Initial commit
This commit is contained in:
4
api/app/user/__init__.py
Normal file
4
api/app/user/__init__.py
Normal file
@@ -0,0 +1,4 @@
|
||||
from .manager import auth_router, reset_password_router, create_admin_account
|
||||
from .routes import router as user_router
|
||||
|
||||
user_router.include_router(reset_password_router)
|
||||
80
api/app/user/manager.py
Normal file
80
api/app/user/manager.py
Normal file
@@ -0,0 +1,80 @@
|
||||
import uuid
|
||||
|
||||
from sqlmodel import select
|
||||
from fastapi import Depends
|
||||
from fastapi_users import BaseUserManager, FastAPIUsers, UUIDIDMixin, models, exceptions, schemas
|
||||
from fastapi_users.authentication import BearerTransport, AuthenticationBackend
|
||||
from fastapi_users.authentication.strategy.db import AccessTokenDatabase, DatabaseStrategy
|
||||
|
||||
from .models import User, get_user_db, AccessToken, get_access_token_db, UserRead, UserUpdate, UserCreate
|
||||
from db import get_session
|
||||
|
||||
SECRET = "SECRET"
|
||||
TOKEN_LIFETIME = 3600
|
||||
|
||||
bearer_transport = BearerTransport(tokenUrl="auth/login")
|
||||
|
||||
class UserManager(UUIDIDMixin, BaseUserManager[User, uuid.UUID]):
|
||||
pass
|
||||
|
||||
|
||||
async def get_user_manager(user_db=Depends(get_user_db)) -> UserManager:
|
||||
yield UserManager(user_db)
|
||||
|
||||
def get_database_strategy(
|
||||
access_token_db: AccessTokenDatabase[AccessToken] = Depends(get_access_token_db),
|
||||
) -> DatabaseStrategy:
|
||||
return DatabaseStrategy(access_token_db, lifetime_seconds=TOKEN_LIFETIME)
|
||||
|
||||
auth_backend = AuthenticationBackend(
|
||||
name="db",
|
||||
transport=bearer_transport,
|
||||
get_strategy=get_database_strategy,
|
||||
)
|
||||
|
||||
fastapi_users = FastAPIUsers[User, uuid.UUID](
|
||||
get_user_manager,
|
||||
[auth_backend],
|
||||
)
|
||||
|
||||
|
||||
get_current_user = fastapi_users.current_user(active=True)
|
||||
get_current_superuser = fastapi_users.current_user(active=True, superuser=True)
|
||||
|
||||
|
||||
#user_router = fastapi_users.get_users_router(UserRead, UserUpdate)
|
||||
#user_router.include_router(fastapi_users.get_reset_password_router())
|
||||
|
||||
reset_password_router = fastapi_users.get_reset_password_router()
|
||||
auth_router = fastapi_users.get_auth_router(auth_backend)
|
||||
|
||||
|
||||
def create_admin_account():
|
||||
session = get_session().__next__()
|
||||
admin_email = 'root@root.fr'
|
||||
statement = select(User).where(User.email == admin_email).limit(1)
|
||||
admin_user = session.exec(statement).first()
|
||||
|
||||
if admin_user is not None:
|
||||
return
|
||||
|
||||
import secrets
|
||||
|
||||
from fastapi_users.password import PasswordHelper
|
||||
|
||||
password_length = 16
|
||||
password = secrets.token_urlsafe(password_length)
|
||||
|
||||
admin_user = User(
|
||||
id=uuid.uuid4(),
|
||||
email=admin_email,
|
||||
hashed_password=PasswordHelper().hash(password),
|
||||
is_active=True,
|
||||
is_superuser=True,
|
||||
is_verified=True
|
||||
)
|
||||
session.add(admin_user)
|
||||
session.commit()
|
||||
print(f"""Admin account created:
|
||||
login: {admin_email}
|
||||
password: {password}""")
|
||||
40
api/app/user/models.py
Normal file
40
api/app/user/models.py
Normal file
@@ -0,0 +1,40 @@
|
||||
import uuid
|
||||
|
||||
from sqlmodel import select
|
||||
from fastapi import Depends
|
||||
from fastapi_users import schemas
|
||||
from fastapi_users_db_sqlmodel import SQLModelBaseUserDB, SQLModelUserDatabase
|
||||
from fastapi_users_db_sqlmodel.access_token import SQLModelBaseAccessToken, SQLModelAccessTokenDatabase
|
||||
|
||||
from db import get_session, SessionDep
|
||||
|
||||
class User(SQLModelBaseUserDB, table=True):
