mirror of
https://github.com/mealie-recipes/mealie.git
synced 2025-12-27 04:35:12 -05:00
refactor(backend): ♻️ rename UserInDb -> PrivateUser
This commit is contained in:
hay-kot
@@ -1,9 +1,9 @@
|
||||
from fastapi import HTTPException, status
|
||||
|
||||
from mealie.schema.user.user import UserInDB
|
||||
from mealie.schema.user.user import PrivateUser
|
||||
|
||||
|
||||
def assert_user_change_allowed(id: int, current_user: UserInDB):
|
||||
def assert_user_change_allowed(id: int, current_user: PrivateUser):
|
||||
if current_user.id != id and not current_user.admin:
|
||||
# only admins can edit other users
|
||||
raise HTTPException(status.HTTP_403_FORBIDDEN, detail="NOT_AN_ADMIN")
|
||||
|
||||
@@ -9,7 +9,7 @@ from mealie.core.security import create_access_token
|
||||
from mealie.db.database import db
|
||||
from mealie.db.db_setup import generate_session
|
||||
from mealie.routes.routers import UserAPIRouter
|
||||
from mealie.schema.user import CreateToken, LoingLiveTokenIn, LongLiveTokenInDB, UserInDB
|
||||
from mealie.schema.user import CreateToken, LoingLiveTokenIn, LongLiveTokenInDB, PrivateUser
|
||||
|
||||
router = UserAPIRouter()
|
||||
|
||||
@@ -17,7 +17,7 @@ router = UserAPIRouter()
|
||||
@router.post("/api-tokens", status_code=status.HTTP_201_CREATED)
|
||||
async def create_api_token(
|
||||
token_name: LoingLiveTokenIn,
|
||||
current_user: UserInDB = Depends(get_current_user),
|
||||
current_user: PrivateUser = Depends(get_current_user),
|
||||
session: Session = Depends(generate_session),
|
||||
):
|
||||
""" Create api_token in the Database """
|
||||
@@ -42,7 +42,7 @@ async def create_api_token(
|
||||
@router.delete("/api-tokens/{token_id}")
|
||||
async def delete_api_token(
|
||||
token_id: int,
|
||||
current_user: UserInDB = Depends(get_current_user),
|
||||
current_user: PrivateUser = Depends(get_current_user),
|
||||
session: Session = Depends(generate_session),
|
||||
):
|
||||
""" Delete api_token from the Database """
|
||||
|
||||
@@ -3,12 +3,12 @@ from sqlalchemy.orm.session import Session
|
||||
|
||||
from mealie.core import security
|
||||
from mealie.core.dependencies import get_current_user
|
||||
from mealie.core.security import get_password_hash
|
||||
from mealie.core.security import hash_password
|
||||
from mealie.db.database import db
|
||||
from mealie.db.db_setup import generate_session
|
||||
from mealie.routes.routers import AdminAPIRouter, UserAPIRouter
|
||||
from mealie.routes.users._helpers import assert_user_change_allowed
|
||||
from mealie.schema.user import UserBase, UserIn, UserInDB, UserOut
|
||||
from mealie.schema.user import UserBase, UserIn, PrivateUser, UserOut
|
||||
from mealie.services.events import create_user_event
|
||||
|
||||
user_router = UserAPIRouter(prefix="")
|
||||
@@ -24,22 +24,20 @@ async def get_all_users(session: Session = Depends(generate_session)):
|
||||
async def create_user(
|
||||
background_tasks: BackgroundTasks,
|
||||
new_user: UserIn,
|
||||
current_user: UserInDB = Depends(get_current_user),
|
||||
current_user: PrivateUser = Depends(get_current_user),
|
||||
session: Session = Depends(generate_session),
|
||||
):
|
||||
|
||||
new_user.password = get_password_hash(new_user.password)
|
||||
new_user.password = hash_password(new_user.password)
|
||||
background_tasks.add_task(
|
||||
create_user_event, "User Created", f"Created by {current_user.full_name}", session=session
|
||||
)
|
||||
|
||||
return db.users.create(session, new_user.dict())
|
||||
|
||||
|
||||
@admin_router.get("/{id}", response_model=UserOut)
|
||||
async def get_user(
|
||||
id: int,
|
||||
session: Session = Depends(generate_session),
|
||||
):
|
||||
async def get_user(id: int, session: Session = Depends(generate_session)):
|
||||
return db.users.get(session, id)
|
||||
|
||||
|
||||
@@ -48,7 +46,7 @@ def delete_user(
|
||||
background_tasks: BackgroundTasks,
|
||||
id: int,
|
||||
session: Session = Depends(generate_session),
|
||||
current_user: UserInDB = Depends(get_current_user),
