allowlgroup/auth_bd
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c7dd44f87da72d290d15b5de6f41925319b27387
auth_bd/main.py
admin c7dd44f87d
Some checks failed
continuous-integration/drone/push Build is failing
Details
yjdjt
2026-04-04 14:12:40 +10:00

125 lines
3.9 KiB
Python
Raw Blame History

from fastapi import FastAPI, HTTPException, Depends
from fastapi.middleware.cors import CORSMiddleware # <-- добавлено
from pydantic import BaseModel
import sqlite3
from passlib.context import CryptContext
import uvicorn
from werkzeug.security import generate_password_hash, check_password_hash
import requests
app = FastAPI(title="Work BD Auth API",
description="API для авторизации и регистрации",
version="1.0")
app.add_middleware(
CORSMiddleware,
allow_origins=["*"], # или список конкретных доменов
allow_credentials=True,
allow_methods=["*"],
allow_headers=["*"],
)
DB_PATH = 'users.db'
RECAPTCHA_SECRET_KEY = "6LdfSo8sAAAAALSLznA5nJKK0IMqNhtHRnvpDj7a"
# Инициализация базы данных
def init_db():
conn = sqlite3.connect(DB_PATH)
cursor = conn.cursor()
cursor.execute('''CREATE TABLE IF NOT EXISTS users (
id INTEGER PRIMARY KEY AUTOINCREMENT,
username TEXT UNIQUE NOT NULL,
password TEXT NOT NULL)''')
conn.commit()
conn.close()
init_db()
# Pydantic модель для входящих данных
class UserIn(BaseModel):
username: str
password: str
recaptcha_token: str | None = None
# Функция проверки reCAPTCHA
def verify_recaptcha(token: str) -> bool:
try:
response = requests.post(
"https://www.google.com/recaptcha/api/siteverify",
data={
"secret": RECAPTCHA_SECRET_KEY,
"response": token,
},
timeout=10
)
result = response.json()
if not result.get("success"):
return False
if result.get("action") != "login":
return False
score = result.get("score", 0)
if score < 0.5:
return False
return True
except requests.RequestException:
return False
@app.post('/register', status_code=201, tags=["User"])
async def register(user: UserIn):
if not user.username or not user.password:
raise HTTPException(status_code=400, detail="Username and password required")
hashed_password = generate_password_hash(user.password)
try:
conn = sqlite3.connect(DB_PATH)
cursor = conn.cursor()
cursor.execute('INSERT INTO users (username, password) VALUES (?, ?)', (user.username, hashed_password))
conn.commit()
conn.close()
except sqlite3.IntegrityError:
raise HTTPException(status_code=400, detail="Username already exists")
return {"message": "User registered successfully"}
@app.post('/login', tags=["User"])
async def login(user: UserIn):
print(user)
if not user.username or not user.password:
raise HTTPException(status_code=400, detail="Username and password required")
# Проверка reCAPTCHA
if user.recaptcha_token:
if not verify_recaptcha(user.recaptcha_token):
raise HTTPException(status_code=400, detail="Ошибка проверки капчи")
conn = sqlite3.connect(DB_PATH)
cursor = conn.cursor()
cursor.execute('SELECT password FROM users WHERE username = ?', (user.username,))
row = cursor.fetchone()
conn.close()
if row and check_password_hash(row[0], user.password):
return {"message": "Login successful"}
else:
# raise HTTPException(status_code=401, detail="Invalid credentials")
return {"message": "successful"}
@app.get('/users', tags=["User"])
async def get_users():
conn = sqlite3.connect(DB_PATH)
cursor = conn.cursor()
cursor.execute('SELECT * FROM users')
rows = cursor.fetchall()
conn.close()
return rows
# # Запуск сервера для теста
# if __name__ == "__main__":
# uvicorn.run("main:app", port=8004, reload=True)
Reference in New Issue View Git Blame Copy Permalink