    await update_key_by_id(connection, update_values, keyring)
+
+    keyring = await get_key_by_id(connection, key_id)
+
+    return keyring

api/api/endpoints/profile.py

@@ -0,0 +1,65 @@
+from fastapi import (
+    APIRouter,
+    Body,
+    Depends,
+    Form,
+    HTTPException,
+    Request,
+    Response,
+    status,
+)
+
+
+from sqlalchemy.ext.asyncio import AsyncConnection
+
+from api.db.connection.session import get_connection_dep
+from api.db.logic.account import get_user_by_id, update_user_by_id, get_user_by_login
+from api.schemas.base import bearer_schema
+from api.services.auth import get_current_user
+from api.services.update_data_validation import update_user_data_changes
+
+from api.schemas.endpoints.account import UserUpdate
+from api.schemas.account.account import User
+
+
+api_router = APIRouter(
+    prefix="/profile",
+    tags=["User accountModel"],
+)
+
+
+@api_router.get("", dependencies=[Depends(bearer_schema)], response_model=User)
+async def get_profile(
+    connection: AsyncConnection = Depends(get_connection_dep), current_user=Depends(get_current_user)
+):
+    user = await get_user_by_login(connection, current_user)
+
+    if user is None:
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Account not found")
+
+    return user
+
+
+@api_router.put("", dependencies=[Depends(bearer_schema)], response_model=User)
+async def update_profile(
+    user_updata: UserUpdate,
+    connection: AsyncConnection = Depends(get_connection_dep),
+    current_user=Depends(get_current_user),
+):
+    user = await get_user_by_login(connection, current_user)
+    if user is None:
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Account not found")
+
+    if user_updata.role == None and user_updata.login == None:
+        update_values = update_user_data_changes(user_updata, user)
+
+        if update_values is None:
+            return user
+
+            await update_user_by_id(connection, update_values, user)
+
+            user = await get_user_by_id(connection, user.id)
+
+        return user
+    else:
+        raise HTTPException(status_code=status.HTTP_422_UNPROCESSABLE_ENTITY, detail="Bad body")

api/api/schemas/account/account.py

@@ -1,30 +1,20 @@
 import datetime
-from enum import Enum
+from datetime import datetime
+from typing import Optional
+from pydantic import EmailStr, Field
+from api.db.tables.account import AccountRole, AccountStatus
 
-from pydantic import BaseModel, EmailStr, Field
+from api.schemas.base import Base
 
 
-class Role(Enum):
+class User(Base):
-    OWNER = "Owner"
+    id: Optional[int] = None
-    ADMIN = "Admin"
-    EDITOR = "Editor"
-    VIEWER = "Viewer"
-
-class Status(Enum):
-    ACTIVE = "Active"
-    DISABLED = "Disabled"
-    BLOCKED = "Blocked"
-    DELETED = "Deleted"
-
-class User(BaseModel):
-    id: int
     name: str = Field(..., max_length=100)
     login: str = Field(..., max_length=100)
-    email: EmailStr = Field(..., max_length=100)
+    email: Optional[EmailStr] = Field(None, max_length=100)  # Электронная почта (может быть None)
-    bind_tenant_id: str = Field(..., max_length=40)
+    bind_tenant_id: Optional[str] = Field(None, max_length=40)
-    role: Role
+    role: AccountRole
     meta: dict
-    creator_id: int
+    creator_id: Optional[int] = None
-    is_active: bool
     created_at: datetime
-    status: Status
+    status: AccountStatus

api/api/schemas/account/account_keyring.py

@@ -1,27 +1,17 @@
 import datetime
-
+from typing import Optional
-from enum import Enum
+from pydantic import Field
-
-from pydantic import BaseModel, Field
 from datetime import datetime
+from api.db.tables.account import KeyType, KeyStatus
+
+from api.schemas.base import Base
 
