get current user from mongo

2023-10-13 22:35:04 +02:00 · 2023-10-13 22:35:04 +02:00 · 02d4257ad6
commit 02d4257ad6
parent 9184d13391
3 changed files with 12 additions and 21 deletions
--- a/app/dependencies/users_active.py
+++ b/app/dependencies/users_active.py
@ -8,22 +8,11 @@ from jose import JWTError, jwt
 from passlib.context import CryptContext

 from ..models import users, token
-
-
-fake_users = [
-    # password foo
-    {'id': 1, 'username': 'admin', 'password': '$2b$12$N.i74Kle18n5Toxhas.rVOjZreVC2WM34fCidNDyhSNgxVlbKwX7i',
-     'roles': 'Admin', 'disabled': False
-    },
-    # password bar
-    {'id': 2, 'username': 'client', 'password': '$2b$12$KUgpw1m0LF/s9NS1ZB5rRO2cA5D13MqRm56ab7ik2ixftXW/aqEyq',
-     'roles':'User', 'disabled':False}
-]
+from ..dependencies import database

 SECRET_KEY = "09d25e094faa6ca2556c818166b7a9563b93f7099f6f0f4caa6cf63b88e8d3e7"
 ALGORITHM = "HS256"

-
 pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")

 oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
@ -34,13 +23,14 @@ def verify_password(plain_password, hashed_password):
 def get_password_hash(password):
    return pwd_context.hash(password)

-def get_user(db, username: str):
-    for user in db:
-        if username == user['username']:
-            return users.UserInDB(**user)
+def get_user(username: str):
+    user_repository = users.UserRepository(database=database.database)
+    user = user_repository.find_one_by({'username': username})
+    return user

-def authenticate_user(fake_db, username: str, password: str):
-    user = get_user(fake_db, username)
+def authenticate_user(username: str, password: str):
+    
+    user = get_user(username)
    if not user:
        return False
    if not verify_password(password, user.password):
@ -71,7 +61,8 @@ async def get_current_user(token_str: Annotated[str, Depends(oauth2_scheme)]):
        token_data = token.TokenData(username=username)
    except JWTError:
        raise credentials_exception
-    user = get_user(fake_users, username=token_data.username)
+    
+    user = get_user(token_data.username)
    if user is None:
        raise credentials_exception
    return user
--- a/app/routers/token.py
+++ b/app/routers/token.py
@ -13,7 +13,7 @@ ACCESS_TOKEN_EXPIRE_MINUTES = 30
 async def login_for_access_token(
    form_data: Annotated[OAuth2PasswordRequestForm, Depends()]
 ):
-    user = users_active.authenticate_user(users_active.fake_users, form_data.username, form_data.password)
+    user = users_active.authenticate_user(form_data.username, form_data.password)
    if not user:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
--- a/app/routers/users.py
+++ b/app/routers/users.py
@ -6,7 +6,7 @@ from typing import Annotated

 router = APIRouter()

-@router.get("/users/", tags=["users"], response_model=list[users.UserOut])
+@router.get("/users", tags=["users"], response_model=list[users.UserOut])
 async def read_users(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))]):
    listUsers = []
    for fake in users_active.fake_users: