rsw/score
1
0
Fork 0
Code Issues 2 Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Use proper HTTP status codes

Browse Source
This commit is contained in:
Sebastiaan
2025-06-09 22:35:53 +02:00
parent c4d1871835
commit eac43be278
10 changed files with 173 additions and 168 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
backend/app/api/routes/login.py
View File

@@ -1,7 +1,7 @@
from datetime import timedelta
from typing import Annotated, Any
from fastapi import APIRouter, Depends, HTTPException
from fastapi import APIRouter, Depends, HTTPException, status
from fastapi.responses import HTMLResponse
from fastapi.security import OAuth2PasswordRequestForm
@@ -33,9 +33,9 @@ def login_access_token(
session=session, email=form_data.username, password=form_data.password
)
if not user:
raise HTTPException(status_code=400, detail="Incorrect email or password")
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail="Incorrect email or password")
elif not user.is_active:
raise HTTPException(status_code=400, detail="Inactive user")
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail="Inactive user")
access_token_expires = timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
return Token(
access_token=security.create_access_token(
@@ -54,9 +54,9 @@ def login_apikey(
"""
user = ApiKey.authenticate(session=session, api_key=api_key)
if not user:
raise HTTPException(status_code=400, detail="Incorrect apikey")
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail="Incorrect apikey")
elif not user.is_active:
raise HTTPException(status_code=400, detail="Inactive user")
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail="Inactive user")
access_token_expires = timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
return Token(
access_token=security.create_access_token(
@@ -82,7 +82,7 @@ def recover_password(email: str, session: SessionDep) -> Message:
if not user:
raise HTTPException(
status_code=404,
status_code=status.HTTP_404_NOT_FOUND,
detail="The user with this email does not exist in the system.",
)
password_reset_token = generate_password_reset_token(email=email)
@@ -104,15 +104,15 @@ def reset_password(session: SessionDep, body: NewPassword) -> Message:
"""
email = verify_password_reset_token(token=body.token)
if not email:
raise HTTPException(status_code=400, detail="Invalid token")
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail="Invalid token")
user = User.get_by_email(session=session, email=email)
if not user:
raise HTTPException(
status_code=404,
status_code=status.HTTP_404_NOT_FOUND,
detail="The user with this email does not exist in the system.",
)
elif not user.is_active:
raise HTTPException(status_code=400, detail="Inactive user")
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail="Inactive user")
hashed_password = get_password_hash(password=body.new_password)
user.hashed_password = hashed_password
session.add(user)
@@ -133,7 +133,7 @@ def recover_password_html_content(email: str, session: SessionDep) -> Any:
if not user:
raise HTTPException(
status_code=404,
status_code=status.HTTP_404_NOT_FOUND,
detail="The user with this username does not exist in the system.",
)
password_reset_token = generate_password_reset_token(email=email)