 
-class Type(Enum):
+class AccountKeyring(Base):
-    PASSWORD = "password"
-    ACCESS_TOKEN = "access_token"
-    REFRESH_TOKEN = "refresh_token"
-    API_KEY = "api_key"
-
-class Status(Enum):
-    ACTIVE = "Active"
-    EXPIRED = "Expired"
-    DELETED = "Deleted"
-
-class AccountKeyring(BaseModel):
     owner_id: int
-    key_type: Type
+    key_type: KeyType
-    key_id: str = Field(..., max_length=40)
+    key_id: Optional[str] = Field(None, max_length=40)
-    key_value: str = Field(..., max_length=64)
+    key_value: str = Field(..., max_length=255)
     created_at: datetime
-    expiry: datetime
+    expiry: Optional[datetime] = None
-    status: Status
+    status: KeyStatus

api/api/schemas/base.py

@@ -0,0 +1,14 @@
+from fastapi.security import HTTPBearer
+from pydantic import BaseModel, ConfigDict
+from pydantic.alias_generators import to_camel
+
+
+bearer_schema = HTTPBearer()  # схема для авторизации в swagger
+
+
+class Base(BaseModel):
+    model_config = ConfigDict(
+        from_attributes=True,
+        alias_generator=to_camel,
+        populate_by_name=True,
+    )

api/api/schemas/endpoints/account.py

@@ -0,0 +1,40 @@
+from typing import Optional, List
+from datetime import datetime
+from pydantic import EmailStr, Field, TypeAdapter
+
+from api.db.tables.account import AccountRole, AccountStatus
+
+from api.schemas.base import Base
+
+
+class UserUpdate(Base):
+    id: Optional[int] = None
+    name: Optional[str] = Field(None, max_length=100)
+    login: Optional[str] = Field(None, max_length=100)
+    email: Optional[EmailStr] = None
+    bind_tenant_id: Optional[str] = Field(None, max_length=40)
+    role: Optional[AccountRole] = None
+    meta: Optional[dict] = None
+    creator_id: Optional[int] = None
+    created_at: Optional[datetime] = None
+    status: Optional[AccountStatus] = None
+
+
+class AllUser(Base):
+    id: int
+    name: str
+    login: str
+    email: Optional[EmailStr] = None
+    bind_tenant_id: Optional[str] = None
+    role: AccountRole
+    created_at: datetime
+    status: AccountStatus
+
+
+class AllUserResponse(Base):
+    users: List[AllUser]
+    amount_count: int
+    amount_pages: int
+
+
+all_user_adapter = TypeAdapter(List[AllUser])

api/api/schemas/endpoints/account_keyring.py

@@ -0,0 +1,17 @@
+import datetime
+from typing import Optional
+from pydantic import Field
+from datetime import datetime
+from api.db.tables.account import KeyType, KeyStatus
+
+from api.schemas.base import Base
+
+
+class AccountKeyringUpdate(Base):
+    owner_id: Optional[int] = None
+    key_type: Optional[KeyType] = None
+    key_id: Optional[str] = Field(None, max_length=40)
+    key_value: Optional[str] = Field(None, max_length=255)
+    created_at: Optional[datetime] = None
+    expiry: Optional[datetime] = None
+    status: Optional[KeyStatus] = None

api/api/schemas/endpoints/auth.py

@@ -0,0 +1,16 @@
+from api.schemas.base import Base
+
+# Таблица для получения информации из запроса
+
+
+class Auth(Base):
+    login: str
+    password: str
+
+
+class Refresh(Base):
+    refresh_token: str
+
+
+class Access(Base):
+    access_token: str

api/api/schemas/events/list_events.py

@@ -1,8 +1,10 @@
-from pydantic import BaseModel, Field
+from pydantic import Field
 from typing import Dict, Any
 from datetime import datetime
 from enum import Enum
 
