nessi
117710cc0a
Replaced all inline error messages with the standardized `api_error` helper for consistent error response formatting. This improves clarity, maintainability, and ensures uniform error structures across the application. Updated logging for collector failures to include error class and switched to warning level for target unreachable scenarios.
41 lines
1.5 KiB
Python
41 lines
1.5 KiB
Python
from fastapi import APIRouter, Depends, HTTPException, status
|
|
from sqlalchemy.ext.asyncio import AsyncSession
|
|
from app.core.db import get_db
|
|
from app.core.deps import get_current_user
|
|
from app.core.errors import api_error
|
|
from app.core.security import hash_password, verify_password
|
|
from app.models.models import User
|
|
from app.schemas.user import UserOut, UserPasswordChange
|
|
from app.services.audit import write_audit_log
|
|
|
|
router = APIRouter()
|
|
|
|
|
|
@router.get("/me", response_model=UserOut)
|
|
async def me(user: User = Depends(get_current_user)) -> UserOut:
|
|
return UserOut.model_validate(user)
|
|
|
|
|
|
@router.post("/me/password")
|
|
async def change_password(
|
|
payload: UserPasswordChange,
|
|
user: User = Depends(get_current_user),
|
|
db: AsyncSession = Depends(get_db),
|
|
) -> dict:
|
|
if not verify_password(payload.current_password, user.password_hash):
|
|
raise HTTPException(
|
|
status_code=status.HTTP_400_BAD_REQUEST,
|
|
detail=api_error("invalid_current_password", "Current password is incorrect"),
|
|
)
|
|
|
|
if verify_password(payload.new_password, user.password_hash):
|
|
raise HTTPException(
|
|
status_code=status.HTTP_400_BAD_REQUEST,
|
|
detail=api_error("password_reuse_not_allowed", "New password must be different"),
|
|
)
|
|
|
|
user.password_hash = hash_password(payload.new_password)
|
|
await db.commit()
|
|
await write_audit_log(db, action="auth.password_change", user_id=user.id, payload={})
|
|
return {"status": "ok"}
|