feat(auth,accounts,templates): move login/logout endpoints to accounts.api, update routers and templates\n\n- Move login/logout endpoints from users.api to accounts.api\n- Update routers to use new accounts.api for login/logout\n- Update templates to use /auth/accounts/login and /auth/accounts/logout endpoints\n- Fix imports and router registration for accounts API\n- Ensure separation of API and render routes in accounts module

ForceFledgling · ForceFledgling · commit 27ab90da3008 · 2025-07-22T03:00:17.000+05:00
diff --git a/example/apps/deps.py b/example/apps/deps.py
diff --git a/example/core/__init__.py b/example/core/__init__.py
@@ -50,7 +50,7 @@ class Config:
 
 @app.exception_handler(403)
 async def not_found(request, exc):
-    return RedirectResponse("/accounts/login", status_code=303)
+    return RedirectResponse("/auth/accounts/login", status_code=303)
     # return render_template(request=request, template_name="401.html", context={"request": request})
 
 # Класс для аутентификации
diff --git a/src/cotlette/conf/global_settings.py b/src/cotlette/conf/global_settings.py
@@ -524,11 +524,11 @@ def gettext_noop(s):
 
 AUTHENTICATION_BACKENDS = ["cotlette.contrib.auth.backends.ModelBackend"]
 
-LOGIN_URL = "/accounts/login/"
+LOGIN_URL = "/auth/accounts/login/"
 
 LOGIN_REDIRECT_URL = "/accounts/profile/"
 
-LOGOUT_REDIRECT_URL = None
+LOGOUT_REDIRECT_URL = "/auth/accounts/login/"
 
 # The number of seconds a password reset link is valid for (default: 3 days).
 PASSWORD_RESET_TIMEOUT = 60 * 60 * 24 * 3
diff --git a/src/cotlette/contrib/auth/__init__.py b/src/cotlette/contrib/auth/__init__.py
@@ -7,6 +7,7 @@
 from cotlette.contrib.auth.users import api as users_api
 from cotlette.contrib.auth.groups import api as groups_api
 from cotlette.contrib.auth.accounts import urls as accounts_urls
+from cotlette.contrib.auth.accounts import api as accounts_api
 
 # Импортируем модели для удобства
 from cotlette.contrib.auth.users.models import UserModel, User, UserCreate
@@ -28,4 +29,7 @@
     router.include_router(groups_api.router, prefix="/groups", tags=["groups"])
 # Подключаем роуты аккаунтов (регистрация, аутентификация, смена пароля)
 if hasattr(accounts_urls, 'router'):
-    router.include_router(accounts_urls.router, prefix="/accounts", tags=["accounts"])
+    router.include_router(accounts_urls.router, prefix="/auth/accounts", tags=["accounts"])
+# Подключаем роуты аккаунтов (login/logout)
+if hasattr(accounts_api, 'router'):
+    router.include_router(accounts_api.router, prefix="/auth/accounts", tags=["accounts"])
diff --git a/src/cotlette/contrib/auth/accounts/__init__.py b/src/cotlette/contrib/auth/accounts/__init__.py
@@ -1,8 +1,9 @@
 from fastapi import APIRouter
 
 from .urls import router as urls_router
-
+from .api import router as api_router
 
 router = APIRouter()
 # router.include_router(urls_router, prefix="/admin", include_in_schema=False)
-router.include_router(urls_router, prefix="/accounts", tags=["render"])
+router.include_router(urls_router, prefix="/accounts", tags=["render"])
+router.include_router(api_router, prefix="/accounts", tags=["api"])
diff --git a/src/cotlette/contrib/auth/accounts/api.py b/src/cotlette/contrib/auth/accounts/api.py
@@ -0,0 +1,40 @@
+from fastapi import APIRouter
+from starlette.responses import JSONResponse, RedirectResponse
+from cotlette.contrib.auth.users.models import UserModel
+from cotlette.contrib.auth.users.utils import check_password, generate_jwt
+
+router = APIRouter()
+
+@router.route("/login", methods=["POST"])
+async def login_user(request):
+    if 'history' in request.session and len(request.session['history']):
+        previous = request.session['history'].pop()
+    else:
+        previous = '/admin'
+
+    form = await request.form()
+    username = form["email"]
+    password = form["password"]
+
+    user = UserModel.objects.filter(email=username).first()  # type: ignore
+    if not user:
+        return RedirectResponse(previous, status_code=303)
+
+    hashed_pass = user.password_hash
+    valid_pass = await check_password(password, hashed_pass)
+    if not valid_pass:
+        return RedirectResponse(previous, status_code=303)
+
+    if previous in ('/users/login', '/users/login/', "/"):
+        previous = '/admin'
+
+    response = RedirectResponse(previous, status_code=303)
+    if valid_pass:
+        response.set_cookie('jwt', generate_jwt(user.id), httponly=True)
+    return response
+
+@router.post("/logout", response_model=None)
+def logout():
+    response = JSONResponse(content={"message": "Logout successful"})
+    response.delete_cookie("jwt")
+    return response 
diff --git a/src/cotlette/contrib/auth/groups/api.py b/src/cotlette/contrib/auth/groups/api.py
@@ -74,4 +74,4 @@ async def create_tables():
 # @router.get("/", response_model=list[User])
 # def get_users():
 #     users = UserModel.objects.all()
-#     return [User(name=user.name, age=user.age, email=user.email) for user in users]
+#     return [User(name=user.name, age=user.age, email=user.email) for user in users] 
diff --git a/src/cotlette/contrib/auth/groups/views.py b/src/cotlette/contrib/auth/groups/views.py
@@ -1,3 +1,35 @@
 from cotlette.shortcuts import render
 
