feat: add user settings page (change username/password) and remove public registration
This commit is contained in:
21
app/auth.py
21
app/auth.py
@@ -8,7 +8,7 @@ from sqlalchemy.orm import Session as DbSession
|
||||
|
||||
from app.config import SECRET_KEY, SESSION_COOKIE_NAME
|
||||
from app.database import get_db
|
||||
from app.models import ApiKey, User, UserSession
|
||||
from app.models import User, UserSession
|
||||
|
||||
|
||||
# ---------- Password ----------
|
||||
@@ -81,22 +81,3 @@ def redirect_if_not_logged_in(request: Request, db: DbSession) -> User | None:
|
||||
if uid is None:
|
||||
return None
|
||||
return db.query(User).filter(User.id == uid).first()
|
||||
|
||||
|
||||
# ---------- API Dependencies ----------
|
||||
|
||||
def get_current_user_api(
|
||||
request: Request,
|
||||
db: DbSession = Depends(get_db),
|
||||
) -> User:
|
||||
auth_header = request.headers.get("Authorization", "")
|
||||
if not auth_header.startswith("Bearer "):
|
||||
raise HTTPException(status_code=401, detail="Missing or invalid Authorization header")
|
||||
token = auth_header[7:]
|
||||
api_key = db.query(ApiKey).filter(ApiKey.key == token).first()
|
||||
if api_key is None:
|
||||
raise HTTPException(status_code=401, detail="Invalid API key")
|
||||
user = db.query(User).filter(User.id == api_key.user_id).first()
|
||||
if user is None:
|
||||
raise HTTPException(status_code=401, detail="User not found")
|
||||
return user
|
||||
|
||||
Reference in New Issue
Block a user