|
||||
current_user: PrivateUser = Depends(get_current_user),
|
||||
):
|
||||
""" Removes a user from the database. Must be the current user or a super user"""
|
||||
|
||||
@@ -66,7 +64,7 @@ def delete_user(
|
||||
|
||||
@user_router.get("/self", response_model=UserOut)
|
||||
async def get_logged_in_user(
|
||||
current_user: UserInDB = Depends(get_current_user),
|
||||
current_user: PrivateUser = Depends(get_current_user),
|
||||
):
|
||||
return current_user.dict()
|
||||
|
||||
@@ -75,7 +73,7 @@ async def get_logged_in_user(
|
||||
async def update_user(
|
||||
id: int,
|
||||
new_data: UserBase,
|
||||
current_user: UserInDB = Depends(get_current_user),
|
||||
current_user: PrivateUser = Depends(get_current_user),
|
||||
session: Session = Depends(generate_session),
|
||||
):
|
||||
|
||||
|
||||
@@ -6,7 +6,7 @@ from mealie.db.database import db
|
||||
from mealie.db.db_setup import generate_session
|
||||
from mealie.routes.routers import UserAPIRouter
|
||||
from mealie.routes.users._helpers import assert_user_change_allowed
|
||||
from mealie.schema.user import UserFavorites, UserInDB
|
||||
from mealie.schema.user import UserFavorites, PrivateUser
|
||||
|
||||
user_router = UserAPIRouter()
|
||||
|
||||
@@ -21,7 +21,7 @@ async def get_favorites(id: str, session: Session = Depends(generate_session)):
|
||||
@user_router.post("/{id}/favorites/{slug}")
|
||||
def add_favorite(
|
||||
slug: str,
|
||||
current_user: UserInDB = Depends(get_current_user),
|
||||
current_user: PrivateUser = Depends(get_current_user),
|
||||
session: Session = Depends(generate_session),
|
||||
):
|
||||
""" Adds a Recipe to the users favorites """
|
||||
@@ -35,7 +35,7 @@ def add_favorite(
|
||||
@user_router.delete("/{id}/favorites/{slug}")
|
||||
def remove_favorite(
|
||||
slug: str,
|
||||
current_user: UserInDB = Depends(get_current_user),
|
||||
current_user: PrivateUser = Depends(get_current_user),
|
||||
session: Session = Depends(generate_session),
|
||||
):
|
||||
""" Adds a Recipe to the users favorites """
|
||||
|
||||
@@ -8,7 +8,7 @@ from mealie.core.config import app_dirs
|
||||
from mealie.core.dependencies import get_current_user
|
||||
from mealie.routes.routers import UserAPIRouter
|
||||
from mealie.routes.users._helpers import assert_user_change_allowed
|
||||
from mealie.schema.user import UserInDB
|
||||
from mealie.schema.user import PrivateUser
|
||||
|
||||
public_router = APIRouter(prefix="", tags=["Users: Images"])
|
||||
user_router = UserAPIRouter(prefix="", tags=["Users: Images"])
|
||||
@@ -28,7 +28,7 @@ async def get_user_image(id: str):
|
||||
def update_user_image(
|
||||
id: str,
|
||||
profile_image: UploadFile = File(...),
|
||||
current_user: UserInDB = Depends(get_current_user),
|
||||
current_user: PrivateUser = Depends(get_current_user),
|
||||
):
|
||||
""" Updates a User Image """
|
||||
|
||||
|
||||
@@ -1,42 +1,25 @@
|
||||
from fastapi import Depends, HTTPException, status
|
||||
from fastapi import Depends
|
||||
from sqlalchemy.orm.session import Session
|
||||
|
||||
from mealie.core.config import settings
|
||||
from mealie.core.dependencies import get_current_user
|
||||
from mealie.core.security import get_password_hash, verify_password
|
||||
from mealie.core.security import hash_password
|
||||
from mealie.db.database import db
|
||||
from mealie.db.db_setup import generate_session
|
||||
from mealie.routes.routers import UserAPIRouter
|
||||
from mealie.routes.users._helpers import assert_user_change_allowed
|
||||
from mealie.schema.user import ChangePassword, UserInDB
|
||||
from mealie.schema.user import ChangePassword
|
||||
from mealie.services.user.user_service import UserService
|
||||
|
||||
user_router = UserAPIRouter(prefix="")
|
||||
|
||||
|
||||
@user_router.put("/{id}/reset-password")
|
||||
async def reset_user_password(
|
||||
id: int,
|
||||
session: Session = Depends(generate_session),
|
||||
):
|
||||
|
||||
new_password = get_password_hash(settings.DEFAULT_PASSWORD)
