feat: add user settings page (change username/password) and remove public registration

This commit is contained in:
2026-07-05 22:01:24 +08:00
parent 5607485c6a
commit ae2ed2d961
12 changed files with 127 additions and 348 deletions

View File

@@ -8,7 +8,7 @@ from sqlalchemy.orm import Session as DbSession
from app.config import SECRET_KEY, SESSION_COOKIE_NAME
from app.database import get_db
from app.models import ApiKey, User, UserSession
from app.models import User, UserSession
# ---------- Password ----------
@@ -81,22 +81,3 @@ def redirect_if_not_logged_in(request: Request, db: DbSession) -> User | None:
if uid is None:
return None
return db.query(User).filter(User.id == uid).first()
# ---------- API Dependencies ----------
def get_current_user_api(
request: Request,
db: DbSession = Depends(get_db),
) -> User:
auth_header = request.headers.get("Authorization", "")
if not auth_header.startswith("Bearer "):
raise HTTPException(status_code=401, detail="Missing or invalid Authorization header")
token = auth_header[7:]
api_key = db.query(ApiKey).filter(ApiKey.key == token).first()
if api_key is None:
raise HTTPException(status_code=401, detail="Invalid API key")
user = db.query(User).filter(User.id == api_key.user_id).first()
if user is None:
raise HTTPException(status_code=401, detail="User not found")
return user