 # Create your views here.
+
+# --- API ROUTES (moved from api.py) ---
+from typing import Union
+
+from fastapi import APIRouter, Depends, HTTPException, status
+from pydantic import BaseModel
+from jose import jwt, JWTError
+from datetime import timedelta, datetime
+from .models import GroupModel
+# from .utils import hash_password, generate_jwt, check_password
+
+from starlette.responses import JSONResponse, \
+    PlainTextResponse, \
+    RedirectResponse, \
+    StreamingResponse, \
+    FileResponse, \
+    HTMLResponse
+
+from fastapi.security import OAuth2PasswordBearer
+from fastapi.responses import JSONResponse
+
+router = APIRouter()
+
+# Создание таблицы при запуске приложения
+@router.on_event("startup")
+async def create_tables():
+    GroupModel.create_table()
+    owners_group = GroupModel.objects.filter(name="Owners").first()  # type: ignore
+    if not owners_group:
+        GroupModel.objects.create(name="Owners")
+
+# (Закомментированные примеры моделей и ручек оставлены для истории)
diff --git a/src/cotlette/contrib/auth/users/api.py b/src/cotlette/contrib/auth/users/api.py
@@ -39,22 +39,6 @@ class TokenData(BaseModel):
 # JWT settings
 ACCESS_TOKEN_EXPIRE_MINUTES = 30
 
-@router.on_event("startup")
-async def create_tables():
-    db.initialize()
-    UserModel.create_table()
-    existing_user = UserModel.objects.filter(email="pvenv@icloud.com").first()  # type: ignore
-    if not existing_user:
-        test_user = await create_user(UserCreate(
-            name="vova",
-            age=26,
-            email="pvenv@icloud.com",
-            password="dotvej-Fawne4-migqaw",
-            group_id=1,
-            organization="N/A organization"
-        ))
-        print('test_user', test_user)
-
 @router.route("/login", methods=["POST"])
 async def login_user(request):
     # Redirect to previous path after login
@@ -130,4 +114,4 @@ async def create_user(user: UserCreate):
 @router.get("/", response_model=list[User])
 async def get_users():
     users = await UserModel.objects.all().execute()  # type: ignore
-    return [User(name=user.name, age=user.age, email=user.email) for user in users]
+    return [User(name=user.name, age=user.age, email=user.email) for user in users] 
diff --git a/src/cotlette/contrib/auth/users/views.py b/src/cotlette/contrib/auth/users/views.py
@@ -1,3 +1,122 @@
 from cotlette.shortcuts import render
 
