async def get_current_user(token: str = Depends(oauth2_scheme),
db: Session = Depends(get_db)):
credentials_exception = HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Could not validate credentials",
headers={"WWW-Authenticate": "Bearer"},
)
try:
payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
sub: str = payload.get("sub")
jti: str = payload.get("jti")
if sub is None or jti is None:
raise credentials_exception
except JWTError as e:
raise credentials_exception
user = crud.get_user(db, int(sub))
if user is None:
raise credentials_exception
# get sessions and see if token is still valid
session = (db.query(models.Session).filter(
models.Session.session_id == int(jti),
models.Session.valid_until > datetime.now(),
).first())
if session is None:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Token expired",
headers={"WWW-Authenticate": "Bearer"},
)
auth_user = AuthUser.from_orm(user)
auth_user.session_id = jti
return auth_user
def withdraw(transaction: schemas.Transaction, db: Session = Depends(get_db)):
user = crud.get_user(db, transaction.user_id)
if not user:
raise HTTPException(status_code=404, detail="User not found")
if user.fund < transaction.amount:
raise HTTPException(status_code=400, detail="Insufficient funds")
return crud.user_withdraw(db=db, user=user, amount=transaction.amount)
def login_user(user: schemas.UserLogIn) -> JSONResponse:
""" Login user and Return Access Token"""
db_user = get_active_user(email=user.email)
if db_user is None:
return JSONResponse(status_code=400,
content={"message": "Invalid Credentials"})
else:
is_password_correct = crud_login.check_username_password(
email=user.email,
password=user.password)
if is_password_correct is False:
return JSONResponse(status_code=400,
content={"message": "Invalid Credentials"})
else:
uid = str(uuid.uuid4().hex)
crud_login.login_user(user=user, session_id=uid)
access_token_expires = timedelta(
minutes=ProjectSettings.ACCESS_TOKEN_EXPIRE_MINUTES)
token = access_token.create_access_token(
data={"sub": user.email},
expires_delta=access_token_expires)
return JSONResponse(status_code=200,
content={"access_token": token,
"token_type": "Bearer",
"session_id": uid,
"user": jsonable_encoder(
get_user(email=user.email))})
def read_user(user_id: int,
db: Session = Depends(get_db),
token: str = Depends(oauth2_scheme)):
db_user = crud.get_user(db, user_id=user_id)
if db_user is None:
raise HTTPException(status_code=404, detail="User not found")
return db_user
def delete_favorites(user_id: int,
db: Session = Depends(get_db),
fmid: int = Body(..., embed=True)):
db_favorite = crud.delete_user_favorite(db,
user_id=user_id,
market_id=fmid)
db_user = crud.get_user(db, user_id=user_id)
return db_user
def update_user(user_id: int,
user_in: schemas.UserUpdate,
db: Session = Depends(get_db)):
db_user = crud.get_user(db, user_id=user_id)
if not db_user:
raise HTTPException(status_code=404,
detail="This user doesn't exist in the system")
user = crud.update_user(db, db_obj=db_user, obj_in=user_in)
return user
def get_current_user(data: str = Depends(oauth2_scheme),
db: Session = Depends(get_db)):
credentials_exception = HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Could not validate credentials",
headers={"WWW-Authenticate": "Bearer"})
token_data = verify_token(data, credentials_exception)
db_user = crud.get_user(db, user_id=token_data.id)
return db_user
def read_user(user_id: int, db: Session = Depends(deps.get_db)):
"""
Read the data for a specific user.
Requires superuser permissions.
"""
db_user = crud.get_user(db, user_id=user_id)
if db_user is None:
raise HTTPException(status_code=404, detail="User not found")
return db_user
def update_users(id: int, user: schemas.UserUpdate):
"""
Supporte la mise a jour partiel. C'est a dire que vous n'etes pas obligé de renseigner tout les champs.
