Merge pull request #97 from shinonomeow/shino_aio

fix: fix login error

Author: shinonomeow

backend/README.md

@@ -22,37 +22,15 @@
 @router.post("/login", response_model=dict)
 async def login(response: Response, form_data=Depends(OAuth2PasswordRequestForm)):
     user = User(username=form_data.username, password=form_data.password)
-
-    from module.database import Database
-
-    with Database() as db:
-        try:
-            stored_user = db.user.get_user(user.username)
-        except HTTPException:
-            resp = ResponseModel(
-                status_code=401,
-                status=False,
-                msg_en="User not found",
-                msg_zh="用户不存在",
-            )
-        else:
-            if not verify_password(user.password, stored_user.password):
-                resp = ResponseModel(
-                    status_code=401,
-                    status=False,
-                    msg_en="Incorrect password",
-                    msg_zh="密码错误",
-                )
-            else:
-                active_user.append(user.username)
-                resp = ResponseModel(
-                    status_code=200,
-                    status=True,
-                    msg_en="Login successfully",
-                    msg_zh="登录成功",
-                )
-
-    if resp.status:
+    resp = auth_user(user)
+    if not resp:
+        resp = ResponseModel(
+            status_code=401,
+            status=False,
+            msg_en="Incorrect username or password",
+            msg_zh="用户名或密码错误",
+        )
+    else:
         token = create_access_token(
             data={"sub": user.username}, expires_delta=timedelta(days=1)
         )

backend/src/module/api/auth.py

@@ -55,6 +55,7 @@ def setup_logger(level: int = logging.INFO, reset: bool = False):
         "hpack.hpack",
         "passlib",
         "multipart",
+        "multipart.multipart",
     ]
     for logger_name in loggers_to_silence:
         logger = logging.getLogger(logger_name)

backend/src/module/conf/log.py

@@ -13,14 +13,14 @@ class UserDatabase:
     def __init__(self, session: Session):
         self.session = session
 
-    def get_user(self, username):
+    def get_user(self, username) -> User | None:
         statement = select(User).where(User.username == username)
         result = self.session.exec(statement).first()
-        if not result:
-            raise HTTPException(status_code=404, detail="User not found")
+        # if not result:
+        #     raise HTTPException(status_code=404, detail="User not found")
         return result
 
-    def auth_user(self, user: User):
+    def auth_user(self, user: User) -> bool:
         statement = select(User).where(User.username == user.username)
         result = self.session.exec(statement).first()
         if not result:

backend/src/module/database/user.py

@@ -4,7 +4,7 @@
 from module.database import Database
 from module.models.user import User, UserUpdate
 
-from .jwt import verify_token
+from .jwt import verify_token,verify_password
 
 oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/v1/auth/login")
 
@@ -43,12 +43,18 @@ def update_user_info(user_data: UserUpdate, current_user):
         raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail=str(e))
 
 
-def auth_user(user: User):
+def auth_user(user: User)->bool:
     with Database() as db:
-        resp = db.user.auth_user(user)
-        if resp:
+        resp = db.user.get_user(user.username)
+
+    if not resp:
+        return False
+    if user.username == resp.username:
+        res = verify_password(user.password, resp.password)
+        if res:
             active_user.append(user.username)
-        return resp
+        return res
+    return False
 
 
 UNAUTHORIZED = HTTPException(