init commit

2025-07-14 18:32:55 +03:00
commit e54e57ca3d
25 changed files with 981 additions and 0 deletions
--- a/server/main-server/.gitignore
+++ b/server/main-server/.gitignore
@ -0,0 +1,164 @@
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+.idea
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+share/python-wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# PyInstaller
+#  Usually these files are written by a python script from a template
+#  before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+*.py,cover
+.hypothesis/
+.pytest_cache/
+cover/
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+local_settings.py
+db.sqlite3
+db.sqlite3-journal
+
+# Flask stuff:
+instance/
+.webassets-cache
+
+# Scrapy stuff:
+.scrapy
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+.pybuilder/
+target/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# IPython
+profile_default/
+ipython_config.py
+
+# pyenv
+#   For a library or package, you might want to ignore these files since the code is
+#   intended to run in multiple environments; otherwise, check them in:
+# .python-version
+
+# pipenv
+#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
+#   However, in case of collaboration, if having platform-specific dependencies or dependencies
+#   having no cross-platform support, pipenv may install dependencies that don't work, or not
+#   install all needed dependencies.
+#Pipfile.lock
+
+# poetry
+#   Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
+#   This is especially recommended for binary packages to ensure reproducibility, and is more
+#   commonly ignored for libraries.
+#   https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
+*.lock
+
+# pdm
+#   Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
+#pdm.lock
+#   pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it
+#   in version control.
+#   https://pdm.fming.dev/#use-with-ide
+.pdm.toml
+
+# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
+__pypackages__/
+
+# Celery stuff
+celerybeat-schedule
+celerybeat.pid
+
+# SageMath parsed files
+*.sage.py
+
+# Environments
+.env
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+
+# Spyder project settings
+.spyderproject
+.spyproject
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# mypy
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+# Pyre type checker
+.pyre/
+
+# pytype static type analyzer
+.pytype/
+
+# Cython debug symbols
+cython_debug/
+
+# PyCharm
+#  JetBrains specific template is maintained in a separate JetBrains.gitignore that can
+#  be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
+#  and can be added to the global gitignore or merged into this file.  For a more nuclear
+#  option (not recommended) you can uncomment the following to ignore the entire idea folder.
+#.idea/
+
+# Flet
+storage/
--- a/server/main-server/poetry.toml
+++ b/server/main-server/poetry.toml
@ -0,0 +1,2 @@
+[virtualenvs]
+in-project = true
--- a/server/main-server/pyproject.toml
+++ b/server/main-server/pyproject.toml
@ -0,0 +1,20 @@
+[project]
+name = "sclient-server-main"
+version = "0.1.0"
+description = ""
+authors = [
+    {name = "SaddyDEAD",email = "saddydead@sonoma.su"}
+]
+readme = "README.md"
+requires-python = ">=3.12"
+dependencies = [
+    "fastapi (>=0.115.14,<0.116.0)",
+    "asyncpg (>=0.30.0,<0.31.0)",
+    "uvicorn (>=0.35.0,<0.36.0)",
+    "fastapi-users[sqlalchemy] (>=14.0.1,<15.0.0)"
+]
+
+
+[build-system]
+requires = ["poetry-core>=2.0.0,<3.0.0"]
+build-backend = "poetry.core.masonry.api"
--- a/server/main-server/src/auth/transport.py
+++ b/server/main-server/src/auth/transport.py
@ -0,0 +1,27 @@
+import uuid
+from fastapi_users import FastAPIUsers, models
+from fastapi_users.authentication import (
+    AuthenticationBackend,
+    BearerTransport,
+    JWTStrategy,
+)
+from fastapi_users.jwt import SecretType
+
+from src.database.db import Database
+from src.database.user import User
+
+class Transport:
+    def __init__(self, secret: SecretType, db: Database):
+        self.secret = secret
+        self.db = db
+        self.bearer_transport = BearerTransport(tokenUrl="auth/jwt/login")
+        self.auth_backend = AuthenticationBackend(
+            name="jwt",
+            transport=self.bearer_transport,
+            get_strategy=self.get_jwt_strategy,
+        )
+        self.fastapi_users = FastAPIUsers[User, uuid.UUID](self.db.get_user_manager, [self.auth_backend])
+        self.current_active_user = self.fastapi_users.current_user(active=True)
+
+    def get_jwt_strategy(self) -> JWTStrategy[models.UP, models.ID]:
+        return JWTStrategy(secret=self.secret, lifetime_seconds=3600)
--- a/server/main-server/src/auth/user_manager.py
+++ b/server/main-server/src/auth/user_manager.py
@ -0,0 +1,30 @@
+import uuid
+from typing import Optional
+from fastapi import  Request
+from fastapi_users import UUIDIDMixin, BaseUserManager
+from fastapi_users.jwt import SecretType
+
+from src.database.user import User
+
+SECRET: SecretType
+
+class UserManager(UUIDIDMixin, BaseUserManager[User, uuid.UUID]):
+
+    def __init__(self, secret: SecretType):
+        super().__init__()
+
+    reset_password_token_secret = SECRET
+    verification_token_secret = SECRET
+
+    async def on_after_register(self, user: User, request: Optional[Request] = None):
+        print(f"User {user.id} has registered.")
