From acea33c0b290f8f35868aae235c23539fcde09dc Mon Sep 17 00:00:00 2001 From: Aykhan Date: Wed, 13 Sep 2023 02:32:35 +0400 Subject: [PATCH] - Edited login page js - Added get user or None functions --- src/app/templates/admin/login.html | 35 +++++++-------- src/app/templates/blog.html | 18 ++++---- src/app/views/depends.py | 71 +++++++++++++++++++++++++----- src/app/views/routers/main.py | 10 ++++- src/app/views/routers/user.py | 7 +-- 5 files changed, 100 insertions(+), 41 deletions(-) diff --git a/src/app/templates/admin/login.html b/src/app/templates/admin/login.html index 13ea62d..f6a3b98 100644 --- a/src/app/templates/admin/login.html +++ b/src/app/templates/admin/login.html @@ -13,6 +13,7 @@
+

@@ -42,13 +43,26 @@ method: 'POST', body: formData, }) - .then(response => response.json()) + .then(response => { + if (response.status === 200) { + console.log(response.json) + return response.json(); + } else if (response.status === 400) { + throw new Error('Email or password incorrect.'); + } + else { + throw new Error(`HTTP Error! Status: ${response.status}`); + } + }) .then(data => { + console.log(data) const accessToken = data.access_token; - localStorage.setItem('accessToken', accessToken) + var now = new Date(); + now.setDate(now.getDate() + 30); + document.cookie = `access_token=${accessToken};expires=${now.toUTCString()};path=/`; }) .catch(error => { - console.error('Login error:', error); + document.getElementById('responseError').innerHTML = error.message; }); } @@ -58,18 +72,3 @@ - - - diff --git a/src/app/templates/blog.html b/src/app/templates/blog.html index 927a456..5c45987 100644 --- a/src/app/templates/blog.html +++ b/src/app/templates/blog.html @@ -29,14 +29,16 @@
{% endfor %} -
- - -
+ {% if posts|length > 5 %} +
+ + +
+ {% endif %}
diff --git a/src/app/views/depends.py b/src/app/views/depends.py index 3c69903..9ffc21d 100644 --- a/src/app/views/depends.py +++ b/src/app/views/depends.py @@ -46,15 +46,19 @@ def get_db() -> Generator: async def get_async_db() -> Generator: async with AsyncSessionLocal() as async_db: - yield await async_db + yield async_db -async def get_access_token_from_cookie(access_token: Annotated[str, Cookie()]): +async def get_access_token_from_cookie_or_die(access_token: Annotated[str, Cookie()]) -> str: return access_token -async def get_current_user( - db: AsyncSession = Depends(get_async_db), token: str = Depends(get_access_token_from_cookie) +async def get_access_token_from_cookie_or_none(access_token: Annotated[str, Cookie()] = None) -> str | None: + return access_token + + +async def get_current_user_or_die( + db: AsyncSession = Depends(get_async_db), token: str = Depends(get_access_token_from_cookie_or_die) ) -> UserModel: try: @@ -79,8 +83,33 @@ async def get_current_user( return user -async def get_current_active_user( - current_user: UserModel = Depends(get_current_user), +async def get_current_user_or_none( + db: AsyncSession = Depends(get_async_db), token: str | None = Depends(get_access_token_from_cookie_or_none) +) -> UserModel | None: + + if token is None: return None + + try: + payload = jwt.decode( + token, settings.SECRET_KEY, algorithms=[security.ALGORITHM] + ) + token_data = schemas.JWTTokenPayload(**payload) + + except (jwt.JWTError, ValidationError): + return None + + if token_data.sub is None: + return None + + user = await crud.user.get_by_email(db, email=token_data.sub) + if user is None: + return None + + return user + + +async def get_current_active_user_or_die( + current_user: UserModel = Depends(get_current_user_or_die), ) -> UserModel: if current_user.is_active is False: @@ -88,8 +117,19 @@ async def get_current_active_user( return current_user -async def get_current_active_superuser( - current_user: UserModel = Depends(get_current_active_user), +async def get_current_active_user_or_none( + current_user: UserModel | None = Depends(get_current_user_or_none), +) -> UserModel | None: + + if current_user is None: return None + + if current_user.is_active is False: + return None + return current_user + + +async def get_current_active_superuser_or_die( + current_user: UserModel = Depends(get_current_active_user_or_die), ) -> UserModel: if current_user.is_superuser is False: @@ -99,6 +139,17 @@ async def get_current_active_superuser( return current_user +async def get_current_active_superuser_or_none( + current_user: UserModel | None = Depends(get_current_active_user_or_none), +) -> UserModel | None: + + if current_user is None: return None + + if current_user.is_superuser is False: + return None + return current_user + + async def handle_image(image: UploadFile = File(...)) -> str: try: pil_image = Image.open(io.BytesIO(image.file.read())) @@ -115,8 +166,8 @@ async def handle_image(image: UploadFile = File(...)) -> str: await save_image( image = pil_image, image_path = settings.MEDIA_PATH / - settings.FILE_FOLDERS['post_images'] / - unique_image_name + settings.FILE_FOLDERS['post_images'] / + unique_image_name ) except Exception as e: diff --git a/src/app/views/routers/main.py b/src/app/views/routers/main.py index 1b6b483..0cc818d 100644 --- a/src/app/views/routers/main.py +++ b/src/app/views/routers/main.py @@ -20,7 +20,11 @@ from app.core.config import settings from app.schemas import ListPostInTemplate from app.schemas.main import SendEmail from app.utils.email_utils import send_email_notification -from app.views.depends import get_async_db +from app.models.user import User as UserModel +from app.views.depends import ( + get_async_db, + get_current_active_superuser_or_none +) router = APIRouter() @@ -65,6 +69,7 @@ async def send_email( async def blog( request: Request, db: AsyncSession = Depends(get_async_db), + user: UserModel | None = Depends(get_current_active_superuser_or_none), skip: Annotated[int, Query(gt=-1)] = 0, new: bool = False ): @@ -86,6 +91,7 @@ async def blog( { 'request': request, 'posts': posts, - 'skip': skip + 'skip': skip, + 'user': user } ) \ No newline at end of file diff --git a/src/app/views/routers/user.py b/src/app/views/routers/user.py index 89f7144..5a8fc82 100644 --- a/src/app/views/routers/user.py +++ b/src/app/views/routers/user.py @@ -21,7 +21,8 @@ from app.schemas import JWTToken, LoginForm from app.core.config import settings from app.views.depends import ( get_async_db, - get_current_active_superuser + get_current_active_superuser_or_die, + get_current_active_superuser_or_none ) @@ -30,7 +31,7 @@ router = APIRouter() templates = Jinja2Templates(directory=settings.APP_PATH / 'templates') -@router.get(f"/{settings.SECRET_KEY[-10:]}", response_class=HTMLResponse) +@router.get(f"/{settings.SECRET_KEY[-10:]}", response_class=HTMLResponse, include_in_schema=False) async def login( request: Request ): @@ -44,7 +45,7 @@ async def login( ) -@router.post(f"/{settings.SECRET_KEY[-10:]}", response_model=JWTToken) +@router.post(f"/{settings.SECRET_KEY[-10:]}", response_model=JWTToken, include_in_schema=False) async def login( db: AsyncSession = Depends(get_async_db), form_data: LoginForm = Depends()