114 lines
3.5 KiB
Python
114 lines
3.5 KiB
Python
from typing import Any, Dict, Optional, Union
|
|
|
|
from sqlalchemy.orm import Session
|
|
|
|
from app.core.security import get_password_hash, verify_password
|
|
from app.crud.base import CRUDBase
|
|
from app.models.user import User
|
|
from app.schemas.user import UserCreate, UserUpdate
|
|
|
|
|
|
class CRUDUser(CRUDBase[User, UserCreate, UserUpdate]):
|
|
def get_by_email(self, db: Session, *, email: str) -> Optional[User]:
|
|
return db.query(User).filter(User.email == email).first()
|
|
|
|
def create(self, db: Session, *, obj_in: UserCreate) -> User:
|
|
db_obj = User(
|
|
email=obj_in.email,
|
|
hashed_password=get_password_hash(obj_in.password),
|
|
full_name=obj_in.full_name,
|
|
role=obj_in.role,
|
|
is_active=obj_in.is_active,
|
|
is_verified=False,
|
|
is_kyc_verified=False,
|
|
is_two_factor_enabled=False,
|
|
)
|
|
db.add(db_obj)
|
|
db.commit()
|
|
db.refresh(db_obj)
|
|
return db_obj
|
|
|
|
def update(
|
|
self, db: Session, *, db_obj: User, obj_in: Union[UserUpdate, Dict[str, Any]]
|
|
) -> User:
|
|
if isinstance(obj_in, dict):
|
|
update_data = obj_in
|
|
else:
|
|
update_data = obj_in.dict(exclude_unset=True)
|
|
if "password" in update_data and update_data["password"]:
|
|
hashed_password = get_password_hash(update_data["password"])
|
|
del update_data["password"]
|
|
update_data["hashed_password"] = hashed_password
|
|
return super().update(db, db_obj=db_obj, obj_in=update_data)
|
|
|
|
def authenticate(self, db: Session, *, email: str, password: str) -> Optional[User]:
|
|
user = self.get_by_email(db, email=email)
|
|
if not user:
|
|
return None
|
|
if not verify_password(password, user.hashed_password):
|
|
return None
|
|
return user
|
|
|
|
def is_active(self, user: User) -> bool:
|
|
return user.is_active
|
|
|
|
def is_verified(self, user: User) -> bool:
|
|
return user.is_verified
|
|
|
|
def is_admin(self, user: User) -> bool:
|
|
return user.role == "admin"
|
|
|
|
def set_verified(self, db: Session, *, user: User) -> User:
|
|
user.is_verified = True
|
|
db.add(user)
|
|
db.commit()
|
|
db.refresh(user)
|
|
return user
|
|
|
|
def set_kyc_verified(self, db: Session, *, user: User) -> User:
|
|
user.is_kyc_verified = True
|
|
db.add(user)
|
|
db.commit()
|
|
db.refresh(user)
|
|
return user
|
|
|
|
def set_two_factor_secret(self, db: Session, *, user: User, secret: str) -> User:
|
|
user.two_factor_secret = secret
|
|
db.add(user)
|
|
db.commit()
|
|
db.refresh(user)
|
|
return user
|
|
|
|
def enable_two_factor(self, db: Session, *, user: User) -> User:
|
|
user.is_two_factor_enabled = True
|
|
db.add(user)
|
|
db.commit()
|
|
db.refresh(user)
|
|
return user
|
|
|
|
def disable_two_factor(self, db: Session, *, user: User) -> User:
|
|
user.is_two_factor_enabled = False
|
|
user.two_factor_secret = None
|
|
db.add(user)
|
|
db.commit()
|
|
db.refresh(user)
|
|
return user
|
|
|
|
|
|
user = CRUDUser(User)
|
|
|
|
|
|
# Aliases for convenience
|
|
get_user = user.get
|
|
get_user_by_email = user.get_by_email
|
|
create_user = user.create
|
|
update_user = user.update
|
|
authenticate_user = user.authenticate
|
|
is_active_user = user.is_active
|
|
is_verified_user = user.is_verified
|
|
is_admin_user = user.is_admin
|
|
set_user_verified = user.set_verified
|
|
set_user_kyc_verified = user.set_kyc_verified
|
|
set_user_two_factor_secret = user.set_two_factor_secret
|
|
enable_user_two_factor = user.enable_two_factor
|
|
disable_user_two_factor = user.disable_two_factor |