Numerum/skill-forge
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

сделал зависимость на проверку администратора

Browse Source
This commit is contained in:
Андрей Дувакин 2025-02-09 20:58:54 +05:00
parent c31d31d721
commit ca4fc9ed4c
5 changed files with 41 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
API/app/application/users_repository.py
View File

@ -13,6 +13,9 @@ class UsersRepository:
def get_by_id(self, user_id: int): def get_by_id(self, user_id: int):
return self.db.query(User).filter(User.id == user_id).first() return self.db.query(User).filter(User.id == user_id).first()
def get_by_id_with_role(self, user_id: int):
return self.db.query(User).filter(User.id == user_id).join(User.role).first()
def get_by_login(self, login: str): def get_by_login(self, login: str):
return self.db.query(User).filter(User.login == login).first() return self.db.query(User).filter(User.login == login).first()

5
API/app/controllers/answer_files_entity.py
View File

@ -6,7 +6,7 @@ from sqlalchemy.orm import Session
from app.application.answer_files_repository import AnswerFilesRepository from app.application.answer_files_repository import AnswerFilesRepository
from app.database.dependencies import get_db from app.database.dependencies import get_db
from app.domain.entities.answer_files_entitity import AnswerFileEntity from app.domain.entities.answer_files_entitity import AnswerFileEntity
from app.infrastructure.dependencies import get_current_user from app.infrastructure.dependencies import require_admin
router = APIRouter() router = APIRouter()
@ -14,8 +14,7 @@ router = APIRouter()
@router.get("/answer_files/", response_model=List[AnswerFileEntity]) @router.get("/answer_files/", response_model=List[AnswerFileEntity])
def get_answer_files( def get_answer_files(
db: Session = Depends(get_db), db: Session = Depends(get_db),
user=Depends(get_current_user), user=Depends(require_admin),
): ):
answer_files_service = AnswerFilesRepository(db) answer_files_service = AnswerFilesRepository(db)
return answer_files_service.get_all() return answer_files_service.get_all()

3
API/app/controllers/auth_router.py
View File

@ -4,12 +4,13 @@ from sqlalchemy.orm import Session
from app.database.dependencies import get_db from app.database.dependencies import get_db
from app.domain.entities.auth_entity import AuthEntity from app.domain.entities.auth_entity import AuthEntity
from app.domain.entities.token_entity import TokenEntity
from app.infrastructure.auth_service import AuthService from app.infrastructure.auth_service import AuthService
router = APIRouter() router = APIRouter()
@router.get("/login/", response_model=dict) @router.post("/login/", response_model=TokenEntity)
def login( def login(
auth_data: AuthEntity, auth_data: AuthEntity,
db: Session = Depends(get_db) db: Session = Depends(get_db)

11
API/app/domain/entities/token_entity.py Normal file
View File

@ -0,0 +1,11 @@
from typing import Optional
from pydantic import BaseModel
class TokenEntity(BaseModel):
access_token: str
user_id: int
class Config:
from_attributes = True

40
API/app/infrastructure/dependencies.py
View File

@ -1,11 +1,12 @@
import jwt
from fastapi import Depends, HTTPException, Security from fastapi import Depends, HTTPException, Security
from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
from sqlalchemy.orm import Session import jwt
from app.domain.models.users import User
from app.settings import get_auth_data
from app.application.users_repository import UsersRepository from app.application.users_repository import UsersRepository
from app.database.dependencies import get_db from app.database.dependencies import get_db
from app.settings import get_auth_data from sqlalchemy.orm import Session
security = HTTPBearer() security = HTTPBearer()
@ -14,23 +15,28 @@ def get_current_user(
credentials: HTTPAuthorizationCredentials = Security(security), credentials: HTTPAuthorizationCredentials = Security(security),
db: Session = Depends(get_db) db: Session = Depends(get_db)
): ):
token = credentials.credentials
auth_data = get_auth_data() auth_data = get_auth_data()
try: try:
payload = jwt.decode(token, auth_data["secret_key"], algorithms=[auth_data["algorithm"]]) payload = jwt.decode(credentials.credentials, auth_data["secret_key"], algorithms=[auth_data["algorithm"]])
user_id = payload.get("user_id")
if user_id is None:
raise HTTPException(status_code=401, detail="Invalid token")
user = UsersRepository(db).get_by_id(user_id)
if user is None:
raise HTTPException(status_code=401, detail="User not found")
return user
except jwt.ExpiredSignatureError: except jwt.ExpiredSignatureError:
raise HTTPException(status_code=401, detail="Token expired") raise HTTPException(status_code=401, detail="Token has expired")
except jwt.InvalidTokenError: except jwt.InvalidTokenError:
raise HTTPException(status_code=401, detail="Invalid token") raise HTTPException(status_code=401, detail="Invalid token")
user_id = payload.get("user_id")
if user_id is None:
raise HTTPException(status_code=401, detail="Invalid token")
user = UsersRepository(db).get_by_id_with_role(user_id)
if user is None:
raise HTTPException(status_code=401, detail="User not found")
return user
def require_admin(user: User = Depends(get_current_user)):
if user.role.title != "Администратор":
raise HTTPException(status_code=403, detail="Access denied")
return user