def route_users_post( *, user_in: UserInCreate, current_user: UserInDB = Depends(get_current_user) ): """ Create new user """ if not check_if_user_is_active(current_user): raise HTTPException(status_code=400, detail="Inactive user") elif not check_if_user_is_superuser(current_user): raise HTTPException( status_code=400, detail="The user doesn't have enough privileges" ) bucket = get_default_bucket() user = get_user(bucket, user_in.username) if user: raise HTTPException( status_code=400, detail="The user with this username already exists in the system.", ) user = upsert_user(bucket, user_in, persist_to=1) if config.EMAILS_ENABLED and user_in.email: send_new_account_email( email_to=user_in.email, username=user_in.username, password=user_in.password ) return user
def route_users_post( *, username, password, admin_channels=[], admin_roles=[], disabled=False, email=None, full_name=None, ): current_user = get_current_user() if not current_user: abort(400, "Could not authenticate user with provided token") elif not check_if_user_is_active(current_user): abort(400, "Inactive user") elif not check_if_user_is_superuser(current_user): abort(400, "The user doesn't have enough privileges") bucket = get_default_bucket() user = get_user(bucket, username) if user: return abort(400, f"The user with this username already exists in the system.") user_in = UserInCreate( username=username, password=password, admin_channels=admin_channels, admin_roles=admin_roles, disabled=disabled, email=email, full_name=full_name, ) user = upsert_user(bucket, user_in) if config.EMAILS_ENABLED: send_new_account_email(email_to=email, username=username, password=password) return user
def route_users_put( *, username: str, user_in: UserInUpdate, current_user: UserInDB = Depends(get_current_user), ): """ Update a user """ if not check_if_user_is_active(current_user): raise HTTPException(status_code=400, detail="Inactive user") elif not check_if_user_is_superuser(current_user): raise HTTPException( status_code=400, detail="The user doesn't have enough privileges" ) bucket = get_default_bucket() user = get_user(bucket, username) if not user: raise HTTPException( status_code=404, detail="The user with this username does not exist in the system", ) user = update_user(bucket, user_in) return user
def route_users_post( *, name, password, admin_channels=[], admin_roles=[], disabled=False, email=None, human_name=None, ): current_user = get_current_user() if not current_user: abort(400, "Could not authenticate user with provided token") elif not check_if_user_is_active(current_user): abort(400, "Inactive user") elif not check_if_user_is_admin_or_superuser(current_user): abort(400, "The user doesn't have enough privileges") user = get_user(bucket, name) if user: return abort( 400, f"The user with this username already exists in the system.") user_in = UserInCreate( name=name, password=password, admin_channels=admin_channels, admin_roles=admin_roles, disabled=disabled, email=email, human_name=human_name, ) user = upsert_user(bucket, user_in) return user
def route_users_post_open( *, username: str = Body(...), password: str = Body(...), email: EmailStr = Body(None), full_name: str = Body(None), ): """ Create new user without the need to be logged in """ if not config.USERS_OPEN_REGISTRATION: raise HTTPException( status_code=403, detail="Open user resgistration is forbidden on this server", ) bucket = get_default_bucket() user = get_user(bucket, username) if user: raise HTTPException( status_code=400, detail="The user with this username already exists in the system", ) user_in = UserInCreate( username=username, password=password, email=email, full_name=full_name ) user = upsert_user(bucket, user_in, persist_to=1) return user
def read_user_me(db: Session = Depends(get_db), user: User = Depends(get_current_user_authorizer())): db_user = get_user(db, user_id=user.id) if db_user is None: raise HTTPException(status_code=HTTP_400_BAD_REQUEST, detail="User not found") return db_user
def route_users_put( *, username, password=None, admin_channels=None, admin_roles=None, disabled=None, email=None, full_name=None, ): current_user = get_current_user() if not current_user: abort(400, "Could not authenticate user with provided token") elif not check_if_user_is_active(current_user): abort(400, "Inactive user") elif not check_if_user_is_superuser(current_user): abort(400, "The user doesn't have enough privileges") bucket = get_default_bucket() user = get_user(bucket, username) if not user: return abort(404, f"The user with this username does not exist in the system.") user_in = UserInUpdate( username=username, password=password, admin_channels=admin_channels, admin_roles=admin_roles, disabled=disabled, email=email, full_name=full_name, ) user = update_user(bucket, user_in) return user