+from api.schemas.base import Base
+
 
 class State(Enum):
     AUTO = "Auto"
@@ -14,7 +16,8 @@ class Status(Enum):
     DISABLED = "Disabled"
     DELETED = "Deleted"
 
-class ListEvent(BaseModel):
+
+class ListEvent(Base):
     id: int
     name: str = Field(..., max_length=40)
     title: str = Field(..., max_length=64)

api/api/schemas/process/node_link.py

@@ -1,15 +1,19 @@
-from pydantic import BaseModel, Field, conint
+from pydantic import Field
 from typing import Dict, Any
 from datetime import datetime
 from enum import Enum
 
+from api.schemas.base import Base
+
+
 class Status(Enum):
     ACTIVE = "Active"
     STOPPING = "Stopping"
     STOPPED = "Stopped"
     DELETED = "Deleted"
 
-class MyModel(BaseModel):
+
+class MyModel(Base):
     id: int
     link_name: str = Field(..., max_length=20)
     node_id: int

api/api/schemas/process/process_schema.py

@@ -1,15 +1,19 @@
-from pydantic import BaseModel, Field
+from pydantic import Field
 from typing import Dict, Any
 from datetime import datetime
 from enum import Enum
 
+from api.schemas.base import Base
+
+
 class Status(Enum):
     ACTIVE = "Active"
     STOPPING = "Stopping"
     STOPPED = "Stopped"
     DELETED = "Deleted"
 
-class ProcessSchema(BaseModel):
+
+class ProcessSchema(Base):
     id: int
     title: str = Field(..., max_length=100)
     description: str

api/api/schemas/process/process_version_archive.py

@@ -1,8 +1,10 @@
-from pydantic import BaseModel, Field
 from typing import Dict, Any
 from datetime import datetime
 
-class ProcessStatusSchema(BaseModel):
+from api.schemas.base import Base
+
+
+class ProcessStatusSchema(Base):
     id: int
     version: int
     snapshot: Dict[str, Any]

api/api/schemas/process/ps_node.py

@@ -1,19 +1,21 @@
-from pydantic import BaseModel
 from datetime import datetime
 from typing import Dict, Any
 from enum import Enum
 
+from api.schemas.base import Base
+
 
 class NodeType(Enum):
-
     pass
 
+
 class Status(Enum):
     ACTIVE = "Active"
     DISABLED = "Disabled"
     DELETED = "Deleted"
 
-class Ps_Node(BaseModel):
+
+class Ps_Node(Base):
     id: int
     ps_id: int
     node_type: NodeType

api/api/services/auth.py

@@ -0,0 +1,27 @@
+from fastapi import Request, HTTPException
+from typing import Optional
+from sqlalchemy.ext.asyncio import AsyncConnection
+from api.db.logic.auth import get_user
+
+# # from backend.schemas.users.token import TokenData
+from api.schemas.account.account import User
+from api.db.tables.account import AccountStatus
+
+from api.utils.hasher import Hasher
+
+
+async def get_current_user(request: Request) -> Optional[User]:
+    if not hasattr(request.state, "current_user"):
+        return HTTPException(status_code=401, detail="Unauthorized")
+    return request.state.current_user
+
+
+async def authenticate_user(connection: AsyncConnection, username: str, password: str) -> Optional[User]:
+    sql_user, sql_password = await get_user(connection, username)
+
+    if not sql_user or sql_user.status != AccountStatus.ACTIVE:
+        return None
+    hasher = Hasher()
+    if not hasher.verify_data(password, sql_password.key_value):
+        return None
+    return sql_user

