benya/Messenger
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d2dd9aa01b3b039031affd3dca57202a5c72b0a5
Messenger/app/users/router.py
benya 79baadb522
Some checks failed
CI / test (push) Failing after 22s
Details
feat(auth,privacy,web): step-by-step login, privacy settings persistence, TOTP QR, and API docs
2026-03-08 12:09:53 +03:00

167 lines
6.1 KiB
Python
Raw Blame History

from fastapi import APIRouter, Depends, HTTPException, status
from sqlalchemy.ext.asyncio import AsyncSession
from app.auth.service import get_current_user
from app.database.session import get_db
from app.users.models import User
from app.users.schemas import ContactByEmailRequest, UserProfileUpdate, UserRead, UserSearchRead
from app.users.service import (
add_contact,
block_user,
get_user_by_id,
get_user_by_email,
get_user_by_username,
list_blocked_users,
list_contacts,
has_block_relation_between_users,
remove_contact,
search_users_by_username,
unblock_user,
update_user_profile,
)
router = APIRouter(prefix="/users", tags=["users"])
@router.get("/me", response_model=UserRead)
async def read_me(current_user: User = Depends(get_current_user)) -> UserRead:
return current_user
@router.get("/search", response_model=list[UserSearchRead])
async def search_users(
query: str,
limit: int = 20,
db: AsyncSession = Depends(get_db),
current_user: User = Depends(get_current_user),
) -> list[UserSearchRead]:
if len(query.strip().lstrip("@")) < 2:
return []
users = await search_users_by_username(
db,
query=query,
limit=limit,
exclude_user_id=current_user.id,
)
return users
@router.put("/profile", response_model=UserRead)
async def update_profile(
payload: UserProfileUpdate,
db: AsyncSession = Depends(get_db),
current_user: User = Depends(get_current_user),
) -> UserRead:
if payload.username and payload.username != current_user.username:
username_owner = await get_user_by_username(db, payload.username)
if username_owner:
raise HTTPException(status_code=status.HTTP_409_CONFLICT, detail="Username already taken")
updated = await update_user_profile(
db,
current_user,
name=payload.name,
username=payload.username,
bio=payload.bio,
avatar_url=payload.avatar_url,
allow_private_messages=payload.allow_private_messages,
privacy_last_seen=payload.privacy_last_seen,
privacy_avatar=payload.privacy_avatar,
privacy_group_invites=payload.privacy_group_invites,
)
return updated
@router.get("/blocked", response_model=list[UserSearchRead])
async def read_blocked_users(
db: AsyncSession = Depends(get_db),
current_user: User = Depends(get_current_user),
) -> list[UserSearchRead]:
return await list_blocked_users(db, user_id=current_user.id)
@router.get("/contacts", response_model=list[UserSearchRead])
async def read_contacts(
db: AsyncSession = Depends(get_db),
current_user: User = Depends(get_current_user),
) -> list[UserSearchRead]:
return await list_contacts(db, user_id=current_user.id)
@router.post("/{user_id}/contacts", status_code=status.HTTP_204_NO_CONTENT)
async def add_contact_endpoint(
user_id: int,
db: AsyncSession = Depends(get_db),
current_user: User = Depends(get_current_user),
) -> None:
if user_id == current_user.id:
raise HTTPException(status_code=status.HTTP_422_UNPROCESSABLE_ENTITY, detail="Cannot add yourself")
target = await get_user_by_id(db, user_id)
if not target:
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="User not found")
is_blocked = await has_block_relation_between_users(db, user_a_id=current_user.id, user_b_id=user_id)
if is_blocked:
raise HTTPException(status_code=status.HTTP_409_CONFLICT, detail="Cannot add contact while blocked")
await add_contact(db, user_id=current_user.id, contact_user_id=user_id)
@router.post("/contacts/by-email", status_code=status.HTTP_204_NO_CONTENT)
async def add_contact_by_email_endpoint(
payload: ContactByEmailRequest,
db: AsyncSession = Depends(get_db),
current_user: User = Depends(get_current_user),
) -> None:
target = await get_user_by_email(db, payload.email)
if not target:
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="User not found")
if target.id == current_user.id:
raise HTTPException(status_code=status.HTTP_422_UNPROCESSABLE_ENTITY, detail="Cannot add yourself")
is_blocked = await has_block_relation_between_users(db, user_a_id=current_user.id, user_b_id=target.id)
if is_blocked:
raise HTTPException(status_code=status.HTTP_409_CONFLICT, detail="Cannot add contact while blocked")
await add_contact(db, user_id=current_user.id, contact_user_id=target.id)
@router.delete("/{user_id}/contacts", status_code=status.HTTP_204_NO_CONTENT)
async def remove_contact_endpoint(
user_id: int,
db: AsyncSession = Depends(get_db),
current_user: User = Depends(get_current_user),
) -> None:
if user_id == current_user.id:
return
await remove_contact(db, user_id=current_user.id, contact_user_id=user_id)
@router.post("/{user_id}/block", status_code=status.HTTP_204_NO_CONTENT)
async def block_user_endpoint(
user_id: int,
db: AsyncSession = Depends(get_db),
current_user: User = Depends(get_current_user),
) -> None:
if user_id == current_user.id:
raise HTTPException(status_code=status.HTTP_422_UNPROCESSABLE_ENTITY, detail="Cannot block yourself")
target = await get_user_by_id(db, user_id)
if not target:
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="User not found")
await block_user(db, user_id=current_user.id, blocked_user_id=user_id)
@router.delete("/{user_id}/block", status_code=status.HTTP_204_NO_CONTENT)
async def unblock_user_endpoint(
user_id: int,
db: AsyncSession = Depends(get_db),
current_user: User = Depends(get_current_user),
) -> None:
if user_id == current_user.id:
return
await unblock_user(db, user_id=current_user.id, blocked_user_id=user_id)
@router.get("/{user_id}", response_model=UserRead)
async def read_user(user_id: int, db: AsyncSession = Depends(get_db), _current_user: User = Depends(get_current_user)) -> UserRead:
user = await get_user_by_id(db, user_id)
if not user:
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="User not found")
return user
Reference in New Issue View Git Blame Copy Permalink