Implement user authentication and permissions
This commit is contained in:
parent
5e9d90ed0b
commit
ac8303378a
GPG key ID:
C0674B105057136C
26 changed files with 1182 additions and 172 deletions
|
|
@ -1,12 +1,15 @@
|
|||
from uuid import UUID
|
||||
from fastapi import APIRouter, HTTPException, Security
|
||||
from fastapi import APIRouter, HTTPException
|
||||
from fastapi.params import Depends
|
||||
from sqlalchemy.orm import Session
|
||||
from sqlalchemy.orm import Session as DbSession
|
||||
|
||||
from app.database import get_db
|
||||
from app.schemas.session import Session
|
||||
from app.schemas.auth_token import AccessToken
|
||||
from app.schemas.user import User, UserCreate, UserUpdate
|
||||
from app.models.user import User as DbUser
|
||||
from app.security import get_api_key
|
||||
from app.security.jwt_bearer import JWTBearer
|
||||
from app.services import session_service, user_service
|
||||
from app.util.errors import NotFoundError
|
||||
|
||||
router = APIRouter(
|
||||
prefix="/users",
|
||||
|
|
@ -15,63 +18,99 @@ router = APIRouter(
|
|||
|
||||
@router.get(path="", response_model=list[User])
|
||||
async def get_users(
|
||||
email: str = None,
|
||||
skip: int = 0,
|
||||
limit: int = 20,
|
||||
api_key: str = Security(get_api_key),
|
||||
db: Session = Depends(get_db)
|
||||
db: DbSession = Depends(get_db),
|
||||
token: AccessToken = Depends(JWTBearer(required_roles=["administrator"])),
|
||||
):
|
||||
return db.query(DbUser).offset(skip).limit(limit).all()
|
||||
|
||||
@router.get(path="/{user_id}", response_model=User)
|
||||
async def get_user(
|
||||
user_id: UUID,
|
||||
api_key: str = Security(get_api_key),
|
||||
db: Session = Depends(get_db)
|
||||
):
|
||||
user = db.get(DbUser, user_id)
|
||||
if user == None:
|
||||
raise HTTPException(status_code=404, detail="User not found")
|
||||
return user
|
||||
return await user_service.get_users(db, skip, limit, email)
|
||||
|
||||
@router.post(path="", status_code=201, response_model=User)
|
||||
async def create_user(
|
||||
create_user: UserCreate,
|
||||
api_key: str = Security(get_api_key),
|
||||
db: Session = Depends(get_db)
|
||||
db: DbSession = Depends(get_db),
|
||||
token: AccessToken = Depends(JWTBearer(required_roles=["administrator"])),
|
||||
):
|
||||
db_user = DbUser(
|
||||
friendly_name=create_user.friendly_name,
|
||||
is_active=create_user.is_active
|
||||
user = await user_service.create_user(
|
||||
db=db, user=create_user
|
||||
)
|
||||
db.add(db_user)
|
||||
db.commit()
|
||||
db.refresh(db_user)
|
||||
return db_user
|
||||
return user
|
||||
|
||||
@router.patch(path="/{user_id}", response_model=User)
|
||||
async def update_user(
|
||||
user_id: UUID,
|
||||
user_update: UserUpdate,
|
||||
api_key: str = Security(get_api_key),
|
||||
db: Session = Depends(get_db)
|
||||
db: DbSession = Depends(get_db),
|
||||
token: AccessToken = Depends(JWTBearer(required_roles=["administrator"])),
|
||||
):
|
||||
user = db.get(DbUser, user_id)
|
||||
if user is None:
|
||||
raise HTTPException(status_code=404, detail="User not found")
|
||||
for key, value in user_update.model_dump(exclude_unset=True).items():
|
||||
setattr(user, key, value)
|
||||
db.commit()
|
||||
return user
|
||||
try:
|
||||
return await user_service.update_user(
|
||||
db, user_id, user_update
|
||||
)
|
||||
except NotFoundError:
|
||||
raise HTTPException(status_code=404, detail="user_not_found")
|
||||
|
||||
@router.delete(path="/{user_id}", response_model=None)
|
||||
async def delete_user(
|
||||
user_id: UUID,
|
||||
api_key: str = Security(get_api_key),
|
||||
db: Session = Depends(get_db)
|
||||
db: DbSession = Depends(get_db),
|
||||
token: AccessToken = Depends(JWTBearer(required_roles=["administrator"])),
|
||||
):
|
||||
user = db.get(DbUser, user_id)
|
||||
if user == None:
|
||||
raise HTTPException(status_code=404, detail="User not found")
|
||||
db.delete(user)
|
||||
db.commit()
|
||||
return []
|
||||
try:
|
||||
await user_service.remove_user(db, user_id)
|
||||
return list()
|
||||
except NotFoundError:
|
||||
raise HTTPException(status_code=404, detail="user_not_found")
|
||||
|
||||
@router.get(
|
||||
path="/{user_id}/sessions", response_model=list[Session]
|
||||
)
|
||||
async def get_user_sessions(
|
||||
user_id: UUID,
|
||||
db: DbSession = Depends(get_db),
|
||||
token: AccessToken = Depends(JWTBearer(required_roles=["administrator"])),
|
||||
):
|
||||
"""
|
||||
Query sessions of the specified user. Requires the "administrator" role.
|
||||
"""
|
||||
return await session_service.get_sessions_by_user(db=db, user_id=user_id)
|
||||
|
||||
|
||||
@router.delete(
|
||||
path="/{user_id}/sessions", response_model=list[None]
|
||||
)
|
||||
async def remove_all_user_session(
|
||||
user_id: UUID,
|
||||
db: DbSession = Depends(get_db),
|
||||
token: AccessToken = Depends(JWTBearer(required_roles=["administrator"])),
|
||||
):
|
||||
"""
|
||||
Delete all sessions of the specified user. Requires the "administrator" role.
|
||||
"""
|
||||
await session_service.remove_all_sessions_for_user(
|
||||
db=db, user_id=user_id
|
||||
)
|
||||
return list()
|
||||
|
||||
|
||||
@router.delete(
|
||||
path="/{user_id}/sessions/{session_id}",
|
||||
response_model=list[None],
|
||||
)
|
||||
async def remove_user_session(
|
||||
user_id: UUID,
|
||||
session_id: UUID,
|
||||
db: DbSession = Depends(get_db),
|
||||
token: AccessToken = Depends(JWTBearer(required_roles=["administrator"])),
|
||||
):
|
||||
"""
|
||||
Delete the specified session of the specified user. Requires the "administrator" role.
|
||||
"""
|
||||
try:
|
||||
await session_service.remove_session_for_user(
|
||||
db=db, id=session_id, user_id=user_id
|
||||
)
|
||||
except NotFoundError:
|
||||
raise HTTPException(status_code=404, detail="session_not_found")
|
||||
return list()
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue