simple-ocpp-cs/backend/app/routers/me_v1.py

from uuid import UUID
from fastapi import APIRouter, HTTPException
from fastapi.params import Depends
from sqlalchemy.orm import Session as DbSession

from app.database import get_db
from app.schemas.session import Session
from app.schemas.auth_token import AccessToken
from app.schemas.user import PasswordUpdate, UserUpdate, User
from app.security.jwt_bearer import JWTBearer
from app.services import session_service, user_service
from app.util.errors import InvalidStateError, NotFoundError

router = APIRouter(prefix="/me", tags=["Me (v1)"])


@router.get(path="", response_model=User)
async def get_myself(
    db: DbSession = Depends(get_db), token: AccessToken = Depends(JWTBearer())
):
    """
    Get the currently authenticated user.
    """
    user = await user_service.get_user(db=db, id=UUID(token.subject))
    if not user:
        raise HTTPException(status_code=404, detail="user_not_found")
    else:
        return user


@router.patch(path="", response_model=User)
async def update_myself(
    user_update: UserUpdate,
    db: DbSession = Depends(get_db),
    token: AccessToken = Depends(JWTBearer()),
):
    """
    Update the currently authenticated user. Changing the email address automatically marks it as not verified
    and starts a new verification workflow.
    """
    try:
        return await user_service.update_user(
            db, UUID(token.subject), user_update
        )
    except NotFoundError:
        raise HTTPException(status_code=404, detail="user_not_found")


@router.post(path="/password", response_model=list[None])
async def change_password(
    update: PasswordUpdate,
    db: DbSession = Depends(get_db),
    token: AccessToken = Depends(JWTBearer()),
):
    """
    Change the password of the currently authenticated user.
    """
    try:
        await user_service.change_user_password(
            db=db, id=UUID(token.subject), update=update
        )
        return list()
    except NotFoundError:
        raise HTTPException(status_code=404, detail="user_not_found")
    except InvalidStateError:
        raise HTTPException(status_code=409, detail="incorrect_password")


@router.get(path="/sessions", response_model=list[Session])
async def get_user_sessions(
    db: DbSession = Depends(get_db), token: AccessToken = Depends(JWTBearer())
):
    """
    List the active sessions of the currently authenticated user.
    """
    return await session_service.get_sessions_by_user(
        db=db, user_id=UUID(token.subject)
    )


@router.delete(path="/sessions", response_model=list[None])
async def clear_user_sessions(
    db: DbSession = Depends(get_db), token: AccessToken = Depends(JWTBearer())
):
    """
    Clear all sessions of the currently authenticated user.
    """
    await session_service.remove_all_sessions_for_user(
        db=db, user_id=UUID(token.subject),
    )
    return list()


@router.delete(path="/sessions/{session_id}", response_model=list[None])
async def delete_user_session(
    session_id: UUID,
    db: DbSession = Depends(get_db),
    token: AccessToken = Depends(JWTBearer()),
):
    """
    Invalidate a specific session of the currently authenticated user.
    """
    try:
        await session_service.remove_session_for_user(
            db=db,
            id=session_id,
            user_id=UUID(token.subject),
        )
    except NotFoundError:
        raise HTTPException(status_code=404, detail="session_not_found")
    return list()
Implement user authentication and permissions 2025-03-13 16:34:41 +00:00			`from uuid import UUID`
			`from fastapi import APIRouter, HTTPException`
			`from fastapi.params import Depends`
			`from sqlalchemy.orm import Session as DbSession`

			`from app.database import get_db`
			`from app.schemas.session import Session`
			`from app.schemas.auth_token import AccessToken`
			`from app.schemas.user import PasswordUpdate, UserUpdate, User`
			`from app.security.jwt_bearer import JWTBearer`
			`from app.services import session_service, user_service`
			`from app.util.errors import InvalidStateError, NotFoundError`

			`router = APIRouter(prefix="/me", tags=["Me (v1)"])`


			`@router.get(path="", response_model=User)`
			`async def get_myself(`
			`db: DbSession = Depends(get_db), token: AccessToken = Depends(JWTBearer())`
			`):`
			`"""`
			`Get the currently authenticated user.`
			`"""`
			`user = await user_service.get_user(db=db, id=UUID(token.subject))`
			`if not user:`
			`raise HTTPException(status_code=404, detail="user_not_found")`
			`else:`
			`return user`


			`@router.patch(path="", response_model=User)`
			`async def update_myself(`
			`user_update: UserUpdate,`
			`db: DbSession = Depends(get_db),`
			`token: AccessToken = Depends(JWTBearer()),`
			`):`
			`"""`
			`Update the currently authenticated user. Changing the email address automatically marks it as not verified`
			`and starts a new verification workflow.`
			`"""`
			`try:`
			`return await user_service.update_user(`
			`db, UUID(token.subject), user_update`
			`)`
			`except NotFoundError:`
			`raise HTTPException(status_code=404, detail="user_not_found")`


			`@router.post(path="/password", response_model=list[None])`
			`async def change_password(`
			`update: PasswordUpdate,`
			`db: DbSession = Depends(get_db),`
			`token: AccessToken = Depends(JWTBearer()),`
			`):`
			`"""`
			`Change the password of the currently authenticated user.`
			`"""`
			`try:`
			`await user_service.change_user_password(`
			`db=db, id=UUID(token.subject), update=update`
			`)`
			`return list()`
			`except NotFoundError:`
			`raise HTTPException(status_code=404, detail="user_not_found")`
			`except InvalidStateError:`
			`raise HTTPException(status_code=409, detail="incorrect_password")`


			`@router.get(path="/sessions", response_model=list[Session])`
			`async def get_user_sessions(`
			`db: DbSession = Depends(get_db), token: AccessToken = Depends(JWTBearer())`
			`):`
			`"""`
			`List the active sessions of the currently authenticated user.`
			`"""`
			`return await session_service.get_sessions_by_user(`
			`db=db, user_id=UUID(token.subject)`
			`)`


			`@router.delete(path="/sessions", response_model=list[None])`
			`async def clear_user_sessions(`
			`db: DbSession = Depends(get_db), token: AccessToken = Depends(JWTBearer())`
			`):`
			`"""`
			`Clear all sessions of the currently authenticated user.`
			`"""`
			`await session_service.remove_all_sessions_for_user(`
			`db=db, user_id=UUID(token.subject),`
			`)`
			`return list()`


			`@router.delete(path="/sessions/{session_id}", response_model=list[None])`
			`async def delete_user_session(`
			`session_id: UUID,`
			`db: DbSession = Depends(get_db),`
			`token: AccessToken = Depends(JWTBearer()),`
			`):`
			`"""`
			`Invalidate a specific session of the currently authenticated user.`
			`"""`
			`try:`
			`await session_service.remove_session_for_user(`
			`db=db,`
			`id=session_id,`
			`user_id=UUID(token.subject),`
			`)`
			`except NotFoundError:`
			`raise HTTPException(status_code=404, detail="session_not_found")`
			`return list()`