fastapi-session-auth/db.py at main · phiponatchi/fastapi-session-auth · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
import bcrypt


# A simplified, insecure user DB for demonstration. Use a proper DB and hash passwords.
users_db = {
    "user": {
        "id": 1,
        "password": bcrypt.hashpw("password".encode("utf-8"), bcrypt.gensalt()),
        "username": "user",
        "sessions": [],
    }
}


def get_user(username: str):
    return users_db.get(username)


def save_session(username: str, session: str):
    username, session_id = session.split(":")
    user = users_db[username]
    if not user:
        return
    user["sessions"].append(session_id)


def get_session(session: str):
    username, session_id = session.split(":")
    user = get_user(username)
    if not user:
        return None
    if session_id in user["sessions"]:
        return user


def delete_session(session: str):
    if not session:
        return None
    username, session_id = session.split(":")
    user = get_user(username)
    if not user:
        return None
    if session_id in user["sessions"]:
        user["sessions"].remove(session_id)
        return user