def create_initial_superuser(db_session: 'Session',
*,
su_email: tp.Optional[str] = None,
su_password: tp.Optional[str] = None) -> None:
"""Creates the initial superuser account.
Parameters
----------
db_session : Session
The database session to use.
su_email : str, optional
The email address to use for the first superuser account (if not
given then :obj:`config.SUPERUSER_EMAIL` is used).
su_password : str, optional
The password to use for the first superuser account (if not
given then :obj:`config.SUPERUSER_PASSWORD` is used).
"""
if not su_email:
su_email = config.SUPERUSER_EMAIL
uow = SQLUnitOfWork(db_session)
user = uow.user.get_by_email(su_email)
if not user:
if not su_password:
su_password = config.SUPERUSER_PASSWORD
new_super_user = UserCreate(email=su_email, password=su_password)
new_super_user.is_poweruser = True
new_super_user.is_superuser = True
with uow:
user = uow.user.create(new_super_user)
return
async def create_user(
data: UserCreate,
db: Session = Depends(get_db),
current_user: UserInDB = Depends(check_superuser_or_admin),
environment: str = Depends(get_environment_from_token)
):
new_user = data.user_data
new_user.password = get_password_hash(new_user.password)
user_validated = UserCreate(**new_user.dict())
user = User(**user_validated.dict())
db.add(user)
db.commit()
db.refresh(user)
return user
def test_create_user(user_setup):
email, password = user_setup()
user_in = UserCreate(email=email, password=password)
user = crud.user.create_user(db_session, user_in=user_in)
assert isinstance(user, User)
assert user.email == email
assert user.hashed_password == password
def init_db(db_session):
# Tables should be created with Alembic migrations
# But if you don't want to use migrations, create
# the tables un-commenting the next line
# Base.metadata.create_all(bind=engine)
user = crud.user.get_by_email(db_session, email=config.FIRST_SUPERUSER)
if not user:
user_in = UserCreate(email=config.FIRST_SUPERUSER,
password=config.FIRST_SUPERUSER_PASSWORD,
is_superuser=True,
city='kyiv')
user = crud.user.create(db_session, user_in=user_in)
categories = crud.category.get_multi(db_session)
if not len(categories):
for cat in [
'cooking', 'handcrafting', 'sport', 'wellness', 'gardening',
'fixing', 'arts', 'parenting'
]:
category_in = CategoryCreate(name=cat)
crud.category.create(db_session, category_in=category_in)
resource_types = crud.resource_type.get_multi(db_session)
if not len(resource_types):
for res_type in [
'skills', 'materials', 'location', 'services', 'other'
]:
resource_type_in = ResourceTypeCreate(name=res_type)
crud.resource_type.create(db_session,
resource_type_in=resource_type_in)
async def create_license(data: UserCreate, db: DBClient = client):
"""Required fields: `fullname`, `username`, `email`, `password`."""
logging.info(">>> " + __name__ + ":" + create_license.__name__)
data = data.dict()
data['type'] = config.USERTYPE_LICENSE
data = UserCreate(**data)
msg = await crud.check_free_email_username(db, data.username, data.email)
if msg:
return utils.error_400_response(msg)
user = await crud.create(db, data)
if user:
return utils.create_aliased_response(UserResponse(response=user))
return utils.create_500_response("User creation failed")
def test_check_if_user_is_superuser():
email = random_lower_string()
password = random_lower_string()
user_in = UserCreate(email=email, password=password, is_superuser=True)
user = crud.user.create(db_session, user_in=user_in)
is_superuser = crud.user.is_superuser(user)
assert is_superuser is True
def test_check_if_user_is_active():
email = random_lower_string()
password = random_lower_string()
user_in = UserCreate(email=email, password=password)
user = crud.user.create(db_session, user_in=user_in)
is_active = crud.user.is_active(user)
assert is_active is True
def test_check_if_user_is_superuser_normal_user():
username = random_lower_string()
password = random_lower_string()
user_in = UserCreate(email=username, password=password)
user = crud.user.create(db_session, user_in=user_in)
is_superuser = crud.user.is_superuser(user)
assert is_superuser is False
async def test_user3(db: Database) -> UserInDB:
new_user = UserCreate(
email="*****@*****.**",
username="******",
password="******",
)
return await user_fixture_helper(db=db, new_user=new_user)
def create_random_user():
email = random_lower_string()
password = random_lower_string()
user_in = UserCreate(username=email, email=email, password=password)
bucket = get_default_bucket()
user = crud.user.upsert(bucket, user_in=user_in, persist_to=1)
return user
async def register_new_user(self, *, new_user: UserCreate) -> UserInDB:
# make sure email isn't already taken
if await self.get_user_by_email(email=new_user.email):
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=
"That email is already taken. Login with that email or register with another one."