|
||||
async def reset_user_password(id: int, session: Session = Depends(generate_session)):
|
||||
new_password = hash_password(settings.DEFAULT_PASSWORD)
|
||||
db.users.update_password(session, id, new_password)
|
||||
|
||||
|
||||
@user_router.put("/{id}/password")
|
||||
def update_password(
|
||||
id: int,
|
||||
password_change: ChangePassword,
|
||||
current_user: UserInDB = Depends(get_current_user),
|
||||
session: Session = Depends(generate_session),
|
||||
):
|
||||
def update_password(password_change: ChangePassword, user_service: UserService = Depends(UserService.write_existing)):
|
||||
""" Resets the User Password"""
|
||||
|
||||
assert_user_change_allowed(id, current_user)
|
||||
match_passwords = verify_password(password_change.current_password, current_user.password)
|
||||
|
||||
if not (match_passwords):
|
||||
raise HTTPException(status.HTTP_400_BAD_REQUEST)
|
||||
|
||||
new_password = get_password_hash(password_change.new_password)
|
||||
db.users.update_password(session, id, new_password)
|
||||
return user_service.change_password(password_change)
|
||||
|
||||
@@ -4,11 +4,11 @@ from fastapi import APIRouter, BackgroundTasks, Depends, HTTPException, status
|
||||
from sqlalchemy.orm.session import Session
|
||||
|
||||
from mealie.core.dependencies import get_admin_user
|
||||
from mealie.core.security import get_password_hash
|
||||
from mealie.core.security import hash_password
|
||||
from mealie.db.database import db
|
||||
from mealie.db.db_setup import generate_session
|
||||
from mealie.routes.routers import AdminAPIRouter
|
||||
from mealie.schema.user import SignUpIn, SignUpOut, SignUpToken, UserIn, UserInDB
|
||||
from mealie.schema.user import SignUpIn, SignUpOut, SignUpToken, UserIn, PrivateUser
|
||||
from mealie.services.events import create_user_event
|
||||
|
||||
public_router = APIRouter(prefix="/sign-ups")
|
||||
@@ -16,9 +16,7 @@ admin_router = AdminAPIRouter(prefix="/sign-ups")
|
||||
|
||||
|
||||
@admin_router.get("", response_model=list[SignUpOut])
|
||||
async def get_all_open_sign_ups(
|
||||
session: Session = Depends(generate_session),
|
||||
):
|
||||
async def get_all_open_sign_ups(session: Session = Depends(generate_session)):
|
||||
""" Returns a list of open sign up links """
|
||||
|
||||
return db.sign_ups.get_all(session)
|
||||
@@ -28,7 +26,7 @@ async def get_all_open_sign_ups(
|
||||
async def create_user_sign_up_key(
|
||||
background_tasks: BackgroundTasks,
|
||||
key_data: SignUpIn,
|
||||
current_user: UserInDB = Depends(get_admin_user),
|
||||
current_user: PrivateUser = Depends(get_admin_user),
|
||||
session: Session = Depends(generate_session),
|
||||
):
|
||||
""" Generates a Random Token that a new user can sign up with """
|
||||
@@ -47,10 +45,7 @@ async def create_user_sign_up_key(
|
||||
|
||||
@public_router.post("/{token}")
|
||||
async def create_user_with_token(
|
||||
background_tasks: BackgroundTasks,
|
||||
token: str,
|
||||
new_user: UserIn,
|
||||
session: Session = Depends(generate_session),
|
||||
background_tasks: BackgroundTasks, token: str, new_user: UserIn, session: Session = Depends(generate_session)
|
||||
):
|
||||
""" Creates a user with a valid sign up token """
|
||||
|
||||
@@ -61,7 +56,7 @@ async def create_user_with_token(
|
||||
|
||||
# Create User
|
||||
new_user.admin = db_entry.admin
|
||||
new_user.password = get_password_hash(new_user.password)
|
||||
new_user.password = hash_password(new_user.password)
|
||||
db.users.create(session, new_user.dict())
|
||||
|
||||
# DeleteToken
|
||||
@@ -72,9 +67,6 @@ async def create_user_with_token(
|
||||
|
||||
|
||||
@admin_router.delete("/{token}")
|
||||
async def delete_token(
|
||||
token: str,
|
||||
session: Session = Depends(generate_session),
|
||||
):
|
||||
async def delete_token(token: str, session: Session = Depends(generate_session)):
|
||||
""" Removed a token from the database """
|
||||
db.sign_ups.delete(session, token)
|
||||
|
||||
Reference in New Issue
Block a user