def reset_password(new_pass: str = Body(..., embed=True), db: Session = Depends(get_db), user: User = Depends(get_current_user_authorizer())): db_user = get_user(db, user_id=user.id) if db_user is None: raise HTTPException(status_code=HTTP_400_BAD_REQUEST, detail="User not found") update_user(db=db, user_id=user.id, password=new_pass) return db_user
def create_user( user: UserCreate, db: Session = Depends(deps.get_db) ) -> Any: db_user = crud.get_user(db, user.name) if db_user: raise HTTPException(status_code=400, detail="Name already registered") created_user = crud.create_user(db, user) access_token = create_access_token(created_user.name) return {"access_token": access_token, "token_type": "bearer"}
def test_get_user(): password = random_lower_string() username = random_lower_string() user_in = UserInCreate(name=username, email=username, password=password, admin_roles=[RoleEnum.superuser]) user = upsert_user(bucket, user_in) user_2 = get_user(bucket, username) assert user.Meta.key == user_2.Meta.key assert user.json_dict() == user_2.json_dict()
def route_recover_password(name): bucket = get_default_bucket() user = get_user(bucket, name) if not user: return abort( 404, f"The user with this username does not exist in the system.") password_reset_token = generate_password_reset_token(name) send_reset_password_email(email_to=user.email, username=name, token=password_reset_token) return {"msg": "Password recovery email sent"}
def route_users_id_get(name): current_user = get_current_user() # type: User if not current_user: abort(400, "Could not authenticate user with provided token") elif not check_if_user_is_active(current_user): abort(400, "Inactive user") user = get_user(bucket, name) if user == current_user: return user if not check_if_user_is_admin_or_superuser(current_user): abort(400, "The user doesn't have enough privileges") return user
async def _get_current_user(db: Session = Depends(get_db), token: str = Depends(oauth2_scheme)) -> User: try: payload = jwt.decode(token, str(secret_key), algorithms=[algorithm]) # TokenPayload可校验解密后内容 token_data = TokenPayload(**payload) except PyJWTError: raise HTTPException(status_code=HTTP_403_FORBIDDEN, detail="无效的授权") dbuser = get_user(db, user_id=token_data.id) if not dbuser: raise HTTPException(status_code=HTTP_404_NOT_FOUND, detail="用户不存在") return dbuser
def route_users_post_open(*, username, password, email=None, full_name=None): if not config.USERS_OPEN_REGISTRATION: abort(403, "Open user resgistration is forbidden on this server") bucket = get_default_bucket() user = get_user(bucket, username) if user: return abort(400, f"The user with this username already exists in the system") user_in = UserInCreate( username=username, password=password, email=email, full_name=full_name ) user = upsert_user(bucket, user_in) return user
def save_face( file: UploadFile = File(...), user: User = Depends(deps.get_current_user), db: Session = Depends(deps.get_db) ) -> Any: img_encodings = encode_face(file.file) if not img_encodings: return {'success': False} user_db = crud.get_user(db, user.name) user_db.encodings = img_encodings db.commit() return {'success': True}
def get_current_user(token: str = Security(reusable_oauth2)): try: payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM]) token_data = TokenPayload(**payload) except PyJWTError: raise HTTPException( status_code=HTTP_403_FORBIDDEN, detail="Could not validate credentials" ) bucket = get_default_bucket() user = get_user(bucket, username=token_data.username) if not user: raise HTTPException(status_code=404, detail="User not found") return user
def test_get_user(): password = random_lower_string() username = random_lower_string() user_in = UserInCreate( username=username, email=username, password=password, admin_roles=[RoleEnum.superuser], ) bucket = get_default_bucket() user = upsert_user(bucket, user_in, persist_to=1) user_2 = get_user(bucket, username) assert user.username == user_2.username assert jsonable_encoder(user) == jsonable_encoder(user_2)
def test_get_existing_user(superuser_token_headers): server_api = get_server_api() username = random_lower_string() password = random_lower_string() user_in = UserInCreate(name=username, email=username, password=password) user = upsert_user(bucket, user_in) r = requests.get( f"{server_api}{config.API_V1_STR}/users/{username}", headers=superuser_token_headers, ) assert 200 <= r.status_code < 300 api_user = r.json() user = get_user(bucket, username) assert user.name == api_user["name"]
