|
| 1 | +from fastapi import APIRouter, Depends, HTTPException, Form |
| 2 | +from passlib.hash import bcrypt |
| 3 | +from sqlalchemy.orm import Session |
| 4 | +from app.database import get_db |
| 5 | +from app.models.user import User |
| 6 | + |
| 7 | +# ✅ Define router (this line is crucial) |
| 8 | +router = APIRouter() |
| 9 | + |
| 10 | +# ✅ Create a new user |
| 11 | +@router.post("/") |
| 12 | +def create_user( |
| 13 | + name: str = Form(...), |
| 14 | + email: str = Form(...), |
| 15 | + password: str = Form(...), |
| 16 | + department: str = Form(None), |
| 17 | + role: str = Form("auditee"), |
| 18 | + manager_email: str = Form(None), |
| 19 | + db: Session = Depends(get_db), |
| 20 | +): |
| 21 | + try: |
| 22 | + if db.query(User).filter(User.email == email).first(): |
| 23 | + raise HTTPException(status_code=400, detail="Email already exists") |
| 24 | + user = User( |
| 25 | + name=name, |
| 26 | + email=email, |
| 27 | + hashed_password=bcrypt.hash(password), |
| 28 | + department=department, |
| 29 | + role=role, |
| 30 | + manager_email=manager_email, |
| 31 | + ) |
| 32 | + db.add(user) |
| 33 | + db.commit() |
| 34 | + return {"ok": True, "message": "User created successfully"} |
| 35 | + except Exception as e: |
| 36 | + return {"ok": False, "error": str(e)} |
| 37 | + |
| 38 | +# ✅ Login route |
| 39 | +@router.post("/login") |
| 40 | +def login_user( |
| 41 | + email: str = Form(...), |
| 42 | + password: str = Form(...), |
| 43 | + db: Session = Depends(get_db) |
| 44 | +): |
| 45 | + try: |
| 46 | + user = db.query(User).filter(User.email == email).first() |
| 47 | + if not user or not bcrypt.verify(password, user.hashed_password): |
| 48 | + raise HTTPException(status_code=401, detail="Invalid email or password") |
| 49 | + return { |
| 50 | + "ok": True, |
| 51 | + "message": "Login successful", |
| 52 | + "user": {"id": user.id, "name": user.name, "role": user.role}, |
| 53 | + } |
| 54 | + except Exception as e: |
| 55 | + return {"ok": False, "error": str(e)} |
| 56 | + |
| 57 | +# ✅ Get all users |
| 58 | +@router.get("/") |
| 59 | +def list_users(db: Session = Depends(get_db)): |
| 60 | + try: |
| 61 | + return db.query(User).all() |
| 62 | + except Exception as e: |
| 63 | + return {"ok": False, "error": str(e)} |
| 64 | + |
| 65 | +# ✅ Delete user |
| 66 | +@router.delete("/{user_id}") |
| 67 | +def delete_user(user_id: int, db: Session = Depends(get_db)): |
| 68 | + try: |
| 69 | + user = db.get(User, user_id) |
| 70 | + if not user: |
| 71 | + raise HTTPException(status_code=404, detail="User not found") |
| 72 | + db.delete(user) |
| 73 | + db.commit() |
| 74 | + return {"ok": True, "message": "User deleted"} |
| 75 | + except Exception as e: |
| 76 | + return {"ok": False, "error": str(e)} |
| 77 | + |
| 78 | +# ✅ Check Admin Users |
| 79 | +@router.get("/check-admin") |
| 80 | +def check_admin(db: Session = Depends(get_db)): |
| 81 | + try: |
| 82 | + users = db.query(User).all() |
| 83 | + return {"count": len(users), "users": [u.email for u in users]} |
| 84 | + except Exception as e: |
| 85 | + return {"ok": False, "error": str(e)} |
| 86 | + |
1 | 87 | # ✅ Seed Admin User (One-Time Setup) – FIXED bcrypt byte issue |
2 | 88 | @router.post("/seed-admin") |
3 | 89 | def seed_admin(db: Session = Depends(get_db)): |
|
0 commit comments