Отредактированна регистрация

chat_test/app/admin/auth.py

@@ -2,7 +2,7 @@ from sqladmin.authentication import AuthenticationBackend
 from starlette.requests import Request
 
 from app.config import settings
-from app.users.auth import authenticate_user_by_username, create_access_token
+from app.users.auth import authenticate_user_by_username, create_access_token, validate_user_admin
 from app.users.dependencies import get_current_user
 
 ADMIN_ROLE = 100
@@ -32,11 +32,9 @@ class AdminAuth(AuthenticationBackend):
             return False
 
         user = await get_current_user(token)
-        if not user or user.role != ADMIN_ROLE:
-            return False
-
-        # Check the token in depth
-        return True
+        if user:
+            return await validate_user_admin(user.id)
+        return False
 
 
 authentication_backend = AdminAuth(secret_key=settings.SECRET_KEY)

chat_test/app/dao/base.py

@@ -9,9 +9,10 @@ class BaseDAO:
     @classmethod
     async def add(cls, **data):  # Метод добавляет данные в БД
         async with async_session_maker() as session:
-            query = insert(cls.model).values(**data)
-            await session.execute(query)
+            query = insert(cls.model).values(**data).returning(cls.model.id)
+            result = await session.execute(query)
             await session.commit()
+            return result.scalar()
 
     @classmethod
     async def find_one_or_none(cls, **filter_by):  # Метод проверяет наличие строки с заданными параметрами

chat_test/app/exceptions.py

@@ -64,6 +64,6 @@ class PasswordsМismatchException(BlackPhoenixException):
     detail = "Пароли не совпадают"
 
 
-class UsersIdIsTheSameException(BlackPhoenixException):
+class UserCanNotReadThisChatException(BlackPhoenixException):
     status_code = status.HTTP_409_CONFLICT
-    detail = "Айди юзеров совпадают"
+    detail = "Юзер не может читать этот чат"

chat_test/app/tasks/celery.py

@@ -8,3 +8,5 @@ celery = Celery(
     broker=f'redis://{settings.REDIS_HOST}:{settings.REDIS_PORT}',
     include=['app.tasks.tasks']
 )
+
+celery.conf.update(result_backend=f'redis://{settings.REDIS_HOST}:{settings.REDIS_PORT}')

chat_test/app/tasks/tasks.py

@@ -32,3 +32,5 @@ def send_registration_confirmation_email(
         server.login(settings.SMTP_USER, settings.SMTP_PASS)
         server.send_message(msg_content)
 
+    return confirmation_code
+

chat_test/app/users/auth.py

@@ -11,6 +11,8 @@ from app.users.models import Users
 
 pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
 
+ADMIN_ROLE = 100
+
 
 def get_password_hash(password: str) -> str:
     return pwd_context.hash(password)
@@ -57,3 +59,10 @@ async def validate_user_access_to_chat(user_id: int, chat_id: int):
     if not chat_id in user_allowed_chats:
         raise UserDontHavePermissionException
     return True
+
+
+async def validate_user_admin(user_id: int):
+    user_role = await UserDAO.get_user_role(user_id=user_id)
+    if user_role == ADMIN_ROLE:
+        return True
+    return False

chat_test/app/users/chat/router.py

@@ -1,12 +1,12 @@
 from fastapi import APIRouter, Depends, status
 
-from app.exceptions import UserDontHavePermissionException, MessageNotFoundException, UsersIdIsTheSameException
+from app.exceptions import UserDontHavePermissionException, MessageNotFoundException, UserCanNotReadThisChatException
 from app.users.chat.dao import ChatDAO
 from app.users.chat.shemas import SMessage, SLastMessages
 
 from app.users.dao import UserDAO
 from app.users.dependencies import get_current_user
-from app.users.auth import validate_user_access_to_chat
+from app.users.auth import validate_user_access_to_chat, validate_user_admin
 from app.users.models import Users
 
