5ead89e0cf
- Receive Evotor webhooks: POST /user/create, /user/verify, /user/token
- Create users in pending status; match to existing users by email/phone
- Send invite link via Celery notification task; user sets password at /invite
- Abstract EmailProvider/SMSProvider with ConsoleEmailProvider default
- Role-based access control: role enum on users + roles/permissions tables
- Admin panel: /admin/users (list, filter, search, paginate), user detail card
with activate/suspend/reset-password/send-invite/edit/delete actions
- Admin roles management: /admin/roles with per-role permission assignment
- Extend user profile card: role, status, Evotor ID, email confirmation badge
- Auth routes: register, login, logout, confirm-email, forgot/reset password
- Alembic migrations 0002 (full schema + new fields) and 0003 (RBAC + seeds)
- Port Pico CSS + Bootstrap Icons UI from Node.js commit (854c912)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
26 lines
826 B
Python
26 lines
826 B
Python
from fastapi import HTTPException
|
|
from fastapi.responses import RedirectResponse
|
|
from sqlalchemy.orm import Session
|
|
from starlette.requests import Request
|
|
|
|
from web.models.user import User, UserStatusEnum
|
|
|
|
|
|
def get_session_user_id(request: Request) -> int | None:
|
|
return request.session.get("user_id")
|
|
|
|
|
|
def get_current_user(request: Request, db: Session) -> User:
|
|
user_id = get_session_user_id(request)
|
|
if not user_id:
|
|
raise HTTPException(status_code=307, headers={"Location": "/login"})
|
|
user = db.get(User, user_id)
|
|
if not user or user.status == UserStatusEnum.suspended:
|
|
request.session.clear()
|
|
raise HTTPException(status_code=307, headers={"Location": "/login"})
|
|
return user
|
|
|
|
|
|
def login_redirect() -> RedirectResponse:
|
|
return RedirectResponse("/login", status_code=303)
|