def route_users_post(
*, user_in: UserInCreate, current_user: UserInDB = Depends(get_current_user)
):
"""
Create new user
"""
if not check_if_user_is_active(current_user):
raise HTTPException(status_code=400, detail="Inactive user")
elif not check_if_user_is_superuser(current_user):
raise HTTPException(
status_code=400, detail="The user doesn't have enough privileges"
)
bucket = get_default_bucket()
user = get_user(bucket, user_in.username)
if user:
raise HTTPException(
status_code=400,
detail="The user with this username already exists in the system.",
)
user = upsert_user(bucket, user_in, persist_to=1)
if config.EMAILS_ENABLED and user_in.email:
send_new_account_email(
email_to=user_in.email, username=user_in.username, password=user_in.password
)
return user
def route_users_post(
*,
username,
password,
admin_channels=[],
admin_roles=[],
disabled=False,
email=None,
full_name=None,
):
current_user = get_current_user()
if not current_user:
abort(400, "Could not authenticate user with provided token")
elif not check_if_user_is_active(current_user):
abort(400, "Inactive user")
elif not check_if_user_is_superuser(current_user):
abort(400, "The user doesn't have enough privileges")
bucket = get_default_bucket()
user = get_user(bucket, username)
if user:
return abort(400, f"The user with this username already exists in the system.")
user_in = UserInCreate(
username=username,
password=password,
admin_channels=admin_channels,
admin_roles=admin_roles,
disabled=disabled,
email=email,
full_name=full_name,
)
user = upsert_user(bucket, user_in)
if config.EMAILS_ENABLED:
send_new_account_email(email_to=email, username=username, password=password)
return user
def route_users_put(
*,
username: str,
user_in: UserInUpdate,
current_user: UserInDB = Depends(get_current_user),
):
"""
Update a user
"""
if not check_if_user_is_active(current_user):
raise HTTPException(status_code=400, detail="Inactive user")
elif not check_if_user_is_superuser(current_user):
raise HTTPException(
status_code=400, detail="The user doesn't have enough privileges"
)
bucket = get_default_bucket()
user = get_user(bucket, username)
if not user:
raise HTTPException(
status_code=404,
detail="The user with this username does not exist in the system",
)
user = update_user(bucket, user_in)
return user
def route_users_post(
*,
name,
password,
admin_channels=[],
admin_roles=[],
disabled=False,
email=None,
human_name=None,
):
current_user = get_current_user()
if not current_user:
abort(400, "Could not authenticate user with provided token")
elif not check_if_user_is_active(current_user):
abort(400, "Inactive user")
elif not check_if_user_is_admin_or_superuser(current_user):
abort(400, "The user doesn't have enough privileges")
user = get_user(bucket, name)
if user:
return abort(
400, f"The user with this username already exists in the system.")
user_in = UserInCreate(
name=name,
password=password,
admin_channels=admin_channels,
admin_roles=admin_roles,
disabled=disabled,
email=email,
human_name=human_name,
)
user = upsert_user(bucket, user_in)
return user
def route_users_post_open(
*,
username: str = Body(...),
password: str = Body(...),
email: EmailStr = Body(None),
full_name: str = Body(None),
):
"""
Create new user without the need to be logged in
"""
if not config.USERS_OPEN_REGISTRATION:
raise HTTPException(
status_code=403,
detail="Open user resgistration is forbidden on this server",
)
bucket = get_default_bucket()
user = get_user(bucket, username)
if user:
raise HTTPException(
status_code=400,
detail="The user with this username already exists in the system",
)
user_in = UserInCreate(
username=username, password=password, email=email, full_name=full_name
)
user = upsert_user(bucket, user_in, persist_to=1)
return user
def read_user_me(db: Session = Depends(get_db),
user: User = Depends(get_current_user_authorizer())):
db_user = get_user(db, user_id=user.id)
if db_user is None:
raise HTTPException(status_code=HTTP_400_BAD_REQUEST,
detail="User not found")
return db_user
def route_users_put(
*,
username,
password=None,
admin_channels=None,
admin_roles=None,
disabled=None,
email=None,
full_name=None,
):
current_user = get_current_user()
if not current_user:
abort(400, "Could not authenticate user with provided token")
elif not check_if_user_is_active(current_user):
abort(400, "Inactive user")
elif not check_if_user_is_superuser(current_user):
abort(400, "The user doesn't have enough privileges")
bucket = get_default_bucket()
user = get_user(bucket, username)
if not user:
return abort(404, f"The user with this username does not exist in the system.")