|
||||
pass
|
||||
|
||||
class UserDatabase(SQLModelUserDatabase):
|
||||
def list(self):
|
||||
return select(self.user_model)
|
||||
|
||||
async def get_user_db(session: SessionDep):
|
||||
yield UserDatabase(session, User)
|
||||
|
||||
class AccessToken(SQLModelBaseAccessToken, table=True):
|
||||
pass
|
||||
|
||||
class AccessTokenDatabase(SQLModelAccessTokenDatabase):
|
||||
pass
|
||||
|
||||
async def get_access_token_db(session = Depends(get_session)):
|
||||
yield AccessTokenDatabase(session, AccessToken)
|
||||
|
||||
|
||||
class UserRead(schemas.BaseUser[uuid.UUID]):
|
||||
pass
|
||||
|
||||
|
||||
class UserCreate(schemas.BaseUserCreate):
|
||||
pass
|
||||
|
||||
|
||||
class UserUpdate(schemas.BaseUserUpdate):
|
||||
pass
|
||||
68
api/app/user/routes.py
Normal file
68
api/app/user/routes.py
Normal file
@@ -0,0 +1,68 @@
|
||||
import uuid
|
||||
|
||||
from fastapi import APIRouter, Depends, HTTPException
|
||||
|
||||
from .models import User, UserCreate, UserRead, UserUpdate
|
||||
from .manager import get_user_manager, get_current_user, get_current_superuser
|
||||
|
||||
from fastapi_pagination import Page
|
||||
from fastapi_pagination.ext.sqlmodel import paginate
|
||||
|
||||
router = APIRouter()
|
||||
|
||||
|
||||
@router.post("", response_description="User added to the database")
|
||||
async def create(user_form: UserCreate, user_manager=Depends(get_user_manager), current_user=Depends(get_current_superuser)) -> dict:
|
||||
await user_manager.create(user_form, safe=True)
|
||||
return {"message": "User added successfully"}
|
||||
|
||||
|
||||
@router.get("", response_model=Page[UserRead], response_description="User records retrieved")
|
||||
async def read_list(current_user=Depends(get_current_superuser), user_manager=Depends(get_user_manager)) -> Page[UserRead]:
|
||||
return paginate(user_manager.user_db.session, user_manager.user_db.list())
|
||||
|
||||
|
||||
@router.get("/me", response_description="User record retrieved")
|
||||
async def read_me(current_user=Depends(get_current_user), user_manager=Depends(get_user_manager)) -> UserRead:
|
||||
user = await user_manager.get(current_user.id)
|
||||
return user
|
||||
|
||||
|
||||
@router.get("/{user_id}", response_description="User record retrieved")
|
||||
async def read_id(user_id: uuid.UUID, current_user=Depends(get_current_superuser), user_manager=Depends(get_user_manager)) -> UserRead:
|
||||
user = await user_manager.get(user_id)
|
||||
if not user:
|
||||
raise HTTPException(
|
||||
status_code=404,
|
||||
detail="User not found."
|
||||
)
|
||||
return UserRead(**user.dict())
|
||||
|
||||
|
||||
@router.put("/{user_id}", response_description="User record updated")
|
||||
async def update(user_id: uuid.UUID, user_data: UserUpdate, current_user=Depends(get_current_superuser), user_manager=Depends(get_user_manager)) -> UserRead:
|
||||
user = await user_manager.get(user_id)
|
||||
if not user:
|
||||
raise HTTPException(
|
||||
status_code=404,
|
||||
detail="User not found."
|
||||
)
|
||||
|
||||
await user_manager.update(user_data, user, safe=True)
|
||||
return user
|
||||
|
||||
|
||||
@router.delete("/{user_id}", response_description="User record deleted from the database")
|
||||
async def delete(user_id: uuid.UUID, current_user=Depends(get_current_superuser), user_manager=Depends(get_user_manager)) -> dict:
|
||||
user = await user_manager.get(user_id)
|
||||
|
||||
if not user:
|
||||
raise HTTPException(
|
||||
status_code=404,
|
||||
detail="User not found."
|
||||
)
|
||||
|
||||
await user_manager.delete(user)
|
||||
return {
|
||||
"message": "User deleted successfully."
|
||||
}
|
||||
Reference in New Issue
Block a user