From 392dee864066d0b3059214d54600a703a19435b6 Mon Sep 17 00:00:00 2001 From: Sam Liu Date: Fri, 10 May 2024 06:31:31 +0000 Subject: [PATCH] build seeder --- fuware/core/security/__init__.py | 1 + fuware/db/init_db.py | 6 +++++- fuware/db/seeder.py | 28 ++++++++++++++++++++++++++++ fuware/routes/auth/auth.py | 22 ++++++++++++---------- fuware/ultis.py | 23 ----------------------- 5 files changed, 46 insertions(+), 34 deletions(-) create mode 100644 fuware/db/seeder.py delete mode 100644 fuware/ultis.py diff --git a/fuware/core/security/__init__.py b/fuware/core/security/__init__.py index e69de29..040aee3 100644 --- a/fuware/core/security/__init__.py +++ b/fuware/core/security/__init__.py @@ -0,0 +1 @@ +from .hasher import get_hasher diff --git a/fuware/db/init_db.py b/fuware/db/init_db.py index edd9484..548a42f 100644 --- a/fuware/db/init_db.py +++ b/fuware/db/init_db.py @@ -1,5 +1,9 @@ from db_setup import engine +from fuware.db.seeder import initialize_table from models._model_base import Model -from models.users import * +from sqlalchemy import event +from models.users import User + +event.listen(User.__table__, 'after_create', initialize_table) Model.metadata.create_all(bind=engine) diff --git a/fuware/db/seeder.py b/fuware/db/seeder.py new file mode 100644 index 0000000..1e28774 --- /dev/null +++ b/fuware/db/seeder.py @@ -0,0 +1,28 @@ +from fuware.core.security import get_hasher + +hasher = get_hasher() + +INITIAL_DATA = { + 'users': [ + { + 'username': 'sam', + 'password': hasher.hash('admin'), + 'name': 'Sam', + 'is_admin': 1, + 'is_lock': 0, + }, + { + 'username': 'sam1', + 'password': hasher.hash('admin'), + 'name': 'Sam1', + 'is_admin': 0, + 'is_lock': 1 + }, + ] +} + +# This method receives a table, a connection and inserts data to that table. +def initialize_table(target, connection, **kwargs): + tablename = str(target) + if tablename in INITIAL_DATA and len(INITIAL_DATA[tablename]) > 0: + connection.execute(target.insert(), INITIAL_DATA[tablename]) diff --git a/fuware/routes/auth/auth.py b/fuware/routes/auth/auth.py index 0ee809a..ec1bc90 100644 --- a/fuware/routes/auth/auth.py +++ b/fuware/routes/auth/auth.py @@ -3,6 +3,7 @@ from fastapi import APIRouter, Depends, HTTPException, Response from fastapi.encoders import jsonable_encoder from sqlalchemy.orm import Session +from fuware.core.security.hasher import get_hasher from fuware.db.db_setup import generate_session from fuware.schemas import ReturnValue, PrivateUser, UserRequest from fuware.schemas.user.user import UserCreate @@ -10,8 +11,8 @@ from fuware.services import UserService public_router = APIRouter(tags=["Users: Authentication"]) - user_service = UserService() +hasher = get_hasher() @public_router.put('/register') def register_user(user: UserCreate, db: Session = Depends(generate_session)) -> ReturnValue[Any]: @@ -22,14 +23,15 @@ def register_user(user: UserCreate, db: Session = Depends(generate_session)) -> return ReturnValue(status=200, data=jsonable_encoder(user_return)) # @public_router.post('/login', response_model=ReturnValue[PrivateUser]) -# def user_login(user: UserRequest, response: Response) -> ReturnValue[Any]: -# db_user = UserService.get_by_username(user.username) -# if not db_user: -# raise HTTPException(status_code=401, detail="Your username or password input is wrong!") - # if not verify_password(user.password, db_user.password): - # raise HTTPException(status_code=401, detail="Your username or password input is wrong!") - # if db_user.is_lock is True: - # raise HTTPException(status_code=401, detail="Your Account is banned") +@public_router.post('/login', response_model=ReturnValue[Any]) +def user_login(user: UserRequest, response: Response) -> ReturnValue[Any]: + db_user = user_service.get_by_username(username=user.username) + if not db_user: + raise HTTPException(status_code=401, detail="Your username or password input is wrong!") + if not hasher.verify(password=user.password, hashed=db_user.password): + raise HTTPException(status_code=401, detail="Your username or password input is wrong!") + if db_user.is_lock is True: + raise HTTPException(status_code=401, detail="Your Account is banned") # cookieEncode = encryptString(user.username + ',' + user.password) # response.set_cookie(key=COOKIE_KEY, value=cookieEncode.decode('utf-8')) - # return ReturnValue(status=200, data=jsonable_encoder(db_user)) + return ReturnValue(status=200, data=jsonable_encoder(db_user)) diff --git a/fuware/ultis.py b/fuware/ultis.py deleted file mode 100644 index 5604805..0000000 --- a/fuware/ultis.py +++ /dev/null @@ -1,23 +0,0 @@ -from cryptography.fernet import Fernet -from passlib.context import CryptContext -from const import SERCET_KEY - -root_path = '/api' -pwd_context = CryptContext(schemes=["sha256_crypt"], deprecated="auto") - -def root_api_path_build(path): - return root_path + path - -def encryptString(strEncode: str): - fernet = Fernet(SERCET_KEY) - return fernet.encrypt(strEncode.encode()) - -def decryptString(strDecode: str): - fernet = Fernet(SERCET_KEY) - return fernet.decrypt(strDecode).decode() - -def verify_password(plain_password, hashed_password): - return pwd_context.verify(plain_password, hashed_password) - -def get_password_hash(password): - return pwd_context.hash(password)