)
# make sure username isn't already taken
if await self.get_user_by_username(username=new_user.username):
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="That username is already taken. Please try another one."
)
user_password_update = self.auth_service.create_salt_and_hashed_password(
plaintext_password=new_user.password)
new_user_params = new_user.copy(update=user_password_update.dict())
created_user = await self.db.fetch_one(query=REGISTER_NEW_USER_QUERY,
values=new_user_params.dict())
# create profile for new user
await self.profiles_repo.create_profile_for_user(
profile_create=ProfileCreate(user_id=created_user["id"]))
return await self.populate_user(user=UserInDB(**created_user))
async def register_new_user(self, *, new_user: UserCreate) -> UserInDB:
# make sure email isn't already taken
if await self.get_user_by_email(email=new_user.email):
raise HTTPException(
status_code=HTTP_400_BAD_REQUEST,
detail=
"That email is already taken. Login with that email or register with another one.",
)
# make sure username isn't already taken
if await self.get_user_by_username(username=new_user.username):
raise HTTPException(
status_code=HTTP_400_BAD_REQUEST,
detail="That username is already taken. Please try another one."
)
user_password_update = self.auth_service.create_salt_and_hashed_password(
plaintext_password=new_user.password)
new_user_params = new_user.copy(update=user_password_update.dict())
created_user = await self.db.fetch_one(query=REGISTER_NEW_USER_QUERY,
values=new_user_params.dict())
# This is a useful pattern that we'll take advantage of regularly. By adding the
# ProfilesRepository as a sub-repo of the UsersRepository, we can insert any
# profile-related logic directly into our user-related logic.
# Create profile for new user (UserPublic.profile model)
await self.profiles_repo.create_profile_for_user(
profile_create=ProfileCreate(user_id=created_user["id"]))
return await self.populate_user(user=UserInDB(**created_user))
def create_user_open(
*,
username: str = Body(...),
password: str = Body(...),
email: EmailStr = Body(None),
full_name: str = Body(None),
):
"""
Create new user without the need to be logged in.
"""
if not config.USERS_OPEN_REGISTRATION:
raise HTTPException(
status_code=403,
detail="Open user resgistration is forbidden on this server",
)
bucket = get_default_bucket()
user = crud.user.get(bucket, username=username)
if user:
raise HTTPException(
status_code=400,
detail="The user with this username already exists in the system",
)
user_in = UserCreate(username=username,
password=password,
email=email,
full_name=full_name)
user = crud.user.upsert(bucket, user_in=user_in, persist_to=1)
if config.EMAILS_ENABLED and user_in.email:
send_new_account_email(email_to=user_in.email,
username=user_in.username,
password=user_in.password)
return user
def test_create_user(client, user_setup, superuser_token_headers):
server_api = get_server_api()
email, password = user_setup()
user_in = UserCreate(email=email, password=password, full_name="Foo Bar")
request = {
"email": user_in.email,
"is_active": True,
"is_superuser": False,
"full_name": user_in.full_name,
"password": "******",
}
response = client.post(
f"{server_api}{API_V1_STR}/users/",
json=request,
headers=superuser_token_headers,
)
response_content = response.json()
assert response.status_code == HTTP_201_CREATED
assert response_content.get("email") == user_in.email
assert response_content.get("password") is None
def test_create_user():
email = random_lower_string()
password = random_lower_string()
user_in = UserCreate(email=email, password=password)
user = crud.user.create(db_session, user_in=user_in)
assert user.email == email
assert hasattr(user, "hashed_password")
def create(self, user_create: UserCreate) -> User:
data = user_create.dict(exclude={'id'})
doc_ref = self.collection_ref.document(user_create.id)
doc_ref.set(data)
doc = doc_ref.get()
if doc.exists:
user = User(id=doc.id, **doc.to_dict())
return user
def create(db_session: Session, *, user_in: UserCreate) -> User:
user = User(
**user_in.dict()
)
db_session.add(user)
db_session.commit()
db_session.refresh(user)
return user
def test_get_user():
password = random_lower_string()
username = random_lower_string()
user_in = UserCreate(email=username, password=password, is_superuser=True)
user = crud.user.create(db_session, user_in=user_in)
user_2 = crud.user.get(db_session, user_id=user.id)
assert user.email == user_2.email
assert jsonable_encoder(user) == jsonable_encoder(user_2)
def register_user(self, user_data: UserIn) -> User:
# create user with firebase auth
user = auth.create_user(
email=user_data.email,
password=user_data.password,
display_name=user_data.name
)
# add user with uid to firestore
return self.user_dao.create(UserCreate(id=user.uid, **user_data.dict()))
def upsert_in_db(bucket: Bucket, *, user_in: UserCreate, persist_to=0):
user_doc_id = get_doc_id(user_in.username)
passwordhash = get_password_hash(user_in.password)
user = UserInDB(**user_in.dict(), hashed_password=passwordhash)
doc_data = jsonable_encoder(user)
with bucket.durability(persist_to=persist_to,
timeout=config.COUCHBASE_DURABILITY_TIMEOUT_SECS):
bucket.upsert(user_doc_id, doc_data)
return user
async def create_user(self, *, new_user: UserCreate) -> UserInDB:
query_values = new_user.dict()
query_values["id"] = uuid4()
query_values["created_at"] = datetime.utcnow()
query_values["hashed_password"] = query_values["password"]
del query_values["password"]
query = users_table.insert().values(**query_values)
id = await self.db.execute(query)
return UserInDB(**query_values)
def init_db(db_session: Session) -> None:
user = get_user_by_email(db_session, user_email=FIRST_SUPERUSER_EMAIL)
if not user:
user_in = UserCreate(
email=FIRST_SUPERUSER_EMAIL,
password=FIRST_SUPERUSER_PASSWORD,
is_superuser=True,
)
create_user(db_session, user_in=user_in)
def test_check_if_user_is_active_inactive():
email = random_lower_string()
password = random_lower_string()
user_in = UserCreate(email=email, password=password, disabled=True)
print(user_in)
user = crud.user.create(db_session, user_in=user_in)
print(user)
is_active = crud.user.is_active(user)
print(is_active)
assert is_active
def test_authenticate_user():
email = random_lower_string()
password = random_lower_string()
user_in = UserCreate(email=email, password=password)
user = crud.user.create(db_session, user_in=user_in)
authenticated_user = crud.user.authenticate(db_session,
email=email,
password=password)
assert authenticated_user
assert user.email == authenticated_user.email
async def test_user(db: Database) -> UserInDB:
new_user = UserCreate(
email="*****@*****.**",
username="******",
password="******",
)
user_repo = UsersRepository(db)
existing_user = await user_repo.get_user_by_email(email=new_user.email)
if existing_user:
return existing_user
return await user_repo.register_new_user(new_user=new_user)
def add_admin(data: UserCreate = Body(...),
api_key: str = Body(...),
db: Session = Depends(get_db)):
if api_key != secret_key:
raise HTTPException(HTTP_400_BAD_REQUEST, 'apikey错误')
db_user = get_user_by_name(db, name=data.name)
if db_user:
raise HTTPException(status_code=HTTP_400_BAD_REQUEST,
detail="Name already registered")
data.is_admin = True
return create_user(db=db, user_item=data)
def test_retrieve_users(superuser_token_headers):
server_api = get_server_api()
username = random_lower_string()
password = random_lower_string()
user_in = UserCreate(email=username, password=password)
user = crud.user.create(db_session, user_in=user_in)
username2 = random_lower_string()
password2 = random_lower_string()
user_in2 = UserCreate(email=username2, password=password2)
user2 = crud.user.create(db_session, user_in=user_in2)
r = requests.get(
f"{server_api}{config.API_V1_STR}/users/", headers=superuser_token_headers
)
all_users = r.json()
assert len(all_users) > 1
for user in all_users:
assert "email" in user
async def test_user2(db: Database) -> UserInDB:
new_user = UserCreate(
email="*****@*****.**",
username="******",
password="******",
)
user_repo = UsersRepository(db)
existing_user = await user_repo.get_user_by_email(email=new_user.email)
if existing_user:
return existing_user
return await user_repo.register_new_user(new_user=new_user)
async def test_user2(db: Database) -> UserInDB:
new_user = UserCreate(
email="*****@*****.**",
username="******",
password="******",
)
user_repo = UsersRepository(db)
existing_user = await user_repo.get_user_by_email(email=new_user.email)
if existing_user:
return existing_user
return await user_repo.register_new_user(new_user=new_user)
def test_create_user_by_normal_user():
server_api = get_server_api()
username = random_lower_string()
password = random_lower_string()
user_in = UserCreate(email=username, password=password)
user = crud.user.create(db_session, user_in=user_in)
user_token_headers = user_authentication_headers(server_api, username, password)
data = {"email": username, "password": password}
r = requests.post(
f"{server_api}{config.API_V1_STR}/users/", headers=user_token_headers, json=data
)
assert r.status_code == 400
