backend.im/userauthenticationservice-n5dfo1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
userauthenticationservice-n.../app/api/v1/endpoints/users.py
Automated Action aae9527254 Set up user authentication flow with FastAPI and SQLite 
- Created user model with SQLAlchemy ORM
- Implemented authentication with JWT tokens (access and refresh tokens)
- Added password hashing with bcrypt
- Created API endpoints for registration, login, and user management
- Set up Alembic for database migrations
- Added health check endpoint
- Created role-based access control (standard users and superusers)
- Added comprehensive documentation
2025-06-10 15:58:57 +00:00

217 lines
5.9 KiB
Python
Raw Blame History

from typing import Any, List
from fastapi import APIRouter, Depends, HTTPException, status
from sqlalchemy.orm import Session
from app.api.deps import get_current_active_superuser, get_current_active_user
from app.crud.user import (
create_user,
get_user,
get_user_by_email,
get_user_by_username,
get_users,
update_user,
)
from app.db.session import get_db
from app.models.user import User as UserModel
from app.schemas.user import User, UserCreate, UserUpdate
router = APIRouter()
@router.get("/", response_model=List[User])
def read_users(
db: Session = Depends(get_db),
skip: int = 0,
limit: int = 100,
current_user: UserModel = Depends(get_current_active_superuser),
) -> Any:
"""
Retrieve users.
Args:
db: Database session
skip: Number of records to skip
limit: Maximum number of records to return
current_user: Current user (must be superuser)
Returns:
List of users
"""
users = get_users(db, skip=skip, limit=limit)
return users
@router.post("/", response_model=User)
def create_new_user(
*,
db: Session = Depends(get_db),
user_in: UserCreate,
current_user: UserModel = Depends(get_current_active_superuser),
) -> Any:
"""
Create new user (superuser only).
Args:
db: Database session
user_in: User data
current_user: Current user (must be superuser)
Returns:
Created user
"""
# Check if user with this email already exists
user = get_user_by_email(db, email=user_in.email)
if user:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="A user with this email already exists",
)
# Check if user with this username already exists
user = get_user_by_username(db, username=user_in.username)
if user:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="A user with this username already exists",
)
# Create user
user = create_user(db, obj_in=user_in)
return user
@router.put("/me", response_model=User)
def update_user_me(
*,
db: Session = Depends(get_db),
user_in: UserUpdate,
current_user: UserModel = Depends(get_current_active_user),
) -> Any:
"""
Update own user.
Args:
db: Database session
user_in: User data to update
current_user: Current user
Returns:
Updated user
"""
# Check if trying to update email to one that already exists
if user_in.email is not None and user_in.email != current_user.email:
user = get_user_by_email(db, email=user_in.email)
if user:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="A user with this email already exists",
)
# Check if trying to update username to one that already exists
if user_in.username is not None and user_in.username != current_user.username:
user = get_user_by_username(db, username=user_in.username)
if user:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="A user with this username already exists",
)
# Update user
user = update_user(db, db_obj=current_user, obj_in=user_in)
return user
@router.get("/me", response_model=User)
def read_user_me(
current_user: UserModel = Depends(get_current_active_user),
) -> Any:
"""
Get current user.
Args:
current_user: Current user
Returns:
Current user
"""
return current_user
@router.get("/{user_id}", response_model=User)
def read_user_by_id(
user_id: int,
current_user: UserModel = Depends(get_current_active_user),
db: Session = Depends(get_db),
) -> Any:
"""
Get a specific user by id.
Args:
user_id: User ID
current_user: Current user
db: Database session
Returns:
User with specified ID
"""
user = get_user(db, user_id=user_id)
if user == current_user:
return user
if not current_user.is_superuser:
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="The user doesn't have enough privileges"
)
return user
@router.put("/{user_id}", response_model=User)
def update_user_by_id(
*,
db: Session = Depends(get_db),
user_id: int,
user_in: UserUpdate,
current_user: UserModel = Depends(get_current_active_superuser),
) -> Any:
"""
Update a user (superuser only).
Args:
db: Database session
user_id: User ID
user_in: User data to update
current_user: Current user (must be superuser)
Returns:
Updated user
"""
user = get_user(db, user_id=user_id)
if not user:
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND,
detail="The user with this ID does not exist",
)
# Check if trying to update email to one that already exists
if user_in.email is not None and user_in.email != user.email:
user_with_email = get_user_by_email(db, email=user_in.email)
if user_with_email:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="A user with this email already exists",
)
# Check if trying to update username to one that already exists
if user_in.username is not None and user_in.username != user.username:
user_with_username = get_user_by_username(db, username=user_in.username)
if user_with_username:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="A user with this username already exists",
)
# Update user
user = update_user(db, db_obj=user, obj_in=user_in)
return user
Reference in New Issue View Git Blame Copy Permalink