Merge branch 'refac/auth-middleware' of https://github.com/anuraagdjain/ollama-webui into refac/auth-middleware

2023-12-30 12:53:35 +02:00 · 2023-12-30 12:53:35 +02:00 · 613053e46c
commit 613053e46c
parent bdd153d8f5 39b8e4430e
13 changed files with 383 additions and 30 deletions
--- a/backend/apps/web/routers/users.py
+++ b/backend/apps/web/routers/users.py
@ -9,6 +9,8 @@ import time
 import uuid

 from apps.web.models.users import UserModel, UserRoleUpdateForm, Users
+from apps.web.models.auths import Auths
+

 from utils.utils import get_current_user
 from constants import ERROR_MESSAGES
@ -52,3 +54,42 @@ async def update_user_role(
            status_code=status.HTTP_403_FORBIDDEN,
            detail=ERROR_MESSAGES.ACTION_PROHIBITED,
        )
+
+
+############################
+# DeleteUserById
+############################
+
+
+@router.delete("/{user_id}", response_model=bool)
+async def delete_user_by_id(user_id: str, cred=Depends(bearer_scheme)):
+    token = cred.credentials
+    user = Users.get_user_by_token(token)
+
+    if user:
+        if user.role == "admin":
+            if user.id != user_id:
+                result = Auths.delete_auth_by_id(user_id)
+
+                if result:
+                    return True
+                else:
+                    raise HTTPException(
+                        status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+                        detail=ERROR_MESSAGES.DELETE_USER_ERROR,
+                    )
+            else:
+                raise HTTPException(
+                    status_code=status.HTTP_403_FORBIDDEN,
+                    detail=ERROR_MESSAGES.ACTION_PROHIBITED,
+                )
+        else:
+            raise HTTPException(
+                status_code=status.HTTP_403_FORBIDDEN,
+                detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
+            )
+    else:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail=ERROR_MESSAGES.INVALID_TOKEN,
+        )