+
+    async def on_after_forgot_password(
+        self, user: User, token: str, request: Optional[Request] = None
+    ):
+        print(f"User {user.id} has forgot their password. Reset token: {token}")
+
+    async def on_after_request_verify(
+        self, user: User, token: str, request: Optional[Request] = None
+    ):
+        print(f"Verification requested for user {user.id}. Verification token: {token}")
--- a/server/main-server/src/database/db.py
+++ b/server/main-server/src/database/db.py
@ -0,0 +1,40 @@
+from collections.abc import AsyncGenerator
+from fastapi import Depends
+from fastapi_users.db import SQLAlchemyUserDatabase
+from fastapi_users.jwt import SecretType
+from sqlalchemy.ext.asyncio import AsyncSession, async_sessionmaker, create_async_engine
+
+from src.auth.user_manager import UserManager
+from src.database.user import User, Base
+
+
+class Database:
+    def __init__(
+            self,
+            db_user: str,
+            db_pass: str,
+            db_host: str,
+            db_port: int,
+            db_name: str,
+            secret: SecretType
+    ):
+        self.DATABASE_URL = f'postgresql+asyncpg://{db_user}:{db_pass}@{db_host}:{db_port}/{db_name}'
+        self.engine = create_async_engine(self.DATABASE_URL)
+        self.async_session_maker = async_sessionmaker(self.engine, expire_on_commit=False)
+        self.secret = secret
+
+    async def create_db_and_tables(self):
+        async with self.engine.begin() as conn:
+            await conn.run_sync(Base.metadata.create_all)
+
+
+    async def get_async_session(self) -> AsyncGenerator[AsyncSession, None]:
+        async with self.async_session_maker() as session:
+            yield session
+
+
+    async def get_user_db(self, session: AsyncSession = Depends(get_async_session)):
+        yield SQLAlchemyUserDatabase(session, User)
+
+    async def get_user_manager(self, user_db: SQLAlchemyUserDatabase = Depends(get_user_db)):
+        yield UserManager(self.secret, user_db)
--- a/server/main-server/src/database/role.py
+++ b/server/main-server/src/database/role.py
@ -0,0 +1,6 @@
+from enum import Enum
+
+
+class Role(Enum):
+    ADMIN = 'Admin'
+    USER = 'User'
--- a/server/main-server/src/database/schemas.py
+++ b/server/main-server/src/database/schemas.py
@ -0,0 +1,15 @@
+import uuid
+
+from fastapi_users import schemas
+
+
+class UserRead(schemas.BaseUser[uuid.UUID]):
+    pass
+
+
+class UserCreate(schemas.BaseUserCreate):
+    pass
+
+
+class UserUpdate(schemas.BaseUserUpdate):
+    pass
--- a/server/main-server/src/database/user.py
+++ b/server/main-server/src/database/user.py
@ -0,0 +1,13 @@
+from fastapi_users_db_sqlalchemy import SQLAlchemyBaseUserTableUUID
+from sqlalchemy.orm import DeclarativeBase, Mapped
+from src.database.role import Role
+
+
+class Base(DeclarativeBase):
+    pass
+
+class User(SQLAlchemyBaseUserTableUUID, Base):
+    username: Mapped[str]
+    role: Mapped[Role]
+    vpn_server_access: Mapped[bool]
+    main_server_access: Mapped[bool]
--- a/server/main-server/src/main.py
+++ b/server/main-server/src/main.py
@ -0,0 +1,91 @@
+import asyncio
+from fastapi import Depends, FastAPI, HTTPException, Request
+from fastapi.responses import RedirectResponse
+from database.db import Database
+import uvicorn
+from src.database.schemas import *
+from src.auth.transport import Transport
+from src.database.user import User
+
+app = FastAPI(title='sclient-main-server')
+
+### Settings
+# TODO: Create .env
+
+PORT = 7535
+ADMIN_NAME = 'admin'
+ADMIN_PASSWORD = 'admin'
+DATABASE_USER = 'ADMIN'
+DATABASE_PASS = '123123'
+DATABASE_HOST = '127.0.0.1'
+DATABASE_PORT = 5432
+DATABASE_NAME = 'sonoma-db'
+SECRET = 'SECRET'
+
+###
+
+db = Database(
+        DATABASE_USER,
+        DATABASE_PASS,
+        DATABASE_HOST,
+        DATABASE_PORT,
+        DATABASE_NAME,
+        SECRET
+    )
+
+transport = Transport(SECRET, db)
+
+class App:
+    def init(self, loop) -> None:
+        config = uvicorn.Config(
+            app,
+            loop=loop,
+            host='0.0.0.0',
+            port=PORT
+        )
+        server = uvicorn.Server(config)
+        loop.run_until_complete(server.serve())
+
+    @app.get('/')
+    async def docs(self: Request):
+        return RedirectResponse(f'{self.url}docs')
+
+    @app.get("/authenticated-route")
+    async def authenticated_route(user: User = Depends(transport.current_active_user)):
+        return {"message": f"Hello {user.email}!"}
+
+def main():
+    loop = asyncio.new_event_loop()
+    asyncio.set_event_loop(loop)
+
+    server = App()
+
+    app.include_router(
+        transport.fastapi_users.get_auth_router(transport.auth_backend), prefix="/auth/jwt", tags=["auth"]
+    )
+    app.include_router(
+        transport.fastapi_users.get_register_router(UserRead, UserCreate),
+        prefix="/auth",
+        tags=["auth"],
+    )
+    app.include_router(
+        transport.fastapi_users.get_reset_password_router(),
+        prefix="/auth",
+        tags=["auth"],
+    )
+    app.include_router(
+        transport.fastapi_users.get_verify_router(UserRead),
+        prefix="/auth",
+        tags=["auth"],
+    )
+    app.include_router(
+        transport.fastapi_users.get_users_router(UserRead, UserUpdate),
+        prefix="/users",
+        tags=["users"],
+    )
+
+    loop.run_until_complete(db.create_db_and_tables())
+    server.init(loop)
+
+if __name__ == '__main__':
+    main()