user_in = UserInUpdate(
username=username,
password=password,
admin_channels=admin_channels,
admin_roles=admin_roles,
disabled=disabled,
email=email,
full_name=full_name,
)
user = update_user(bucket, user_in)
return user
def reset_password(new_pass: str = Body(..., embed=True),
db: Session = Depends(get_db),
user: User = Depends(get_current_user_authorizer())):
db_user = get_user(db, user_id=user.id)
if db_user is None:
raise HTTPException(status_code=HTTP_400_BAD_REQUEST,
detail="User not found")
update_user(db=db, user_id=user.id, password=new_pass)
return db_user
def create_user(
user: UserCreate,
db: Session = Depends(deps.get_db)
) -> Any:
db_user = crud.get_user(db, user.name)
if db_user:
raise HTTPException(status_code=400, detail="Name already registered")
created_user = crud.create_user(db, user)
access_token = create_access_token(created_user.name)
return {"access_token": access_token, "token_type": "bearer"}
def test_get_user():
password = random_lower_string()
username = random_lower_string()
user_in = UserInCreate(name=username,
email=username,
password=password,
admin_roles=[RoleEnum.superuser])
user = upsert_user(bucket, user_in)
user_2 = get_user(bucket, username)
assert user.Meta.key == user_2.Meta.key
assert user.json_dict() == user_2.json_dict()
def route_recover_password(name):
bucket = get_default_bucket()
user = get_user(bucket, name)
if not user:
return abort(
404, f"The user with this username does not exist in the system.")
password_reset_token = generate_password_reset_token(name)
send_reset_password_email(email_to=user.email,
username=name,
token=password_reset_token)
return {"msg": "Password recovery email sent"}
def route_users_id_get(name):
current_user = get_current_user() # type: User
if not current_user:
abort(400, "Could not authenticate user with provided token")
elif not check_if_user_is_active(current_user):
abort(400, "Inactive user")
user = get_user(bucket, name)
if user == current_user:
return user
if not check_if_user_is_admin_or_superuser(current_user):
abort(400, "The user doesn't have enough privileges")
return user
async def _get_current_user(db: Session = Depends(get_db),
token: str = Depends(oauth2_scheme)) -> User:
try:
payload = jwt.decode(token, str(secret_key), algorithms=[algorithm])
# TokenPayload可校验解密后内容
token_data = TokenPayload(**payload)
except PyJWTError:
raise HTTPException(status_code=HTTP_403_FORBIDDEN, detail="无效的授权")
dbuser = get_user(db, user_id=token_data.id)
if not dbuser:
raise HTTPException(status_code=HTTP_404_NOT_FOUND, detail="用户不存在")
return dbuser
def route_users_post_open(*, username, password, email=None, full_name=None):
if not config.USERS_OPEN_REGISTRATION:
abort(403, "Open user resgistration is forbidden on this server")
bucket = get_default_bucket()
user = get_user(bucket, username)
if user:
return abort(400, f"The user with this username already exists in the system")
user_in = UserInCreate(
username=username, password=password, email=email, full_name=full_name
)
user = upsert_user(bucket, user_in)
return user
def save_face(
file: UploadFile = File(...),
user: User = Depends(deps.get_current_user),
db: Session = Depends(deps.get_db)
) -> Any:
img_encodings = encode_face(file.file)
if not img_encodings:
return {'success': False}
user_db = crud.get_user(db, user.name)
user_db.encodings = img_encodings
db.commit()
return {'success': True}
def get_current_user(token: str = Security(reusable_oauth2)):
try:
payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
token_data = TokenPayload(**payload)
except PyJWTError:
raise HTTPException(
status_code=HTTP_403_FORBIDDEN, detail="Could not validate credentials"
)
bucket = get_default_bucket()
user = get_user(bucket, username=token_data.username)
if not user:
raise HTTPException(status_code=404, detail="User not found")
return user
def test_get_user():
password = random_lower_string()
username = random_lower_string()
user_in = UserInCreate(
username=username,
email=username,
password=password,
admin_roles=[RoleEnum.superuser],
)
bucket = get_default_bucket()
user = upsert_user(bucket, user_in, persist_to=1)
user_2 = get_user(bucket, username)
assert user.username == user_2.username
assert jsonable_encoder(user) == jsonable_encoder(user_2)
def test_get_existing_user(superuser_token_headers):
server_api = get_server_api()
username = random_lower_string()
password = random_lower_string()
user_in = UserInCreate(name=username, email=username, password=password)
user = upsert_user(bucket, user_in)
r = requests.get(
f"{server_api}{config.API_V1_STR}/users/{username}",
headers=superuser_token_headers,
)
assert 200 <= r.status_code < 300
api_user = r.json()
user = get_user(bucket, username)
assert user.name == api_user["name"]
def test_create_user_new_email(superuser_token_headers):
server_api = get_server_api()
username = random_lower_string()
password = random_lower_string()
data = {"name": username, "password": password}
r = requests.post(
f"{server_api}{config.API_V1_STR}/users/",
headers=superuser_token_headers,
json=data,
)
assert 200 <= r.status_code < 300
created_user = r.json()
user = get_user(bucket, username)
assert user.name == created_user["name"]
def route_reset_password(token, new_password):
name = verify_password_reset_token(token)
if not name:
abort(400, "Invalid token")
bucket = get_default_bucket()
user = get_user(bucket, name)
if not user:
return abort(
404, f"The user with this username does not exist in the system.")