 router = APIRouter(
@@ -44,8 +44,7 @@ async def delete_message_from_chat(
     if get_message_sender is None:
         raise MessageNotFoundException
     if get_message_sender["user_id"] != user.id:
-        get_user_role = await UserDAO.get_user_role(user_id=user.id)
-        if not get_user_role == 1:
+        if not await validate_user_admin(user_id=user.id):
             raise UserDontHavePermissionException
     deleted_message = await ChatDAO.delete_message(message_id=message_id)
     return deleted_message
@@ -58,7 +57,7 @@ async def create_chat(
         user: Users = Depends(get_current_user)
 ):
     if user.id == user_to_exclude:
-        raise UsersIdIsTheSameException
+        raise UserCanNotReadThisChatException
     created_chat = await ChatDAO.create(user_id=user_to_exclude)
     return created_chat
 

chat_test/app/users/dao.py

@@ -1,10 +1,10 @@
-from sqlalchemy import update, select
+from sqlalchemy import update, select, insert
 from sqlalchemy.exc import SQLAlchemyError
 
 from app.dao.base import BaseDAO
 from app.database import async_session_maker
 from app.users.chat.models import UsersXChats
-from app.users.models import Users
+from app.users.models import Users, UsersVerificationCodes
 
 
 class UserDAO(BaseDAO):
@@ -41,3 +41,21 @@ class UserDAO(BaseDAO):
         async with async_session_maker() as session:
             result = await session.execute(query)
         return result.scalar()
+
+
+class UserCodesDAO(BaseDAO):
+    model = UsersVerificationCodes
+
+    @classmethod
+    async def set_user_codes(cls, user_id: int, code: str):
+        query = (insert(UsersVerificationCodes)
+                 .values(user_id=user_id, code=code, description="Код подтверждения почты")
+                 .returning(cls.model.code))
+        async with async_session_maker() as session:
+            result = await session.execute(query)
+            await session.commit()
+            return result.scalar()
+
+    @classmethod
+    async def get_user_codes(cls, user_id: int):
+        pass

chat_test/app/users/router.py

@@ -6,7 +6,7 @@ from app.exceptions import UserAlreadyExistsException, IncorrectAuthDataExceptio
     IncorrectPasswordException, PasswordsМismatchException
 from app.users.auth import get_password_hash, authenticate_user_by_email, authenticate_user_by_username, \
     create_access_token, verify_password
-from app.users.dao import UserDAO
+from app.users.dao import UserDAO, UserCodesDAO
 from app.users.dependencies import get_current_user
 from app.users.models import Users
 from app.users.schemas import SUserLogin, SUserRegister, SUser, SUserName, SUserPassword
@@ -38,7 +38,7 @@ async def register_user(response: Response, user_data: SUserRegister):
     if existing_user:
         raise UserAlreadyExistsException
     hashed_password = get_password_hash(user_data.password)
-    await UserDAO.add(
+    user_id = await UserDAO.add(
         email=user_data.email,
         hashed_password=hashed_password,
         username=user_data.username,
@@ -46,11 +46,15 @@ async def register_user(response: Response, user_data: SUserRegister):
         role=0,
         black_phoenix=False
     )
-    send_registration_confirmation_email.delay(username=user_data.username, email_to=user_data.email)
-    user = await authenticate_user_by_email(user_data.email, user_data.password)
-    access_token = create_access_token({"sub": str(user.id)})
-    response.set_cookie(key="black_phoenix_access_token", value=access_token, httponly=True)
-    return {"access_token": access_token}
+
+    result = send_registration_confirmation_email.delay(username=user_data.username, email_to=user_data.email)
+    result = result.get()
+
+    if await UserCodesDAO.set_user_codes(user_id=user_id, code=result) == result:
+        user = await authenticate_user_by_email(user_data.email, user_data.password)
+        access_token = create_access_token({"sub": str(user.id)})
+        response.set_cookie(key="black_phoenix_access_token", value=access_token, httponly=True)
+        return {"access_token": access_token}
 
 
 @router.post("/login", response_model=dict[str, str])