修改密码 添加根据部门查询用户

dbgpt/app/apps/vadmin/auth/crud.py

@@ -177,6 +177,24 @@ class UserDal(DalBase):
         user.is_reset_password = True
         await self.flush(user)
 
+    async def update_password_id(self,  data: schemas.UpdatePwd) -> str:
+        """
+        修改密码
+        :param data:
+        :return:
+        """
+        if data.password != data.password_two:
+            raise CustomException(msg="两次密码不一致", code=400)
+        result = test_password(data.password)
+        if isinstance(result, str):
+            raise CustomException(msg=result, code=400)
+        user = await self.get_data(data.user_id, v_options=[joinedload(self.model.roles), joinedload(self.model.depts)])
+        user.password = self.model.get_password_hash(data.password)
+        user.is_reset_password = True
+        await self.flush(user)
+        return "修改密码成功"
+
+
     async def update_current_info(self, user: models.VadminUser, data: schemas.UserUpdateBaseInfo) -> Any:
         """
         更新当前用户基本信息

dbgpt/app/apps/vadmin/auth/models/user.py

@@ -40,9 +40,9 @@ class VadminUser(BaseModel):
     is_staff: Mapped[bool] = mapped_column(Boolean, default=False, comment="是否为工作人员")
     wx_server_openid: Mapped[str | None] = mapped_column(String(255), comment="服务端微信平台openid")
     is_wx_server_openid: Mapped[bool] = mapped_column(Boolean, default=False, comment="是否已有服务端微信平台openid")
-
     roles: Mapped[set[VadminRole]] = relationship(secondary=vadmin_auth_user_roles)
     depts: Mapped[set[VadminDept]] = relationship(secondary=vadmin_auth_user_depts)
+    # dept_id: VadminDept.id
     @staticmethod
     def get_password_hash(password: str) -> str:
         """

dbgpt/app/apps/vadmin/auth/params/user.py

@@ -34,6 +34,6 @@ class UserParams(QueryParams):
         self.email = ("like", email)
         self.is_active = is_active
         self.is_staff = is_staff
-        self.dept_id = dept_id
+        # self.dept_id=dept_id
 
 

dbgpt/app/apps/vadmin/auth/schemas/__init__.py

-from .user import UserOut, UserUpdate, User, UserIn, UserSimpleOut, ResetPwd, UserUpdateBaseInfo, UserPasswordOut
+from .user import UserOut, UserUpdate, User, UserIn, UserSimpleOut, ResetPwd, UserUpdateBaseInfo, UserPasswordOut, UpdatePwd
 from .role import Role, RoleOut, RoleIn, RoleOptionsOut, RoleSimpleOut
 from .menu import Menu, MenuSimpleOut, RouterOut, Meta, MenuTreeListOut
 from .dept import Dept, DeptSimpleOut, DeptTreeListOut

dbgpt/app/apps/vadmin/auth/schemas/user.py

@@ -96,3 +96,15 @@ class ResetPwd(BaseModel):
         if 'password' in info.data and v != info.data['password']:
             raise ValueError('两次密码不一致!')
         return v
+
+
+class UpdatePwd(BaseModel):
+    password: str
+    password_two: str
+    user_id: int
+
+    @field_validator('password_two')
+    def check_passwords_match(cls, v, info: FieldValidationInfo):
+        if 'password' in info.data and v != info.data['password']:
+            raise ValueError('两次密码不一致!')
+        return v

dbgpt/app/apps/vadmin/auth/utils/current.py

@@ -85,7 +85,7 @@ class FullAdminAuth(AuthValidation):
     async def __call__(
         self,
         request: Request,
-        token: str = Cookie(None),
+        token: str = Depends(settings.oauth2_scheme),  #Cookie(None),
         db: AsyncSession = Depends(db_getter)
     ) -> Auth:
         """

dbgpt/app/apps/vadmin/auth/utils/login.py

@@ -42,28 +42,28 @@ import jwt
 router = APIRouter()
 
 
-@router.post("/api/login", summary="API 手机号密码登录", description="Swagger API 文档登录认证")
-async def api_login_for_access_token(
-    request: Request,
-    data: OAuth2PasswordRequestForm = Depends(),
-    db: AsyncSession = Depends(db_getter)
-):
-    user = await UserDal(db).get_data(telephone=data.username, v_return_none=True)
-    error_code = status.HTTP_401_UNAUTHORIZED
-    if not user:
-        raise CustomException(status_code=error_code, code=error_code, msg="该手机号不存在")
-    result = VadminUser.verify_password(data.password, user.password)
-    if not result:
-        raise CustomException(status_code=error_code, code=error_code, msg="手机号或密码错误")
-    if not user.is_active:
-        raise CustomException(status_code=error_code, code=error_code, msg="此手机号已被冻结")
-    elif not user.is_staff:
-        raise CustomException(status_code=error_code, code=error_code, msg="此手机号无权限")
-    access_token = LoginManage.create_token({"sub": user.telephone, "password": user.password})
-    record = LoginForm(platform='2', method='0', telephone=data.username, password=data.password)
-    resp = {"access_token": access_token, "token_type": "bearer"}
-    # await VadminLoginRecord.create_login_record(db, record, True, request, resp)
-    return resp
+# @router.post("/api/login", summary="API 手机号密码登录", description="Swagger API 文档登录认证")
+# async def api_login_for_access_token(
+#     request: Request,
+#     data: OAuth2PasswordRequestForm = Depends(),
+#     db: AsyncSession = Depends(db_getter)
+# ):
+#     user = await UserDal(db).get_data(telephone=data.username, v_return_none=True)
+#     error_code = status.HTTP_401_UNAUTHORIZED
+#     if not user:
+#         raise CustomException(status_code=error_code, code=error_code, msg="该手机号不存在")
+#     result = VadminUser.verify_password(data.password, user.password)
+#     if not result:
+#         raise CustomException(status_code=error_code, code=error_code, msg="手机号或密码错误")
+#     if not user.is_active:
+#         raise CustomException(status_code=error_code, code=error_code, msg="此手机号已被冻结")
+#     elif not user.is_staff:
+#         raise CustomException(status_code=error_code, code=error_code, msg="此手机号无权限")
+#     access_token = LoginManage.create_token({"sub": user.telephone, "password": user.password})
+#     record = LoginForm(platform='2', method='0', telephone=data.username, password=data.password)
+#     resp = {"access_token": access_token, "token_type": "bearer"}
+#     # await VadminLoginRecord.create_login_record(db, record, True, request, resp)
+#     return resp
 