def test_create_user_new_email(superuser_token_headers): server_api = get_server_api() username = random_lower_string() password = random_lower_string() data = {"name": username, "password": password} r = requests.post( f"{server_api}{config.API_V1_STR}/users/", headers=superuser_token_headers, json=data, ) assert 200 <= r.status_code < 300 created_user = r.json() user = get_user(bucket, username) assert user.name == created_user["name"]
def route_reset_password(token, new_password): name = verify_password_reset_token(token) if not name: abort(400, "Invalid token") bucket = get_default_bucket() user = get_user(bucket, name) if not user: return abort( 404, f"The user with this username does not exist in the system.") elif not check_if_user_is_active(user): abort(400, "Inactive user") user_in = UserInUpdate(name=name, password=new_password) user = update_user(bucket, user_in) return {"msg": "Password updated successfully"}
def get_current_user( token: str = Security(reusable_oauth2), conn: AsyncIOMotorClient = Depends(get_database), ): try: payload = jwt.decode(token, config.SECRET_KEY, algorithms=[ALGORITHM]) token_data = TokenPayload(**payload) except PyJWTError: raise HTTPException(status_code=HTTP_403_FORBIDDEN, detail="Could not validate credentials") # user = get_user(conn, username=token_data.username) user = get_user(conn, username=token_data.username) if not user: raise HTTPException(status_code=404, detail="User not found") return user
def get_current_user(token: str = Depends(oauth2_scheme), db: Session = Depends(get_db)) -> user_model.User: try: payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[security.ALGORITHM]) name: str = payload.get("sub") except JWTError: raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Could not validate credentials", ) user = user_crud.get_user(db, name) if not user: raise HTTPException(status_code=404, detail="User not found") return user
def route_recover_password(username: str): """ Password Recovery """ bucket = get_default_bucket() user = get_user(bucket, username) if not user: raise HTTPException( status_code=404, detail="The user with this username does not exist in the system.", ) password_reset_token = generate_password_reset_token(username) send_reset_password_email(email_to=user.email, username=username, token=password_reset_token) return {"msg": "Password recovery email sent"}
def route_users_id_get( username: str, current_user: UserInDB = Depends(get_current_user) ): """ Get a specific user by username (email) """ if not check_if_user_is_active(current_user): raise HTTPException(status_code=400, detail="Inactive user") bucket = get_default_bucket() user = get_user(bucket, username) if user == current_user: return user if not check_if_user_is_superuser(current_user): raise HTTPException( status_code=400, detail="The user doesn't have enough privileges" ) return user
def route_reset_password(token: str, new_password: str): """ Reset password """ username = verify_password_reset_token(token) if not username: raise HTTPException(status_code=400, detail="Invalid token") bucket = get_default_bucket() user = get_user(bucket, username) if not user: raise HTTPException( status_code=404, detail="The user with this username does not exist in the system.", ) elif not check_if_user_is_active(user): raise HTTPException(status_code=400, detail="Inactive user") user_in = UserInUpdate(name=username, password=new_password) user = update_user(bucket, user_in) return {"msg": "Password updated successfully"}
fastapi.Response """ user_email = cred.email user_pass = cred.master_pwd password = get_hash(user_pass) # check if user with this email exists if (res := crud_user.get_user_by_email(db, cred.email)) is None: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="email not found" ) # authentication check if (user := crud_user.get_user(db, email=user_email, password=password)) is None: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="invalid email/password" ) # generate payload and access token time_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES) payload = { "user_info": user.dict(exclude_unset=True) } access_token = create_access_token(data=payload, expires_delta=time_expires) # set cookie response.set_cookie( key="access_token", value=access_token,
def get_current_user(identity): bucket = get_default_bucket() return get_user(bucket, username=identity)
def get_current_user(identity): return get_user(bucket, name=identity)
def post_tweet(body: PostTweetInput, auth: CookieAuth = Depends(cookie_auth), db: Session = Depends(get_db)): session_user = user.get_user(db, auth) tweet.create_tweet(db, TweetCreate(message=body.message, author_id=session_user.id)) return 'created'