nocci/server-verwaltung
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
server-verwaltung/app/auth.py

77 lines
2.1 KiB
Python
Raw Permalink Normal View History

✨ feat(fleetledger): add initial implementation of FleetLedger app - introduce Dockerfile for Python environment setup - create FastAPI app with authentication and user management - implement server management features with CRUD operations - add PWA support with service worker and manifest - set up initial templates for UI components 📝 docs(fleetledger): add README for FleetLedger application - describe app features and functionalities - provide security notes and quick start guide 📦 build(fleetledger): configure Docker and docker-compose setup - define Dockerfile for application container - create docker-compose.yml for service orchestration - specify environment variables and volumes for persistence
2025-12-06 11:40:51 +00:00
from typing import Optional
from fastapi import Depends, HTTPException, Request, status
from passlib.context import CryptContext
from sqlmodel import Session, select
from .db import get_session
from .models import User
♻️ refactor(auth): remove bcrypt password length limitation - switch from bcrypt to bcrypt_sha256 to allow longer passwords - remove password_too_long function and related checks 📦 build(requirements): update bcrypt package version - add bcrypt==4.0.1 to requirements.txt for compatibility with bcrypt_sha256
2025-12-06 13:25:18 +00:00
# bcrypt_sha256 erlaubt auch längere Passwörter (hashing von SHA-256 vor bcrypt)
pwd_context = CryptContext(schemes=["bcrypt_sha256"], deprecated="auto")
✨ feat(fleetledger): add initial implementation of FleetLedger app - introduce Dockerfile for Python environment setup - create FastAPI app with authentication and user management - implement server management features with CRUD operations - add PWA support with service worker and manifest - set up initial templates for UI components 📝 docs(fleetledger): add README for FleetLedger application - describe app features and functionalities - provide security notes and quick start guide 📦 build(fleetledger): configure Docker and docker-compose setup - define Dockerfile for application container - create docker-compose.yml for service orchestration - specify environment variables and volumes for persistence
2025-12-06 11:40:51 +00:00
def hash_password(password: str) -> str:
"""Hash a password using bcrypt."""
return pwd_context.hash(password)
def verify_password(plain_password: str, hashed_password: str) -> bool:
"""Verify a password against a stored bcrypt hash."""
return pwd_context.verify(plain_password, hashed_password)
def get_current_user(
request: Request,
session: Session = Depends(get_session),
) -> Optional[User]:
"""
Retrieve the currently logged-in user based on the session cookie.
Returns None if no user is logged in or the user is inactive.
"""
user_id = request.session.get("user_id")
if not user_id:
return None
user = session.get(User, user_id)
if not user or not user.is_active:
# Clear session if the user was deactivated.
request.session.clear()
return None
return user
def require_current_user(
current_user: Optional[User] = Depends(get_current_user),
) -> User:
"""
Require an authenticated user.
If not authenticated, redirect to /login with a 303 status.
"""
if not current_user:
raise HTTPException(
status_code=status.HTTP_303_SEE_OTHER,
headers={"Location": "/login"},
)
return current_user
def require_admin(
current_user: Optional[User] = Depends(get_current_user),
) -> User:
"""
Require an authenticated admin user.
Non-authenticated users are redirected to /login.
Non-admins receive HTTP 403.
"""
if not current_user:
raise HTTPException(
status_code=status.HTTP_303_SEE_OTHER,
headers={"Location": "/login"},
)
if not current_user.is_admin:
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN)
return current_user
Reference in a new issue Copy permalink