Mettez a jour juste les données a modifier et ignorer les autres va parfaitement marcher
"""
stored_data = jsonable_encoder(crud.get_user(id))
if stored_data is None:
raise HTTPException(status_code=404, detail="User not found")
sotred_model = schemas.UserUpdate(**stored_data["__data__"])
updated_data = user.dict(exclude_unset=True,
exclude_none=True,
exclude_defaults=True)
updated_user = sotred_model.copy(update=updated_data)
return crud.update_user(id, updated_user)
def create_users():
"""
create test users:
- username: admin, password: admin, isadmin: "true"
- username: user2, password: user2pass, isadmin: "false"
"""
if not crud.get_user(db=database.SessionLocal(),
username="******") and not crud.get_admins(
db=database.SessionLocal()):
user = schemas.UserCreate(**{
"username": "******",
"password": "******",
"isadmin": "true"
})
crud.create_user(db=database.SessionLocal(), user=user)
if not crud.get_user(db=database.SessionLocal(), username="******"):
user = schemas.UserCreate(**{
"username": "******",
"password": "******",
"isadmin": "false"
})
crud.create_user(db=database.SessionLocal(), user=user)
def buy_stock(invest: schemas.Invest, db: Session = Depends(get_db)):
user = crud.get_user(db, invest.user_id)
if not user:
raise HTTPException(status_code=404, detail="User not found")
stock = crud.get_stock(db, invest.stock_id)
if not stock:
raise HTTPException(status_code=404, detail="Stock not found")
# if stock price is out of boundaries user should try again with new boundaries
if stock.price > invest.upper_bound or stock.price < invest.lower_bound:
raise HTTPException(status_code=400,
detail="Stock price is out of boundaries")
if stock.availability < invest.total:
raise HTTPException(status_code=400,
detail="Requested stocks are not available")
if user.fund < invest.total * stock.price:
raise HTTPException(status_code=400, detail="Insufficient funds")
return crud.user_buy(db=db, user=user, stock=stock, total=invest.total)
def get_current_user(
db: Session = Depends(get_db), token: str = Depends(reusable_oauth2)
) -> models.User:
try:
payload = jwt.decode(
token, settings.SECRET_KEY, algorithms=[ALGORITHM]
)
token_data = schemas.TokenPayload(**payload)
except (jwt.JWTError, ValidationError):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Could not validate credentials"
)
user = crud.get_user(db, user_id=token_data.sub)
if not user:
raise HTTPException(status_code=404, detail="User not found")
return user
def favorite_a_market(user_id: int,
fmid: int = Body(..., embed=True),
db: Session = Depends(get_db)):
db_market = crud.get_market_by_fmid(db, fmid=fmid)
if db_market is None:
market_in = schemas.MarketCreate(market_id=fmid)
db_market = crud.create_market(db, market=market_in)
elif db_market:
db_fav = crud.get_favorite(db, user_id=user_id, market_id=fmid)
if db_fav:
raise HTTPException(status_code=400,
detail="That market is already favorited!")
favorite_in = schemas.FavoriteCreate(user_id=user_id,
market_id=db_market.id)
favorite = crud.favorite_market(db, favorite=favorite_in)
user = crud.get_user(db, user_id=user_id)
return user
def add_user_to_group(
user_id: int,
group_id: int,
admin: bool = False,
db: Session = Depends(get_db)) -> models.UserGroupLink:
db_group = crud.get_group(db, group_id=group_id)
if db_group is None:
raise HTTPException(status_code=404, detail="group not found")
db_user = crud.get_user(db, user_id=user_id)
if db_user is None:
raise HTTPException(status_code=404, detail="user not found")
userInGroup = (db.query(models.UserGroupLink).filter(
models.UserGroupLink.user_id == user_id
and models.UserGroupLink.group_id == group_id).first())
if not userInGroup:
return crud.add_user_to_group(db, db_user, db_group, admin)
raise HTTPException(status_code=400, detail="User is already in group")
def get_current_user(
db: Session = Depends(get_db), token: str = Depends(reusable_oauth2)
):
try:
payload = jwt.decode(
token, settings.secret_key, algorithms=[security.ALGORITHM]
)
token_data = schemas.auth.TokenPayload(**payload)
token_user_id = int(token_data.sub.replace("user:"******""))
except (jwt.JWTError, ValidationError, ValueError):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Could not validate credentials",
)
user = crud.get_user(db, user_id=token_user_id)
if not user:
raise HTTPException(status_code=404, detail="User not found")
return user
def sell_stock(invest: schemas.Invest, db: Session = Depends(get_db)):
user = crud.get_user(db, invest.user_id)
if not user:
raise HTTPException(status_code=404, detail="User not found")
stock = crud.get_stock(db, invest.stock_id)
if not stock:
raise HTTPException(status_code=404, detail="Stock not found")
# if stock price is out of boundaries user should try again with new boundaries
if stock.price > invest.upper_bound or stock.price < invest.lower_bound:
raise HTTPException(status_code=400,
detail="Stock price is out of boundaries")
try:
ownership = next(s for s in user.stocks if s.stock_id == stock.id)
if ownership.own < invest.total:
raise HTTPException(status_code=400,
detail="User don't own enough stocks")
return crud.user_sell(db=db,
user=user,
stock=stock,
ownership=ownership,
total=invest.total)
except StopIteration:
raise HTTPException(status_code=400,
detail="User don't own this stock")
def me(db: Session = Depends(get_db)):
db_user = crud.get_user(db, )
def get_user(user_id: int, db: Session = Depends(get_db)):
return crud.get_user(db, user_id=user_id)
def read_user(user_id: int, db: Session = Depends(get_db)) -> models.User:
db_user = crud.get_user(db, user_id=user_id)
if db_user is None:
raise HTTPException(status_code=404, detail="User not found")
return db_user
def deposit(transaction: schemas.Transaction, db: Session = Depends(get_db)):
user = crud.get_user(db, transaction.user_id)
if not user:
raise HTTPException(status_code=404, detail="User not found")
return crud.user_deposit(db=db, user=user, amount=transaction.amount)
def get_user(user_id: int, db: Session = Depends(deps.get_db)):
#try to get user
db_user = crud.get_user(db, user_id)
if db_user is None:
raise HTTPException(404, detail="User not found")
return db_user
def read_user(user_id: int):
db_user = crud.get_user(user_id=user_id)
if db_user is None:
raise HTTPException(status_code=404, detail="User not found")
return db_user
def get_user(user_id: int, db: Session = Depends(get_db)):
user = crud.get_user(db, user_id)
if not user:
raise HTTPException(status_code=404, detail="User not found")
return user
def get_favorites(user_id: int, db: Session = Depends(get_db)):
db_user = crud.get_user(db, user_id=user_id)
return db_user
