carry/simple-rbac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修正了api路由的一些内容

Browse Source
This commit is contained in:
carry 2025-01-21 15:23:44 +08:00
parent 093f3e75e1
commit d9152e85e5
2 changed files with 41 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
routes/auth.py
View File

@ -2,7 +2,7 @@ from schemas.auth import Token
from fastapi import APIRouter from fastapi import APIRouter
router = APIRouter(prefix="/api/auth", tags=["auth"]) router = APIRouter(tags=["auth"])
@router.post("/login", response_model=Token) @router.post("/login", response_model=Token)
async def login(): async def login():

49
routes/users.py
View File

@ -1,30 +1,61 @@
from fastapi import APIRouter, Depends, HTTPException, status from fastapi import APIRouter, Depends, HTTPException, status
from fastapi.security import OAuth2PasswordBearer
from typing import List, Optional from typing import List, Optional
from models.user import User
from schemas.user import UserCreate, UserUpdate, UserResponse from schemas.user import UserCreate, UserUpdate, UserResponse
from services.auth import get_current_user from services.auth import get_current_user
router = APIRouter() router = APIRouter(tags=["users"])
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="api/auth/login")
@router.get("/", response_model=List[UserResponse]) @router.get("/", response_model=List[UserResponse])
async def get_users(): async def get_users(
page: int = 1,
limit: int = 10,
role: Optional[str] = None,
current_user: UserResponse = Depends(get_current_user)
):
if current_user.role not in ["system_admin", "admin"]:
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Only admin can access user list"
)
# 实现获取用户列表逻辑 # 实现获取用户列表逻辑
pass pass
@router.post("/", response_model=UserResponse, status_code=status.HTTP_201_CREATED) @router.post("/", response_model=UserResponse, status_code=status.HTTP_201_CREATED)
async def create_user(): async def create_user(
user_data: UserCreate,
current_user: UserResponse = Depends(get_current_user)
):
if current_user.role not in ["system_admin", "admin"]:
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Only admin can create users"
)
# 实现创建用户逻辑 # 实现创建用户逻辑
pass pass
@router.put("/{user_id}", response_model=UserResponse) @router.put("/{user_id}", response_model=UserResponse)
async def update_user(): async def update_user(
user_id: int,
user_data: UserUpdate,
current_user: UserResponse = Depends(get_current_user)
):
if current_user.role not in ["system_admin", "admin"]:
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Only admin can update users"
)
# 实现更新用户逻辑 # 实现更新用户逻辑
pass pass
@router.delete("/{user_id}", status_code=status.HTTP_204_NO_CONTENT) @router.delete("/{user_id}", status_code=status.HTTP_204_NO_CONTENT)
async def delete_user(): async def delete_user(
user_id: int,
current_user: UserResponse = Depends(get_current_user)
):
if current_user.role not in ["system_admin", "admin"]:
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Only admin can delete users"
)
# 实现删除用户逻辑 # 实现删除用户逻辑
pass pass