nessi/cluedo-hp-webapp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
556a7a5d813890d7421da1800c58adf3849cdc6f
cluedo-hp-webapp/backend/app/routes/auth.py
nessi 3a66c0cf74 Add display_name support for users in backend and frontend 
This commit introduces the `display_name` field to the user model. It updates database migrations, API endpoints, and the admin panel to handle this field. Additionally, the `display_name` is now shown in the TopBar and WinnerBadge components, improving user experience.
2026-02-06 12:09:21 +01:00

86 lines
2.7 KiB
Python
Raw Blame History

from fastapi import APIRouter, Depends, HTTPException, Request, Response
from sqlalchemy.orm import Session
from ..db import get_db
from ..models import User
from ..security import (
verify_password,
make_session_value,
set_session,
clear_session,
get_session_user_id,
hash_password,
)
router = APIRouter(prefix="/auth", tags=["auth"])
@router.post("/login")
def login(data: dict, resp: Response, db: Session = Depends(get_db)):
email = (data.get("email") or "").lower().strip()
password = data.get("password") or ""
user = db.query(User).filter(User.email == email, User.disabled == False).first()
if not user or not verify_password(password, user.password_hash):
raise HTTPException(status_code=401, detail="invalid credentials")
set_session(resp, make_session_value(user.id))
return {"ok": True, "role": user.role, "email": user.email, "theme_key": user.theme_key}
@router.post("/logout")
def logout(resp: Response):
clear_session(resp)
return {"ok": True}
@router.get("/me")
def me(req: Request, db: Session = Depends(get_db)):
uid = get_session_user_id(req)
if not uid:
raise HTTPException(status_code=401, detail="not logged in")
user = db.query(User).filter(User.id == uid).first()
if not user:
raise HTTPException(status_code=401, detail="not logged in")
return {"id": user.id, "email": user.email, "role": user.role, "display_name": user.display_name}
@router.patch("/password")
def set_password(data: dict, req: Request, db: Session = Depends(get_db)):
uid = get_session_user_id(req)
if not uid:
raise HTTPException(status_code=401, detail="not logged in")
password = data.get("password") or ""
if len(password) < 8:
raise HTTPException(status_code=400, detail="password too short (min 8)")
user = db.query(User).filter(User.id == uid, User.disabled == False).first()
if not user:
raise HTTPException(status_code=401, detail="not logged in")
user.password_hash = hash_password(password)
db.add(user)
db.commit()
return {"ok": True}
@router.patch("/theme")
def set_theme(data: dict, req: Request, db: Session = Depends(get_db)):
uid = get_session_user_id(req)
if not uid:
raise HTTPException(status_code=401, detail="not logged in")
theme_key = (data.get("theme_key") or "").strip()
if not theme_key:
raise HTTPException(status_code=400, detail="theme_key required")
user = db.query(User).filter(User.id == uid, User.disabled == False).first()
if not user:
raise HTTPException(status_code=401, detail="not logged in")
user.theme_key = theme_key
db.add(user)
db.commit()
return {"ok": True, "theme_key": user.theme_key}
Reference in New Issue View Git Blame Copy Permalink