andrei/visus-plus
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: Реализовано изменение пароля и данных пользователя

Browse Source
This commit is contained in:
Андрей Дувакин 2025-06-02 20:38:10 +05:00
parent f2c7f7c2da
commit d5fb35e266
4 changed files with 69 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
api/app/controllers/users_router.py
View File

@ -26,7 +26,7 @@ async def get_authenticated_user_data(
return await users_service.get_by_id(user.id) return await users_service.get_by_id(user.id)
@router.get( @router.post(
'/change-password/', '/change-password/',
response_model=Optional[UserEntity], response_model=Optional[UserEntity],
summary='Change password for user', summary='Change password for user',
@ -38,4 +38,20 @@ async def get_authenticated_user_data(
user=Depends(get_current_user), user=Depends(get_current_user),
): ):
users_service = UsersService(db) users_service = UsersService(db)
return await users_service.get_by_id(data.user_id, data.new_password, user.id) return await users_service.change_password(data, user.id)
@router.put(
'/{user_id}/',
response_model=Optional[UserEntity],
summary='Change first_name, last_name or patronymic',
description='Change first_name, last_name or patronymic for user',
)
async def change_user(
user_id: int,
data: UserEntity,
db: AsyncSession = Depends(get_db),
user=Depends(get_current_user),
):
users_service = UsersService(db)
return await users_service.update_user(data, user_id, user.id)

2
api/app/domain/entities/change_password.py
View File

@ -2,5 +2,7 @@ from pydantic import BaseModel
class ChangePasswordEntity(BaseModel): class ChangePasswordEntity(BaseModel):
current_password: str
user_id: int user_id: int
new_password: str new_password: str
confirm_password: str

6
api/app/domain/entities/user.py
View File

@ -4,10 +4,10 @@ from pydantic import BaseModel
class UserEntity(BaseModel): class UserEntity(BaseModel):
id: int id: Optional[int] = None
first_name: str first_name: str
last_name: str last_name: str
patronymic: Optional[str] patronymic: Optional[str] = None
login: str login: str
role_id: int role_id: Optional[int] = None

50
api/app/infrastructure/users_service.py
View File

@ -6,6 +6,7 @@ from sqlalchemy.ext.asyncio import AsyncSession
from app.application.roles_repository import RolesRepository from app.application.roles_repository import RolesRepository
from app.application.users_repository import UsersRepository from app.application.users_repository import UsersRepository
from app.domain.entities.change_password import ChangePasswordEntity
from app.domain.entities.register import RegisterEntity from app.domain.entities.register import RegisterEntity
from app.domain.entities.user import UserEntity from app.domain.entities.user import UserEntity
from app.domain.models import User from app.domain.models import User
@ -26,8 +27,8 @@ class UsersService:
return self.model_to_entity(user) return self.model_to_entity(user)
async def change_password(self, user_id: int, new_password: str, current_user_id: int) -> Optional[UserEntity]: async def change_password(self, data: ChangePasswordEntity, current_user_id: int) -> Optional[UserEntity]:
user = await self.users_repository.get_by_id(user_id) user = await self.users_repository.get_by_id(data.user_id)
if not user: if not user:
raise HTTPException( raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST, status_code=status.HTTP_400_BAD_REQUEST,
@ -35,7 +36,7 @@ class UsersService:
) )
current_user = await self.users_repository.get_by_id(current_user_id) current_user = await self.users_repository.get_by_id(current_user_id)
if not user: if not current_user:
raise HTTPException( raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST, status_code=status.HTTP_400_BAD_REQUEST,
detail='User was not found', detail='User was not found',
@ -47,7 +48,19 @@ class UsersService:
detail='Permission denied', detail='Permission denied',
) )
user.set_password(new_password) if not user.check_password(data.current_password):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail='Permission denied',
)
if data.new_password != data.confirm_password:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail='Password not matched',
)
user.set_password(data.confirm_password)
user = await self.users_repository.update(user) user = await self.users_repository.update(user)
@ -94,6 +107,35 @@ class UsersService:
role_id=created_user.role_id, role_id=created_user.role_id,
) )
async def update_user(self, user: UserEntity, user_id: int, current_user_id: int) -> Optional[UserEntity]:
user_model = await self.users_repository.get_by_id(user_id)
if not user_model:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail='User was not found',
)
current_user = await self.users_repository.get_by_id(current_user_id)
if not current_user:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail='User was not found',
)
if user.id != current_user.id and current_user.role.title != 'Администратор':
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail='Permission denied',
)
user_model.first_name = user.first_name
user_model.last_name = user.last_name
user_model.patronymic = user.patronymic
user_model = await self.users_repository.update(user_model)
return self.model_to_entity(user_model)
@staticmethod @staticmethod
def is_strong_password(password: str) -> bool: def is_strong_password(password: str) -> bool:
if len(password) < 8: if len(password) < 8: