mirror of
https://github.com/FutureOfMedTech-FITM-hack/backend.git
synced 2024-11-24 23:33:44 +03:00
added users list endpoint
This commit is contained in:
parent
bde68a5c78
commit
8ac1c37e5d
|
@ -26,7 +26,12 @@ async def get_users(
|
|||
skip: int = 0,
|
||||
limit: int = 100,
|
||||
) -> List[User] | None:
|
||||
r = await session.execute(select(UserScheme).offset(skip).limit(limit))
|
||||
r = await session.execute(
|
||||
select(UserScheme)
|
||||
.where(UserScheme.is_manager == False)
|
||||
.offset(skip)
|
||||
.limit(limit),
|
||||
)
|
||||
users = r.scalars().all()
|
||||
return users
|
||||
|
||||
|
|
|
@ -40,6 +40,7 @@ class User(UserBase):
|
|||
fullname: str | None
|
||||
hashed_password: str
|
||||
disabled: bool
|
||||
is_manager: bool
|
||||
|
||||
class Config:
|
||||
orm_mode = True
|
||||
|
|
|
@ -21,9 +21,9 @@ router = APIRouter()
|
|||
@router.post("/token", response_model=Token)
|
||||
async def login_for_access_token(
|
||||
data: UserLogin,
|
||||
db: AsyncSession = Depends(get_db_session),
|
||||
session: AsyncSession = Depends(get_db_session),
|
||||
) -> Dict[str, str]:
|
||||
user = await authenticate_user(db, data.username, data.password)
|
||||
user = await authenticate_user(session, data.username, data.password)
|
||||
if not user:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_401_UNAUTHORIZED,
|
||||
|
|
|
@ -10,8 +10,13 @@ class UserScheme(Base):
|
|||
__tablename__ = "users"
|
||||
|
||||
id: int = Column(Integer, primary_key=True, index=True)
|
||||
username: str = Column(String, unique=True, index=True)
|
||||
email: EmailStr = Column(String, unique=True, index=True)
|
||||
fullname: str = Column(String)
|
||||
username: str = Column(String, unique=True, index=True, nullable=False)
|
||||
email: EmailStr = Column(String, unique=True, index=True, nullable=False)
|
||||
fullname: str = Column(String, default="")
|
||||
hashed_password: str = Column(String)
|
||||
gender: str = Column(String, default="Не выбран")
|
||||
age: int = Column(Integer, default=0)
|
||||
latest_form_result: str = Column(String, default="ok")
|
||||
|
||||
is_manager: bool = Column(Boolean, default=False)
|
||||
disabled: bool = Column(Boolean, default=False)
|
||||
|
|
5
med_backend/users/__init__.py
Normal file
5
med_backend/users/__init__.py
Normal file
|
@ -0,0 +1,5 @@
|
|||
"""API for all user information and operations"""
|
||||
|
||||
from med_backend.users.views import router
|
||||
|
||||
__all__ = ["router"]
|
24
med_backend/users/schemas.py
Normal file
24
med_backend/users/schemas.py
Normal file
|
@ -0,0 +1,24 @@
|
|||
from pydantic import EmailStr
|
||||
|
||||
from med_backend.auth.schemas import UserBase
|
||||
|
||||
|
||||
class ExtendedUser(UserBase):
|
||||
id: int
|
||||
fullname: str
|
||||
age: int
|
||||
|
||||
|
||||
class ListUser(ExtendedUser):
|
||||
latest_form_result: str
|
||||
|
||||
class Config:
|
||||
orm_mode = True
|
||||
|
||||
|
||||
class FullUser(ListUser):
|
||||
gender: str
|
||||
email: EmailStr
|
||||
|
||||
class Config:
|
||||
orm_mode = True
|
27
med_backend/users/views.py
Normal file
27
med_backend/users/views.py
Normal file
|
@ -0,0 +1,27 @@
|
|||
from fastapi import APIRouter, Depends, HTTPException
|
||||
from sqlalchemy.ext.asyncio import AsyncSession
|
||||
from starlette import status
|
||||
|
||||
from med_backend.auth.crud import get_users
|
||||
from med_backend.auth.schemas import User
|
||||
from med_backend.auth.services import get_current_active_user
|
||||
from med_backend.db.dependencies import get_db_session
|
||||
from med_backend.users.schemas import ListUser
|
||||
|
||||
router = APIRouter()
|
||||
|
||||
|
||||
@router.get("/list", response_model=list[ListUser])
|
||||
async def get_all_users(
|
||||
skip: int = 0,
|
||||
limit: int = 100,
|
||||
current_user: User = Depends(get_current_active_user),
|
||||
session: AsyncSession = Depends(get_db_session),
|
||||
):
|
||||
if not current_user.is_manager:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_401_UNAUTHORIZED,
|
||||
detail="You are not allowed to access this info",
|
||||
)
|
||||
users = await get_users(session, skip, limit)
|
||||
return users
|
|
@ -1,9 +1,10 @@
|
|||
from fastapi.routing import APIRouter
|
||||
|
||||
from med_backend import auth
|
||||
from med_backend import auth, users
|
||||
from med_backend.web.api import echo, monitoring
|
||||
|
||||
api_router = APIRouter()
|
||||
api_router.include_router(monitoring.router)
|
||||
api_router.include_router(echo.router, prefix="/echo", tags=["echo"])
|
||||
api_router.include_router(auth.router, prefix="/auth", tags=["auth"])
|
||||
api_router.include_router(users.router, prefix="/users", tags=["users"])
|
||||
|
|
Loading…
Reference in New Issue
Block a user