api/api/services/middleware.py

@@ -0,0 +1,61 @@
+from starlette.middleware.base import BaseHTTPMiddleware
+from fastapi import (
+    Request,
+    status,
+)
+
+from fastapi.responses import JSONResponse
+from api.config import get_settings
+
+import re
+from re import escape
+
+
+from fastapi_jwt_auth import AuthJWT
+
+
+class MiddlewareAccessTokenValidadtion(BaseHTTPMiddleware):
+    def __init__(self, app):
+        super().__init__(app)
+
+        self.prefix = escape(get_settings().PATH_PREFIX)
+        self.excluded_routes = [
+            re.compile(r"^" + re.escape(self.prefix) + r"/auth/refresh/?$"),
+            re.compile(r"^" + re.escape(self.prefix) + r"/auth/?$"),
+        ]
+
+    async def dispatch(self, request: Request, call_next):
+        if request.method in ["GET", "POST", "PUT", "DELETE"]:
+            if any(pattern.match(request.url.path) for pattern in self.excluded_routes):
+                return await call_next(request)
+            else:
+                auth_header = request.headers.get("Authorization")
+                if not auth_header:
+                    return JSONResponse(
+                        status_code=status.HTTP_401_UNAUTHORIZED,
+                        content={"detail": "Missing authorization header."},
+                        headers={"WWW-Authenticate": "Bearer"},
+                    )
+
+                token = auth_header.split(" ")[1]
+                Authorize = AuthJWT(request)
+
+                try:
+                    current_user = Authorize.get_jwt_subject()
+                    request.state.current_user = current_user
+                    return await call_next(request)
+
+                except Exception:
+                    return JSONResponse(
+                        status_code=status.HTTP_401_UNAUTHORIZED,
+                        content={"detail": "The access token is invalid or expired."},
+                        headers={"WWW-Authenticate": "Bearer"},
+                    )
+
+                # async with get_connection() as connection:
+                #     authorize_user = await get_user_login(connection, current_user)
+                # print(authorize_user)
+                # if authorize_user is None :
+                #     return JSONResponse(
+                #         status_code=status.HTTP_404_NOT_FOUND ,
+                #         detail="User not found.")

api/api/services/update_data_validation.py

@@ -0,0 +1,74 @@
+from enum import Enum
+from typing import Optional
+from api.schemas.endpoints.account import UserUpdate
+from api.db.tables.account import KeyType, KeyStatus
+from api.schemas.endpoints.account_keyring import AccountKeyringUpdate
+from api.db.tables.account import AccountRole, AccountStatus
+
+
+def update_user_data_changes(update_data: UserUpdate, user) -> Optional[dict]:
+    """
+    Сравнивает данные для обновления с текущими значениями пользователя.
+    Возвращает:
+    - None, если нет изменений
+    - Словарь {поле: новое_значение} для измененных полей
+    """
+    update_values = {}
+    changes = {}
+
+    for field, value in update_data.model_dump(exclude_unset=True).items():
+        if value is None:
+            continue
+
+        if isinstance(value, (AccountRole, AccountStatus)):
+            update_values[field] = value.value
+        else:
+            update_values[field] = value
+
+    for field, new_value in update_values.items():
+        if not hasattr(user, field):
+            continue
+
+        current_value = getattr(user, field)
+
+        if isinstance(current_value, Enum):
+            current_value = current_value.value
+
+        if current_value != new_value:
+            changes[field] = new_value
+
+    return changes if changes else None
+
+
+def update_key_data_changes(update_data: AccountKeyringUpdate, key) -> Optional[dict]:
+    """
+    Сравнивает данные для обновления с текущими значениями пользователя.
+    Возвращает:
+    - None, если нет изменений
+    - Словарь {поле: новое_значение} для измененных полей
+    """
+    update_values = {}
+    changes = {}
+
+    for field, value in update_data.model_dump(exclude_unset=True).items():
+        if value is None:
+            continue
+
+        if isinstance(value, (KeyType, KeyStatus)):
+            update_values[field] = value.value
+        else:
+            update_values[field] = value
+
+    for field, new_value in update_values.items():
+        if not hasattr(key, field):
+            continue
+
+        current_value = getattr(key, field)
+
+        if isinstance(current_value, Enum):
+            current_value = current_value.value
+
+        if current_value != new_value:
+            changes[field] = new_value
+
+    return changes if changes else None

