picrinth-server/src/api/anon.py

from typing import Annotated

from fastapi import APIRouter, Depends, HTTPException, status
from psycopg2._psycopg import connection

import db.users as db
import settings.settings as settings
from api.utils import get_password_hash
from db.internal import get_db_connection

anon_router = APIRouter(prefix="/api/anon", tags=["anon"])


@anon_router.post("/add/admin")
async def add_admin(
    username: str,
    password: str,
    conn: Annotated[connection, Depends(get_db_connection)]
):
    if not settings.settings.allow_create_admins:
        raise HTTPException(
            status_code=status.HTTP_403_FORBIDDEN,
            detail="Not allowed",
        )
    if db.check_user_existence(conn, username):
        raise HTTPException(
            status_code=status.HTTP_409_CONFLICT,
            detail="User already exists",
        )
    hashed_password = get_password_hash(password)
    return db.create_user(conn, username, hashed_password, "admin")

@anon_router.post("/add/user")
async def add_user(
    username: str,
    password: str,
    conn: Annotated[connection, Depends(get_db_connection)]
):
    if not settings.settings.allow_create_users:
        raise HTTPException(
            status_code=status.HTTP_403_FORBIDDEN,
            detail="Not allowed",
        )
    if db.check_user_existence(conn, username):
        raise HTTPException(
            status_code=status.HTTP_409_CONFLICT,
            detail="User already exists",
        )
    hashed_password = get_password_hash(password)
    return db.create_user(conn, username, hashed_password, "user")