mrkrk/formaptix-server
1
0
Fork 0
mirror of https://github.com/grey-cat-1908/formaptix-server.git synced 2024-11-11 18:57:27 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
formaptix-server/routes/admin.py
grey-cat-1908 12ee0d4e7b accounts (admin && user)
2024-08-10 17:01:34 +03:00

47 lines
1.5 KiB
Python
Raw Blame History

import secrets
from fastapi import APIRouter, HTTPException
from sqlalchemy import select, delete
import database
from models import settings, user, DeleteUser
from .utils import Admin, hash_password
router = APIRouter(prefix="/admin")
@router.post("/user")
async def create_user(auth: user.Auth, admin_token: Admin):
if len(auth.username.strip()) == 0:
raise HTTPException(400, "Username must not be empty")
if len(auth.password.strip()) == 0:
raise HTTPException(400, "Password must not be empty")
if settings.disable_admin:
raise HTTPException(403, "You are not admin")
salt = secrets.token_hex(8)
async with database.sessions.begin() as session:
stmt = select(database.User).where(
database.User.username == auth.username.strip()
)
db_request = await session.execute(stmt)
user = db_request.scalar_one_or_none()
if user is not None:
raise HTTPException(400, "User with this username already exists")
new_user = database.User(
username=auth.username.strip(),
password=hash_password(auth.password.strip(), salt),
salt=salt,
)
session.add(new_user)
@router.delete("/user")
async def delete_user(user: DeleteUser, admin_token: Admin):
async with database.sessions.begin() as session:
stmt = delete(database.User).where(
database.User.username == user.username.strip()
)
await session.execute(stmt)
Reference in a new issue View git blame Copy permalink