diff --git a/design/classes/User.yaml b/design/classes/User.yaml new file mode 100644 index 0000000..42b5f3f --- /dev/null +++ b/design/classes/User.yaml @@ -0,0 +1,13 @@ +User: + uuid: str + email: str + password: str md5() + name: str + avatar: str url + detail: str + privilege: int + functions: + - login(email, password) + - change_pwd(password, new_password) + - update(attr, new_value) + - logout() \ No newline at end of file diff --git a/design/db/mysql/Comments.yaml b/design/db/mysql/Comments.yaml new file mode 100644 index 0000000..8c0477d --- /dev/null +++ b/design/db/mysql/Comments.yaml @@ -0,0 +1,7 @@ +Comment: + uuid: str unique + uid: str foreign_key to Users + pid: foreign_key to Posts + updated_at: timestamp + created_at: timestamp + content: str \ No newline at end of file diff --git a/design/db/mysql/Posts.yaml b/design/db/mysql/Posts.yaml new file mode 100644 index 0000000..0eb6e57 --- /dev/null +++ b/design/db/mysql/Posts.yaml @@ -0,0 +1,7 @@ +Post: + uuid: str unique + title: str unique + uid: str foreign_key to Users + updated_at: timestamp + created_at: timestamp + content: str \ No newline at end of file diff --git a/design/db/mysql/Users.yaml b/design/db/mysql/Users.yaml new file mode 100644 index 0000000..56a138d --- /dev/null +++ b/design/db/mysql/Users.yaml @@ -0,0 +1,10 @@ +User: + uuid: str unique + email: str unique + password: str md5() + name: str + created_at: time_stamp + updated_at: time_stamp + avatar: str url + detail: str + privilege: int \ No newline at end of file diff --git a/main.py b/main.py index eca41db..96a59cd 100644 --- a/main.py +++ b/main.py @@ -1,10 +1,10 @@ import uvicorn from passlib.context import CryptContext -from datetime import datetime, timedelta -import jwt from fastapi import FastAPI, HTTPException, Request -from models.User import User +from models.User import * +from models.Token import * from controllers.JWT import secret_key +from starlette.responses import Response app = FastAPI() @@ -19,28 +19,35 @@ users_db = { } +@app.get("/") +async def index(request: Request, response: Response,): + cookie = request.headers.get("Cookie") + if cookie is None: + token = await generate_token("guest") + response.set_cookie("token", token) + return {"code": 200, "status": "success"} + + @app.post("/login") -async def login(user: User): +async def login(request: Request, response: Response, user: UserLogin): if user.username not in users_db: raise HTTPException(status_code=401, detail="Invalid username") stored_user = users_db[user.username] if not pwd_context.verify(user.password, stored_user["password"]): raise HTTPException(status_code=401, detail="Invalid password") token = await generate_token(user.username) - return {"access_token": token} - - -async def generate_token(username: str) -> str: - expiration = datetime.utcnow() + timedelta(minutes=30) - payload = {"username": username, "exp": expiration} - return jwt.encode(payload, secret_key, algorithm="HS256") + response.set_cookie("token", token) + return {"code": 200, "status": "success"} @app.get("/users/me") async def get_user_profile(request: Request): cookie = request.headers.get("Cookie") + token = await get_token_from_cookie(cookie) + if token is None: + raise HTTPException(status_code=401, detail="Token is required") try: - payload = jwt.decode(cookie, secret_key, algorithms=["HS256"]) + payload = jwt.decode(token, secret_key, algorithms=["HS256"]) username = payload["username"] if username not in users_db: raise HTTPException(status_code=401, detail="Invalid username") diff --git a/models/Token.py b/models/Token.py new file mode 100644 index 0000000..698e815 --- /dev/null +++ b/models/Token.py @@ -0,0 +1,19 @@ +from datetime import datetime, timedelta +from typing import Union +from controllers.JWT import secret_key +import jwt + + +async def generate_token(username: str) -> str: + expiration = datetime.utcnow() + timedelta(minutes=30) + payload = {"username": username, "exp": expiration} + return jwt.encode(payload, secret_key, algorithm="HS256") + + +async def get_token_from_cookie(cookie: str) -> Union[str, None]: + for item in cookie.split("; "): + if "token=" not in item: + continue + token = item.replace("token=", "") + return token + return None diff --git a/models/User.py b/models/User.py index 35a2129..5d24509 100644 --- a/models/User.py +++ b/models/User.py @@ -1,6 +1,6 @@ from pydantic import BaseModel -class User(BaseModel): +class UserLogin(BaseModel): username: str password: str diff --git a/test_client.py b/test_client.py index 09bc685..fe6303b 100644 --- a/test_client.py +++ b/test_client.py @@ -1,17 +1,26 @@ import requests - -url = "http://127.0.0.1/login" -data = { - "username": "admin", - "password": "admin123" -} -r = requests.post(url, json=data) -token = r.json()["access_token"] +conn = requests.Session() +url = "http://127.0.0.1" +r = conn.get(url) +# print(r.json()) +print(r.headers) +# url = "http://127.0.0.1/login" +# data = { +# "username": "admin", +# "password": "admin123" +# } +# r = requests.post(url, json=data) +# print(r.json()) +# token = r.headers.get("set-cookie") +# headers = { +# "Cookie": token +# } +# print(token) +url = "http://127.0.0.1/users/me" +token = r.headers.get('set-cookie') headers = { "Cookie": token } -print(token) -url = "http://127.0.0.1/users/me" -r = requests.get(url, headers=headers) +r = conn.get(url) print(r.text)