feat: auth & admin

app/application/user_service.py

@@ -0,0 +1,79 @@
+"""User-management use cases: admin CRUD plus self-service password change.
+
+Deletion is *soft* (deactivate) — likes, play history and playlists reference
+users via append-only event-logs, so rows must not vanish (plan §4 invariants).
+"""
+
+import uuid
+
+from app.domain.entities import User
+from app.domain.errors import AlreadyExistsError, AuthenticationError, NotFoundError
+from app.domain.ports import PasswordHasher, RefreshTokenRepository, UserRepository
+
+
+class UserService:
+    def __init__(
+        self,
+        *,
+        users: UserRepository,
+        refresh_tokens: RefreshTokenRepository,
+        hasher: PasswordHasher,
+    ) -> None:
+        self._users = users
+        self._refresh_tokens = refresh_tokens
+        self._hasher = hasher
+
+    async def create_user(
+        self, *, username: str, password: str, is_superuser: bool = False
+    ) -> User:
+        if await self._users.get_credentials_by_username(username) is not None:
+            raise AlreadyExistsError(f"Username {username!r} is taken.")
+        return await self._users.add(
+            username=username,
+            password_hash=self._hasher.hash(password),
+            is_superuser=is_superuser,
+        )
+
+    async def list_users(self, *, limit: int = 50, offset: int = 0) -> list[User]:
+        return await self._users.list(limit=limit, offset=offset)
+
+    async def get_user(self, user_id: uuid.UUID) -> User:
+        user = await self._users.get_by_id(user_id)
+        if user is None:
+            raise NotFoundError("User not found.")
+        return user
+
+    async def set_superuser(self, user_id: uuid.UUID, *, is_superuser: bool) -> User:
+        await self.get_user(user_id)
+        return await self._users.set_superuser(user_id, is_superuser)
+
+    async def set_active(self, user_id: uuid.UUID, *, is_active: bool) -> User:
+        await self.get_user(user_id)
+        user = await self._users.set_active(user_id, is_active)
+        if not is_active:
+            # Deactivating a user kills their sessions immediately.
+            await self._refresh_tokens.revoke_all_for_user(user_id)
+        return user
+
+    async def reset_password(self, user_id: uuid.UUID, *, new_password: str) -> None:
+        """Admin-driven password reset. Revokes all sessions."""
+        await self.get_user(user_id)
+        await self._users.set_password_hash(user_id, self._hasher.hash(new_password))
+        await self._refresh_tokens.revoke_all_for_user(user_id)
+
+    async def deactivate(self, user_id: uuid.UUID) -> User:
+        """Soft delete: disable the account, keep the row for referential history."""
+        return await self.set_active(user_id, is_active=False)
+
+    async def change_password(
+        self, user_id: uuid.UUID, *, current_password: str, new_password: str
+    ) -> None:
+        """Self-service change: verify the current password first."""
+        user = await self.get_user(user_id)
+        credentials = await self._users.get_credentials_by_username(user.username)
+        assert credentials is not None  # user exists; fetched by id above
+        valid, _ = self._hasher.verify_and_update(current_password, credentials.password_hash)
+        if not valid:
+            raise AuthenticationError("Current password is incorrect.")
+        await self._users.set_password_hash(user_id, self._hasher.hash(new_password))
+        await self._refresh_tokens.revoke_all_for_user(user_id)