zhaoxi
/
Pretor
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Pretor/pretor/api/auth.py

88 lines
3.6 KiB
Python
Raw Blame History

# Copyright 2026 zhaoxi826
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from fastapi import APIRouter
from fastapi import Depends
from pydantic import BaseModel
from pretor.utils.access import Accessor, TokenData
from fastapi.concurrency import run_in_threadpool
from pretor.utils.ray_hook import ray_actor_hook
from pretor.utils.check_user.role_check import RoleChecker
from pretor.core.database.table.user import UserAuthority
from pretor.utils.error import UserNotExistError
auth_router = APIRouter(prefix="/api/v1/auth", tags=["auth"])
class UserRegister(BaseModel):
user_name: str
password: str
@auth_router.post("/register")
async def create_user(user_register: UserRegister):
postgres_database = ray_actor_hook("postgres_database").postgres_database
hashed_password = await run_in_threadpool(Accessor.hash_password, user_register.password)
user = await postgres_database.auth_database.remote("add_user", user_register.user_name, hashed_password)
return {"message": "success", "user_id": user.user_id}
class UserLogin(BaseModel):
user_name: str
password: str
@auth_router.post("/login")
async def login_user(user_login: UserLogin):
postgres_database = ray_actor_hook("postgres_database").postgres_database
user = await postgres_database.auth_database.remote("login_user", user_login.user_name)
if not user:
raise UserNotExistError()
token = await run_in_threadpool(Accessor.login_hashed_password, user, user_login.password)
return {"message":"success", "token":token}
class ChangeAuthorityRequest(BaseModel):
user_id: str
new_authority: UserAuthority
@auth_router.put("/authority")
async def change_authority(
request: ChangeAuthorityRequest,
_: TokenData = Depends(RoleChecker(allowed_roles=UserAuthority.SUPER_ADMINISTRATOR))
):
"""
Update a user's authority level. Only accessible by SUPER_ADMINISTRATOR.
"""
postgres_database = ray_actor_hook("postgres_database").postgres_database
user = await postgres_database.auth_database.remote("change_user_authority", user_id=request.user_id, new_authority=request.new_authority)
return {"message": "success", "user_id": user.user_id, "new_authority": user.user_authority}
@auth_router.get("/list")
async def get_user_list(
_: TokenData = Depends(RoleChecker(allowed_roles=UserAuthority.SUPER_ADMINISTRATOR))
):
"""
Get a list of all users. Only accessible by SUPER_ADMINISTRATOR.
"""
postgres_database = ray_actor_hook("postgres_database").postgres_database
users = await postgres_database.auth_database.remote("get_all_users")
return {"users": [{"user_id": u.user_id, "user_name": u.user_name, "role": u.user_authority} for u in users]}
@auth_router.delete("/{user_id}")
async def delete_user(
user_id: str,
_: TokenData = Depends(RoleChecker(allowed_roles=UserAuthority.SUPER_ADMINISTRATOR))
):
"""
Delete a user. Only accessible by SUPER_ADMINISTRATOR.
"""
postgres_database = ray_actor_hook("postgres_database").postgres_database
await postgres_database.auth_database.remote("delete_user_by_id", user_id=user_id)
return {"message": "success"}
Reference in New Issue View Git Blame Copy Permalink