brilliance-admin 0.44.14__py3-none-any.whl → 0.44.16__py3-none-any.whl

brilliance_admin/api/views/auth.py

@@ -22,7 +22,7 @@ async def login(request: Request, auth_data: AuthData) -> AuthResult:
 
     auth: AdminAuthentication = schema.auth
     try:
-        result: AuthResult = await auth.login(auth_data)
+        result: AuthResult = await auth.login(auth_data, debug=schema.debug)
     except AdminAPIException as e:
         return JSONResponse(e.get_error().model_dump(mode='json', context=context), status_code=e.status_code)
 

brilliance_admin/auth.py

@@ -25,7 +25,7 @@ class AuthResult(BaseModel):
 
 
 class AdminAuthentication(abc.ABC):
-    async def login(self, data: AuthData) -> AuthResult:
+    async def login(self, data: AuthData, debug: bool = False) -> AuthResult:
         raise NotImplementedError('Login is not implemented')
 
     async def authenticate(self, headers: dict) -> UserABC:

brilliance_admin/integrations/sqlalchemy/auth.py

@@ -1,3 +1,5 @@
+from typing import Callable
+
 from brilliance_admin.auth import AdminAuthentication, AuthData, AuthResult, UserABC, UserResult
 from brilliance_admin.exceptions import AdminAPIException, APIError
 from brilliance_admin.translations import TranslateText as _
@@ -12,11 +14,18 @@ class SQLAlchemyJWTAdminAuthentication(AdminAuthentication):
     user_model = None
     pk_name = None
 
-    def __init__(self, secret: str, db_async_session, user_model, pk_name='id'):
+    password_validator: Callable[[UserABC, str], bool] | None = None
+
+    def __init__(self, secret: str, db_async_session, user_model, pk_name='id', password_validator=None):
         self.pk_name = pk_name
         self.secret = secret
         self.db_async_session = db_async_session
         self.user_model = user_model
+        self.password_validator = password_validator
+
+        if self.password_validator:
+            if not callable(self.password_validator):
+                raise ValueError("password_validator must be callable")
 
         if not isinstance(secret, str) or not secret:
             raise ValueError("JWT secret must be a non-empty string")
@@ -41,7 +50,7 @@ class SQLAlchemyJWTAdminAuthentication(AdminAuthentication):
             msg = f"user_model is missing required columns: {', '.join(sorted(missing))}"
             raise ValueError(msg)
 
-    async def login(self, data: AuthData) -> AuthResult:
+    async def login(self, data: AuthData, debug: bool = False) -> AuthResult:
         # pylint: disable=import-outside-toplevel
         from sqlalchemy import select
 
@@ -65,6 +74,19 @@ class SQLAlchemyJWTAdminAuthentication(AdminAuthentication):
         if not user:
             raise AdminAPIException(APIError(code="user_not_found"), status_code=401)
 
+        try:
+            if self.password_validator:
+                if not self.password_validator(user, data.password):
+                    raise AdminAPIException(APIError(code="user_not_found"), status_code=401)
+
+        except AdminAPIException as e:
+            raise e
+        except Exception as e:
+            msg = _('errors.password_exception') % {
+                'error_type': str(e) if schema.debug else type(e).__name__,
+            }
+            raise AdminAPIException(APIError(message=msg, code="password_exception"), status_code=500) from e
+
         if not user.is_admin:
             raise AdminAPIException(APIError(code="not_an_admin"), status_code=401)
 

brilliance_admin/locales/ru.yml

@@ -11,6 +11,8 @@ errors:
   db_error_retrieve: 'Ошибка получения записи из базы данных: %(error_type)s'
   db_error_list: 'Ошибка получения данных таблицы из базы данных: %(error_type)s'
 
+  password_exception: 'Произошла неизвестная ошибка при проверке пароля: %(error_type)s'
+
   connection_refused_error: 'Ошибка подключения к базе данных: %(error)s'
   filters_exception: 'Произошла неизвестная техническая ошибка при фильтрации данных: %(error_type)s'
   method_not_allowed: 'Ошибка, данный метод недоступен.'