 # Create your views here.
+
+# --- API ROUTES (moved from api.py) ---
+from typing import Union
+
+from fastapi import APIRouter, Depends, HTTPException, status
+from pydantic import BaseModel
+from jose import jwt, JWTError
+from datetime import timedelta
+from .models import UserModel, UserCreate, User
+from .utils import hash_password, generate_jwt, check_password
+
+from starlette.responses import JSONResponse, \
+    PlainTextResponse, \
+    RedirectResponse, \
+    StreamingResponse, \
+    FileResponse, \
+    HTMLResponse
+
+from cotlette.core.database.sqlalchemy import db
+from cotlette.contrib.auth.groups.models import GroupModel
+
+ACCESS_TOKEN_EXPIRE_MINUTES = 30
+
+router = APIRouter()
+
+# Pydantic model for user login
+class UserLogin(BaseModel):
+    email: str
+    password: str
+
+# Pydantic model for token
+class Token(BaseModel):
+    access_token: str
+    token_type: str
+
+# Pydantic model for token data
+class TokenData(BaseModel):
+    email: Union[str] = None
+
+
+# JWT settings
+ACCESS_TOKEN_EXPIRE_MINUTES = 30
+
+@router.route("/login", methods=["POST"])
+async def login_user(request):
+    # Redirect to previous path after login
+    if 'history' in request.session and len(request.session['history']):
+        previous = request.session['history'].pop()
+    else:
+        previous = '/admin'
+
+    # Get form data
+    form = await request.form()
+    username = form["email"]
+    password = form["password"]
+
+    # Search for user in database
+    user = UserModel.objects.filter(email=username).first()  # type: ignore
+    if not user:
+        return RedirectResponse(previous, status_code=303)
+
+    hashed_pass = user.password_hash
+
+    # Check password
+    valid_pass = await check_password(password, hashed_pass)
+    if not valid_pass:
+        return RedirectResponse(previous, status_code=303)
+
+    if previous in ('/users/login', '/users/login/', "/"):
+        previous = '/admin'
+
+    response = RedirectResponse(previous, status_code=303)
+    if valid_pass:
+        response.set_cookie('jwt', generate_jwt(user.id), httponly=True)
+    return response
+
+
+@router.post("/logout", response_model=None)
+def logout():
+    response = JSONResponse(content={"message": "Logout successful"})
+    response.delete_cookie("jwt")
+    return response
+
+
+# Create new user (POST)
+@router.post("/", response_model=None)
+async def create_user(user: UserCreate):
+    hashed_password = await hash_password(user.password)
+    group = await GroupModel.objects.filter(id=user.group_id).first()  # type: ignore
+    
+    # Check if user doesn't exist
+    existing_user = await UserModel.objects.filter(email=user.email).first()  # type: ignore
+    if existing_user:
+        return JSONResponse(
+            status_code=400,
+            content={"message": "User with this email already exists"}
+        )
+
+    new_user = await UserModel.objects.create(
+        name=user.name,
+        age=user.age,
+        email=user.email,
+        password_hash=hashed_password,
+        group=group.id
+    )
+    return User(
+        id=new_user.id,
+        name=new_user.name,
+        age=new_user.age,
+        email=new_user.email,
+        group=new_user.group.id
+    )
+
+
+# Get all users (GET)
+@router.get("/", response_model=list[User])
+async def get_users():
+    users = await UserModel.objects.all().execute()  # type: ignore
+    return [User(name=user.name, age=user.age, email=user.email) for user in users]
diff --git a/src/cotlette/contrib/templates/401.html b/src/cotlette/contrib/templates/401.html
@@ -199,7 +199,7 @@
       <h1>Error 401: Unauthorized. But you’re still awesome!</h1>
       
       <p>
-        <a href="/accounts/login" rel="noopener">Go to the login page</a>
+        <a href="/auth/accounts/login" rel="noopener">Go to the login page</a>
       </p>
     </main>
   </body>
diff --git a/src/cotlette/contrib/templates/admin/includes/navigation-fullscreen.html b/src/cotlette/contrib/templates/admin/includes/navigation-fullscreen.html
@@ -26,13 +26,13 @@
             </a>
           </li>
           <li class="nav-item">
-            <a class="nav-link me-2" href="{{url_for('accounts/register')}}">
+            <a class="nav-link me-2" href="{{url_for('auth/accounts/register')}}">
               <i class="fas fa-user-circle opacity-6 me-1"></i>
               Sign Up
             </a>
           </li>
           <li class="nav-item">
-            <a class="nav-link me-2" href="{{url_for('accounts/login')}}">
+            <a class="nav-link me-2" href="{{url_for('auth/accounts/login')}}">
               <i class="fas fa-key opacity-6 me-1"></i>
               Sign In
             </a>
diff --git a/src/cotlette/contrib/templates/admin/includes/navigation.html b/src/cotlette/contrib/templates/admin/includes/navigation.html
@@ -18,13 +18,13 @@ <h6 class="font-weight-bolder mb-0">{{segment}}</h6>
       </div>
       <ul class="navbar-nav  justify-content-end">
           <li class="nav-item d-flex align-items-center">
-            <a href="{{url_for('accounts/login')}}" class="nav-link text-body font-weight-bold px-0">
+            <a href="{{url_for('auth/accounts/login')}}" class="nav-link text-body font-weight-bold px-0">
               <i class="fa fa-user me-sm-1"></i>
               <span class="d-sm-inline d-none me-3">Logout</span>
             </a>
           </li>
           <!-- <li class="nav-item d-flex align-items-center">
-            <a href="{{url_for('accounts/login')}}" class="nav-link text-body font-weight-bold px-0">
+            <a href="{{url_for('auth/accounts/login')}}" class="nav-link text-body font-weight-bold px-0">
               <i class="fa fa-user me-sm-1"></i>
               <span class="d-sm-inline d-none me-3">Sign In</span>
             </a>
diff --git a/src/cotlette/contrib/templates/admin/includes/sidebar.html b/src/cotlette/contrib/templates/admin/includes/sidebar.html
diff --git a/src/cotlette/contrib/templates/admin/layouts/base-fullscreen.html b/src/cotlette/contrib/templates/admin/layouts/base-fullscreen.html
diff --git a/src/cotlette/core/database/models.py b/src/cotlette/core/database/models.py