api/api/services/user_role_validation.py

@@ -0,0 +1,13 @@
+from fastapi import (
+    HTTPException,
+    status,
+)
+from api.db.logic.account import get_user_by_login
+from api.db.tables.account import AccountRole
+
+
+async def db_user_role_validation(connection, current_user):
+    authorize_user = await get_user_by_login(connection, current_user)
+    if authorize_user.role not in {AccountRole.OWNER, AccountRole.ADMIN}:
+        raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="You do not have enough permissions")
+    return authorize_user

api/api/utils/hasher.py

@@ -0,0 +1,16 @@
+import hashlib
+
+# Хешер для работы с паролем.
+
+
+class Hasher:
+    def __init__(self):
+        pass
+
+    def hash_data(self, password: str) -> str:
+        # Хеширует пароль с использованием SHA-256.
+        return hashlib.sha256(password.encode()).hexdigest()
+
+    def verify_data(self, password: str, hashed: str) -> bool:
+        # Проверяет пароль путем сравнения его хеша с сохраненным хешем.
+        return self.hash_data(password) == hashed

api/api/utils/init.py

@@ -5,6 +5,7 @@ import secrets
 
 from api.db.connection.session import get_connection
 from api.db.tables.account import account_table, account_keyring_table, AccountRole, KeyType, KeyStatus
+from api.utils.key_id_gen import KeyIdGenerator
 
 INIT_LOCK_FILE = "../init.lock"
 DEFAULT_LOGIN = "vorkout"
@@ -39,6 +40,7 @@ async def init():
         create_key_query = account_keyring_table.insert().values(
             owner_id=user_id,
             key_type=KeyType.PASSWORD,
+            key_id=KeyIdGenerator(),
             key_value=hashed_password,
             status=KeyStatus.ACTIVE,
         )

api/api/utils/key_id_gen.py

@@ -0,0 +1,10 @@
+import random
+from datetime import datetime
+
+# Генератор key_id для таблицы account_keyring
+
+
+def KeyIdGenerator():
+    random_number = random.randint(1000, 9999)
+    result = f"{datetime.now().strftime('%Y-%m-%d')}-{random_number}"
+    return result

api/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "api"
-version = "0.0.2"
+version = "0.0.3"
 description = ""
 authors = [
     {name = "Vladislav",email = "vlad.dev@heado.ru"}
@@ -11,14 +11,24 @@ dependencies = [
     "sqlalchemy[pymysql,aiomysql] (>=2.0.39,<3.0.0)",
     "alembic (>=1.15.1,<2.0.0)",
     "aio-pika (>=9.5.5,<10.0.0)",
-    "fastapi[standart] (>=0.115.11,<0.116.0)",
+    "fastapi[standard] (>=0.115.11,<0.116.0)",
     "uvicorn (>=0.34.0,<0.35.0)",
     "loguru (>=0.7.3,<0.8.0)",
     "pydantic-settings (>=2.8.1,<3.0.0)",
     "cryptography (>=44.0.2,<45.0.0)",
+    "pydantic[email] (>=2.11.3,<3.0.0)",
+    "python-multipart (>=0.0.20,<0.0.21)",
+    "fastapi-jwt-auth @ git+https://github.com/vvpreo/fastapi-jwt-auth",
 ]
 
 
 [build-system]
 requires = ["poetry-core>=2.0.0,<3.0.0"]
 build-backend = "poetry.core.masonry.api"
+
+[tool.poetry.group.dev.dependencies]
+ruff = "^0.11.10"
+
+[tool.ruff]
+line-length = 120
+extend-exclude = ["alembic"]

client/package.json

@@ -1,6 +1,6 @@
 {
   "name": "client",
-  "version": "0.0.1",
+  "version": "0.0.2",
   "private": true,
   "dependencies": {
     "@ant-design/icons": "^5.6.1",