elif not check_if_user_is_active(user):
abort(400, "Inactive user")
user_in = UserInUpdate(name=name, password=new_password)
user = update_user(bucket, user_in)
return {"msg": "Password updated successfully"}
def get_current_user(
token: str = Security(reusable_oauth2),
conn: AsyncIOMotorClient = Depends(get_database),
):
try:
payload = jwt.decode(token, config.SECRET_KEY, algorithms=[ALGORITHM])
token_data = TokenPayload(**payload)
except PyJWTError:
raise HTTPException(status_code=HTTP_403_FORBIDDEN,
detail="Could not validate credentials")
# user = get_user(conn, username=token_data.username)
user = get_user(conn, username=token_data.username)
if not user:
raise HTTPException(status_code=404, detail="User not found")
return user
def get_current_user(token: str = Depends(oauth2_scheme),
db: Session = Depends(get_db)) -> user_model.User:
try:
payload = jwt.decode(token,
settings.SECRET_KEY,
algorithms=[security.ALGORITHM])
name: str = payload.get("sub")
except JWTError:
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Could not validate credentials",
)
user = user_crud.get_user(db, name)
if not user:
raise HTTPException(status_code=404, detail="User not found")
return user
def route_recover_password(username: str):
"""
Password Recovery
"""
bucket = get_default_bucket()
user = get_user(bucket, username)
if not user:
raise HTTPException(
status_code=404,
detail="The user with this username does not exist in the system.",
)
password_reset_token = generate_password_reset_token(username)
send_reset_password_email(email_to=user.email,
username=username,
token=password_reset_token)
return {"msg": "Password recovery email sent"}
def route_users_id_get(
username: str, current_user: UserInDB = Depends(get_current_user)
):
"""
Get a specific user by username (email)
"""
if not check_if_user_is_active(current_user):
raise HTTPException(status_code=400, detail="Inactive user")
bucket = get_default_bucket()
user = get_user(bucket, username)
if user == current_user:
return user
if not check_if_user_is_superuser(current_user):
raise HTTPException(
status_code=400, detail="The user doesn't have enough privileges"
)
return user
def route_reset_password(token: str, new_password: str):
"""
Reset password
"""
username = verify_password_reset_token(token)
if not username:
raise HTTPException(status_code=400, detail="Invalid token")
bucket = get_default_bucket()
user = get_user(bucket, username)
if not user:
raise HTTPException(
status_code=404,
detail="The user with this username does not exist in the system.",
)
elif not check_if_user_is_active(user):
raise HTTPException(status_code=400, detail="Inactive user")
user_in = UserInUpdate(name=username, password=new_password)
user = update_user(bucket, user_in)
return {"msg": "Password updated successfully"}
fastapi.Response
"""
user_email = cred.email
user_pass = cred.master_pwd
password = get_hash(user_pass)
# check if user with this email exists
if (res := crud_user.get_user_by_email(db, cred.email)) is None:
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND,
detail="email not found"
)
# authentication check
if (user := crud_user.get_user(db, email=user_email, password=password)) is None:
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND,
detail="invalid email/password"
)
# generate payload and access token
time_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
payload = { "user_info": user.dict(exclude_unset=True) }
access_token = create_access_token(data=payload, expires_delta=time_expires)
# set cookie
response.set_cookie(
key="access_token",
value=access_token,
def get_current_user(identity):
bucket = get_default_bucket()
return get_user(bucket, username=identity)
def get_current_user(identity):
return get_user(bucket, name=identity)
def post_tweet(body: PostTweetInput, auth: CookieAuth = Depends(cookie_auth), db: Session = Depends(get_db)):
session_user = user.get_user(db, auth)
tweet.create_tweet(db, TweetCreate(message=body.message, author_id=session_user.id))
return 'created'
