ASF-Nabd/sso
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feature1

Browse Source
This commit is contained in:
mahmamdouh
2026-01-25 21:02:45 +01:00
parent 5b868a6cde
commit 01863c1df0
10 changed files with 399 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

98
backend/routers/requests.py Normal file
View File

@@ -0,0 +1,98 @@
from fastapi import APIRouter, Depends, HTTPException, status, BackgroundTasks
from sqlalchemy.orm import Session
from typing import List
from .. import database, models, schemas, auth_utils
from ..services import email
router = APIRouter(
prefix="/requests",
tags=["Access Requests"]
)
@router.post("/", response_model=schemas.AccessRequestOut)
async def create_request(request: schemas.AccessRequestCreate, background_tasks: BackgroundTasks, db: Session = Depends(database.get_db)):
# Check if user already exists
existing_user = db.query(models.User).filter(models.User.username == request.username).first()
if existing_user:
raise HTTPException(status_code=400, detail="Username already taken")
# Check if request already exists
existing_req = db.query(models.AccessRequest).filter(models.AccessRequest.username == request.username, models.AccessRequest.status == "pending").first()
if existing_req:
raise HTTPException(status_code=400, detail="Pending request already exists for this username")
hashed_password = auth_utils.get_password_hash(request.password)
db_request = models.AccessRequest(
username=request.username,
email=request.email,
hashed_password=hashed_password,
status="pending"
)
# Add requested apps
for app_id in request.app_ids:
app = db.query(models.Application).filter(models.Application.id == app_id).first()
if app:
db_request.requested_apps.append(app)
db.add(db_request)
db.commit()
db.refresh(db_request)
# Send email to user (Received)
background_tasks.add_task(email.send_request_received_email, request.email, request.username)
# Send email to admin (New Request)
background_tasks.add_task(email.send_admin_notification_email, request.username)
return db_request
@router.get("/", response_model=List[schemas.AccessRequestOut], dependencies=[Depends(auth_utils.get_current_admin_user)])
async def read_requests(skip: int = 0, limit: int = 100, db: Session = Depends(database.get_db)):
requests = db.query(models.AccessRequest).filter(models.AccessRequest.status == "pending").offset(skip).limit(limit).all()
return requests
@router.post("/{request_id}/approve", dependencies=[Depends(auth_utils.get_current_admin_user)])
async def approve_request(request_id: int, background_tasks: BackgroundTasks, db: Session = Depends(database.get_db)):
req = db.query(models.AccessRequest).filter(models.AccessRequest.id == request_id).first()
if not req:
raise HTTPException(status_code=404, detail="Request not found")
if req.status != "pending":
raise HTTPException(status_code=400, detail="Request already processed")
# Create User
new_user = models.User(
username=req.username,
email=req.email,
hashed_password=req.hashed_password,
is_active=True,
is_admin=False
)
db.add(new_user)
db.commit()
db.refresh(new_user)
# Assign Apps
for app in req.requested_apps:
assignment = models.UserApplication(user_id=new_user.id, application_id=app.id)
db.add(assignment)
req.status = "approved"
db.commit()
# Send email to user (Approved)
background_tasks.add_task(email.send_welcome_email, req.email, req.username, "********") # Don't send password again, they know it
return {"message": "Request approved and user created"}
@router.post("/{request_id}/reject", dependencies=[Depends(auth_utils.get_current_admin_user)])
async def reject_request(request_id: int, db: Session = Depends(database.get_db)):
req = db.query(models.AccessRequest).filter(models.AccessRequest.id == request_id).first()
if not req:
raise HTTPException(status_code=404, detail="Request not found")
req.status = "rejected"
db.commit()
return {"message": "Request rejected"}