init
This commit is contained in:
66
app/routers/users.py
Normal file
66
app/routers/users.py
Normal file
@@ -0,0 +1,66 @@
|
||||
from fastapi import APIRouter, Depends, HTTPException, status
|
||||
from sqlmodel import Session, select
|
||||
|
||||
from app.connection import get_session
|
||||
from app.models.user import User
|
||||
from app.schemas.user import UserRead, UserUpdate, PasswordChange
|
||||
from app.auth.dependencies import get_current_user
|
||||
from app.auth.utils import verify_password, hash_password
|
||||
|
||||
router = APIRouter(prefix="/users", tags=["Users"])
|
||||
|
||||
|
||||
@router.get("/me", response_model=UserRead)
|
||||
def get_me(current_user: User = Depends(get_current_user)) -> User:
|
||||
return current_user
|
||||
|
||||
|
||||
@router.get("/", response_model=list[UserRead])
|
||||
def list_users(
|
||||
session: Session = Depends(get_session),
|
||||
current_user: User = Depends(get_current_user),
|
||||
) -> list[User]:
|
||||
return list(session.exec(select(User)).all())
|
||||
|
||||
|
||||
@router.get("/{user_id}", response_model=UserRead)
|
||||
def get_user(
|
||||
user_id: int,
|
||||
session: Session = Depends(get_session),
|
||||
current_user: User = Depends(get_current_user),
|
||||
) -> User:
|
||||
user = session.get(User, user_id)
|
||||
if not user:
|
||||
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Пользователь не найден")
|
||||
return user
|
||||
|
||||
|
||||
@router.patch("/me", response_model=UserRead)
|
||||
def update_me(
|
||||
data: UserUpdate,
|
||||
session: Session = Depends(get_session),
|
||||
current_user: User = Depends(get_current_user),
|
||||
) -> User:
|
||||
for field, value in data.model_dump(exclude_unset=True).items():
|
||||
setattr(current_user, field, value)
|
||||
session.add(current_user)
|
||||
session.commit()
|
||||
session.refresh(current_user)
|
||||
return current_user
|
||||
|
||||
|
||||
@router.post("/me/change-password", status_code=status.HTTP_200_OK)
|
||||
def change_password(
|
||||
data: PasswordChange,
|
||||
session: Session = Depends(get_session),
|
||||
current_user: User = Depends(get_current_user),
|
||||
) -> dict:
|
||||
if not verify_password(data.old_password, current_user.hashed_password):
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_400_BAD_REQUEST,
|
||||
detail="Неверный старый пароль",
|
||||
)
|
||||
current_user.hashed_password = hash_password(data.new_password)
|
||||
session.add(current_user)
|
||||
session.commit()
|
||||
return {"detail": "Пароль успешно изменён"}
|
||||
Reference in New Issue
Block a user