diff --git a/sql_app/crud.py b/sql_app/crud.py index 2c53795..fe704e3 100644 --- a/sql_app/crud.py +++ b/sql_app/crud.py @@ -56,6 +56,16 @@ def create_user(db: Session, user: schemas.UserCreate): db.refresh(db_user) return db_user +def update_user_password(db: Session, user: models.User, request: schemas.UserUpdatePassword): + key = crypto.gen_new_key(request.password) + salt = key[1] + hashed_pass = key[0] + user.passwd_salt = salt + user.hashed_password = hashed_pass + db.add(user) + db.commit() + db.refresh(user) + def get_iot_entities(db: Session, skip: int = 0, limit: int = 100): return db.query(models.IotEntity).offset(skip).limit(limit).all() diff --git a/sql_app/main.py b/sql_app/main.py index de94b1d..a183260 100644 --- a/sql_app/main.py +++ b/sql_app/main.py @@ -130,24 +130,6 @@ def issue_close_door_command(command: schemas.CloseDoorRequest, return device -@app.post("/users/tkn", response_model=schemas.Token, tags=['Users']) -@app.post("/tkn", response_model=schemas.Token, tags=['Users']) -def login_for_access_token(form_data: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(get_db)): - user = auth_helper.authenticate_user(db, form_data.username, form_data.password) - if not user: - raise HTTPException( - status_code=status.HTTP_401_UNAUTHORIZED, - detail="Incorrect username or password", - headers={"WWW-Authenticate": "Bearer"}, - ) - #access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES) - access_token = auth_helper.create_access_token( - data={"sub": form_data.username}, expires_delta=timedelta(minutes=15) - ) - crud.set_user_last_token(db, form_data.username, access_token) - #crud.record_user_connection(db, user, datetime.now()) - return {"access_token": access_token, "token_type": "bearer"} - @app.get("/users/acesslist/", response_model=List[schemas.RoomOverview], tags=['Users']) def get_iot_access_list_for_user(db: Session = Depends(get_db), current_user: schemas.User = Depends(get_current_active_user)): user = crud.get_user_by_username(db, current_user.username) @@ -173,6 +155,31 @@ def get_iot_access_list_for_user(db: Session = Depends(get_db), current_user: sc #crud.record_user_connection(db, user, datetime.now()) return access_list +@app.patch("/users/updatepassword", tags=['Users']) +def change_user_password(request: schemas.UserUpdatePassword, + current_user: models.User = Depends(get_current_active_user), + db: Session = Depends(get_db)): + crud.update_user_password(db, current_user, request) + return + +@app.post("/users/tkn", response_model=schemas.Token, tags=['Users']) +@app.post("/tkn", response_model=schemas.Token, tags=['Users']) +def login_for_access_token(form_data: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(get_db)): + user = auth_helper.authenticate_user(db, form_data.username, form_data.password) + if not user: + raise HTTPException( + status_code=status.HTTP_401_UNAUTHORIZED, + detail="Incorrect username or password", + headers={"WWW-Authenticate": "Bearer"}, + ) + #access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES) + access_token = auth_helper.create_access_token( + data={"sub": form_data.username}, expires_delta=timedelta(minutes=15) + ) + crud.set_user_last_token(db, form_data.username, access_token) + #crud.record_user_connection(db, user, datetime.now()) + return {"access_token": access_token, "token_type": "bearer"} + @app.get("/admin/users/", response_model=List[schemas.User], tags=['Admin']) def read_users(skip: int = 0, limit: int = 100, db: Session = Depends(get_db)): users = crud.get_users(db, skip=skip, limit=limit) diff --git a/sql_app/schemas.py b/sql_app/schemas.py index 5db9c40..d152f88 100644 --- a/sql_app/schemas.py +++ b/sql_app/schemas.py @@ -60,6 +60,9 @@ class UserAllowForIotEntityRequestByUsername(BaseModel): username: str description: str +class UserUpdatePassword(BaseModel): + password: str + class OpenDoorRequestBase(BaseModel): username: str bluetooth_mac: str @@ -74,8 +77,6 @@ class IotDoorPollingRequest(BaseModel): bluetooth_mac : str state: int token : str - class Config: - orm_mode = True class IotDoorPollingResponse(BaseModel): open_command : bool