Endpoint role-checking was redundantly applied but FastAPI provides a nice abstraction mechanic...so I applied it. There should be no logical changes in this code; only simpler, cleaner ways for doing the same thing.

2024-02-08 18:05:01 -06:00 · 2024-02-08 18:05:01 -06:00 · 08e8e922fd
commit 08e8e922fd
parent 46d0eff218
11 changed files with 127 additions and 251 deletions
--- a/backend/apps/web/routers/auths.py
+++ b/backend/apps/web/routers/auths.py
@ -3,7 +3,7 @@ from fastapi import Depends, FastAPI, HTTPException, status
 from datetime import datetime, timedelta
 from typing import List, Union

-from fastapi import APIRouter
+from fastapi import APIRouter, status
 from pydantic import BaseModel
 import time
 import uuid
@ -19,7 +19,7 @@ from apps.web.models.auths import (
 )
 from apps.web.models.users import Users

-from utils.utils import get_password_hash, get_current_user, create_token
+from utils.utils import get_password_hash, get_current_user, get_admin_user, create_token
 from utils.misc import get_gravatar_url, validate_email_format
 from constants import ERROR_MESSAGES

@ -116,10 +116,10 @@ async def signin(form_data: SigninForm):
@router.post("/signup", response_model=SigninResponse)
 async def signup(request: Request, form_data: SignupForm):
    if not request.app.state.ENABLE_SIGNUP:
-        raise HTTPException(400, detail=ERROR_MESSAGES.ACCESS_PROHIBITED)
+        raise HTTPException(status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.ACCESS_PROHIBITED)

    if not validate_email_format(form_data.email.lower()):
-        raise HTTPException(400, detail=ERROR_MESSAGES.INVALID_EMAIL_FORMAT)
+        raise HTTPException(status.HTTP_400_BAD_REQUEST, detail=ERROR_MESSAGES.INVALID_EMAIL_FORMAT)

    if Users.get_user_by_email(form_data.email.lower()):
        raise HTTPException(400, detail=ERROR_MESSAGES.EMAIL_TAKEN)
@ -156,23 +156,11 @@ async def signup(request: Request, form_data: SignupForm):


@router.get("/signup/enabled", response_model=bool)
-async def get_sign_up_status(request: Request, user=Depends(get_current_user)):
-    if user.role == "admin":
-        return request.app.state.ENABLE_SIGNUP
-    else:
-        raise HTTPException(
-            status_code=status.HTTP_403_FORBIDDEN,
-            detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
-        )
+async def get_sign_up_status(request: Request, user=Depends(get_admin_user)):
+    return request.app.state.ENABLE_SIGNUP


@router.get("/signup/enabled/toggle", response_model=bool)
-async def toggle_sign_up(request: Request, user=Depends(get_current_user)):
-    if user.role == "admin":
-        request.app.state.ENABLE_SIGNUP = not request.app.state.ENABLE_SIGNUP
-        return request.app.state.ENABLE_SIGNUP
-    else:
-        raise HTTPException(
-            status_code=status.HTTP_403_FORBIDDEN,
-            detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
-        )
+async def toggle_sign_up(request: Request, user=Depends(get_admin_user)):
+    request.app.state.ENABLE_SIGNUP = not request.app.state.ENABLE_SIGNUP
+    return request.app.state.ENABLE_SIGNUP