 @router.post("/login", summary="手机号密码登录", description="员工登录通道，限制最多输错次数，达到最大值后将is_active=False")
 async def login_for_access_token(
@@ -99,8 +99,13 @@ async def login_for_access_token(
             "is_reset_password": result.user.is_reset_password,
             "is_wx_server_openid": result.user.is_wx_server_openid
         }
-        response = JSONResponse(resp)
-        response.set_cookie(key="token", value=access_token ,domain="")
+        result = {
+            "code": 200,
+            "message": "登录成功",
+            "data": resp
+        }
+        response = JSONResponse(result)
+        response.set_cookie(key="token", value=access_token)
        # await VadminLoginRecord.create_login_record(db, data, True, request, resp)
         return response
     except ValueError as e:
@@ -139,6 +144,13 @@ async def token_refresh(refresh: str = Body(..., title="刷新Token")):
         "refresh_token": refresh_token,
         "token_type": "bearer"
     }
-    response = JSONResponse(resp)
-    response.set_cookie(key="jwt", value=access_token, httponly=True)
+    result = {
+        "code": 200,
+        "message": "刷新成功",
+        "data": resp
+    }
+    response = JSONResponse(result)
+    response.set_cookie(key="token", value=access_token)
+
     return response
+

dbgpt/app/apps/vadmin/auth/views.py

@@ -8,7 +8,6 @@
 
 from redis.asyncio import Redis
 from fastapi import APIRouter, Depends, Body, UploadFile, Request
-from sqlalchemy.orm import joinedload
 from dbgpt.app.apps.core.database import redis_getter
 from dbgpt.app.apps.utils.response import SuccessResponse, ErrorResponse
 from . import schemas, crud, models
@@ -16,6 +15,11 @@ from dbgpt.app.apps.core.dependencies import IdList
 from dbgpt.app.apps.vadmin.auth.utils.current import AllUserAuth, FullAdminAuth, OpenAuth
 from dbgpt.app.apps.vadmin.auth.utils.validation.auth import Auth
 from .params import UserParams, RoleParams, DeptParams
+from sqlalchemy import and_
+from sqlalchemy.orm import joinedload, aliased
+from sqlalchemy.orm.strategy_options import _AbstractLoad, contains_eager
+from typing import Optional
+from dbgpt.app.apps.vadmin.auth.models import VadminUser
 
 router = APIRouter()
 
@@ -33,20 +37,29 @@ async def test(auth: Auth = Depends(OpenAuth())):
 ###########################################################
 @router.get("/users", summary="获取用户列表")
 async def get_users(
+        dept_id: Optional[int] = None,
         params: UserParams = Depends(),
         auth: Auth = Depends(FullAdminAuth(permissions=["auth.user.list"]))
 ):
     model = models.VadminUser
+    dept_alias = aliased(models.VadminDept)
+    options = [joinedload(model.roles), contains_eager(model.depts, alias=dept_alias)]
+    outer_join = [
+        [models.vadmin_auth_user_depts, models.vadmin_auth_user_depts.c.user_id == model.id],
+        [dept_alias, and_(dept_alias.id == models.vadmin_auth_user_depts.c.dept_id, dept_alias.id == dept_id)]
+    ]
+
+    if not dept_id:
         options = [joinedload(model.roles), joinedload(model.depts)]
+        outer_join = []
+
     schema = schemas.UserOut
     datas, count = await crud.UserDal(auth.db).get_datas(
         **params.dict(),
         v_options=options,
         v_schema=schema,
-        v_outer_join=[
-            [models.vadmin_auth_user_depts, params.dept_id == models.vadmin_auth_user_depts.c.dept_id],
-        ],
-        v_return_count=True
+        v_return_count=True,
+        v_join=outer_join
     )
     return SuccessResponse(datas, count=count)
 
@@ -91,6 +104,12 @@ async def user_current_reset_password(data: schemas.ResetPwd, auth: Auth = Depen
     return SuccessResponse(await crud.UserDal(auth.db).reset_current_password(auth.user, data))
 
 
+@router.post("/user/current/update/password", summary="修改用户密码")
+async def user_current_update_password(data: schemas.UpdatePwd, auth: Auth = Depends(AllUserAuth())):
+
+    return SuccessResponse(await crud.UserDal(auth.db).update_password_id(data))
+
+
 @router.post("/user/current/update/info", summary="更新当前用户基本信息")
 async def post_user_current_update_info(data: schemas.UserUpdateBaseInfo, auth: Auth = Depends(AllUserAuth())):
     return SuccessResponse(await crud.UserDal(auth.db).update_current_info(auth.user, data))