captcha

2024-04-20 17:37:41 +03:00
parent ed0ecf9f51
commit 03da5914fa
11 changed files with 218 additions and 36 deletions
--- a/backend/app/views/auth/api.py
+++ b/backend/app/views/auth/api.py
@ -2,8 +2,9 @@ from datetime import datetime, timedelta, timezone
 from typing import Annotated, Union
 from sqlalchemy.orm import Session

-from fastapi import APIRouter, Depends, HTTPException, status
+from fastapi import APIRouter, Depends, HTTPException, status, Response
 from fastapi.security import OAuth2PasswordRequestForm
+from io import BytesIO


 from pydantic import BaseModel
@ -46,21 +47,27 @@ async def register(
    user_data: schemas.UserRegister,
    db: Annotated[Session, Depends(get_db)],
 ) -> schemas.User:
-    user = services.get_user_by_username(db, user_data.username)
-    if user:
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail="User with this username already exists",
-            headers={"WWW-Authenticate": "Bearer"},
-        )
-    if user_data.password != user_data.password2:
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail="Passwords do not match",
-            headers={"WWW-Authenticate": "Bearer"},
-        )
-    user = services.create_user(db=db, user_data=user_data)
-    return user
+    if services.check_captcha(
+        id=user_data.captcha.id, prompt=user_data.captcha.prompt, db=db
+    ):
+        user = services.get_user_by_username(db, user_data.username)
+        if user:
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail="User with this username already exists",
+                headers={"WWW-Authenticate": "Bearer"},
+            )
+        if user_data.password != user_data.password2:
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail="Passwords do not match",
+                headers={"WWW-Authenticate": "Bearer"},
+            )
+        user = services.create_user(db=db, user_data=user_data)
+        return user
+    raise HTTPException(
+        status_code=status.HTTP_400_BAD_REQUEST, detail="Invalid captcha"
+    )


@router.get("/me")
@ -75,3 +82,16 @@ async def get_qnon_user(
    anon_user: Annotated[schemas.AnonUser, Depends(services.get_anon_user)]
 ) -> schemas.AnonUser:
    return anon_user
+
+
+@router.get(
+    "/captcha/{captcha_id}",
+    responses={200: {"content": {"image/png": {}}}},
+    response_class=Response,
+)
+async def generate_captcha(
+    captcha: Annotated[BytesIO, Depends(services.get_captcha)]
+) -> Response:
+    captcha.seek(0)
+    captcha_bytes = captcha.read()
+    return Response(content=captcha_bytes, media_type="image/png")