feature/profile-cards (#391)

* unify format * pass variables * remove namespace * rename * group-card init * shuffle + icons * remove console.logs * token CRUD * update changelog * add profile link * consolidate mealplan to profile dashboard * update docs * add query parameter to search page * update test routes * update python depts * basic token tests Co-authored-by: hay-kot <hay-kot@pm.me>
2025-12-28 21:15:26 -05:00 · 2021-05-06 21:08:27 -08:00
parent f4384167f6
commit 95ec13161f
41 changed files with 977 additions and 449 deletions
--- a/mealie/routes/users/init.py
+++ b/mealie/routes/users/init.py
@@ -1,9 +1,10 @@
 from fastapi import APIRouter

-from . import auth, crud, sign_up
+from . import api_tokens, auth, crud, sign_up

 user_router = APIRouter()

 user_router.include_router(auth.router)
 user_router.include_router(sign_up.router)
 user_router.include_router(crud.router)
+user_router.include_router(api_tokens.router)
--- a/mealie/routes/users/api_tokens.py
+++ b/mealie/routes/users/api_tokens.py
@@ -0,0 +1,56 @@
+from datetime import timedelta
+
+from fastapi import APIRouter, HTTPException, status
+from fastapi.param_functions import Depends
+from mealie.core.security import create_access_token
+from mealie.db.database import db
+from mealie.db.db_setup import generate_session
+from mealie.routes.deps import get_current_user
+from mealie.schema.user import CreateToken, LoingLiveTokenIn, LongLiveTokenInDB, UserInDB
+from sqlalchemy.orm.session import Session
+
+router = APIRouter(prefix="/api/users", tags=["User API Tokens"])
+
+
+@router.post("/api-tokens", status_code=status.HTTP_201_CREATED)
+async def create_api_token(
+    token_name: LoingLiveTokenIn,
+    current_user: UserInDB = Depends(get_current_user),
+    session: Session = Depends(generate_session),
+):
+    """ Create api_token in the Database """
+
+    token_data = {"long_token": True, "id": current_user.id}
+
+    five_years = timedelta(1825)
+    token = create_access_token(token_data, five_years)
+
+    token_model = CreateToken(
+        name=token_name.name,
+        token=token,
+        parent_id=current_user.id,
+    )
+
+    new_token_in_db = db.api_tokens.create(session, token_model)
+
+    if new_token_in_db:
+        return {"token": token}
+
+
+@router.delete("/api-tokens/{token_id}")
+async def delete_api_token(
+    token_id: int,
+    current_user: UserInDB = Depends(get_current_user),
+    session: Session = Depends(generate_session),
+):
+    """ Delete api_token from the Database """
+    token: LongLiveTokenInDB = db.api_tokens.get(session, token_id)
+
+    if not token:
+        raise HTTPException(status.HTTP_404_NOT_FOUND, f"Could not locate token with id '{token_id}' in database")
+
+    if token.user.email == current_user.email:
+        deleted_token = db.api_tokens.delete(session, token_id)
+        return {"token_delete": deleted_token.name}
+    else:
+        raise HTTPException(status.HTTP_401_UNAUTHORIZED)