108 lines
2.7 KiB
Python
108 lines
2.7 KiB
Python
"""
|
|
User model for Flask-Login authentication.
|
|
|
|
Simple single-user model that loads credentials from the settings table.
|
|
"""
|
|
|
|
from typing import Optional
|
|
|
|
from flask_login import UserMixin
|
|
from sqlalchemy.orm import Session
|
|
|
|
from web.utils.settings import PasswordManager, SettingsManager
|
|
|
|
|
|
class User(UserMixin):
|
|
"""
|
|
User class for Flask-Login.
|
|
|
|
Represents the single application user. Credentials are stored in the
|
|
settings table (app_password key).
|
|
"""
|
|
|
|
# Single user ID (always 1 for single-user app)
|
|
USER_ID = '1'
|
|
|
|
def __init__(self, user_id: str = USER_ID):
|
|
"""
|
|
Initialize user.
|
|
|
|
Args:
|
|
user_id: User ID (always '1' for single-user app)
|
|
"""
|
|
self.id = user_id
|
|
|
|
def get_id(self) -> str:
|
|
"""
|
|
Get user ID for Flask-Login.
|
|
|
|
Returns:
|
|
User ID string
|
|
"""
|
|
return self.id
|
|
|
|
@property
|
|
def is_authenticated(self) -> bool:
|
|
"""User is always authenticated if instance exists."""
|
|
return True
|
|
|
|
@property
|
|
def is_active(self) -> bool:
|
|
"""User is always active."""
|
|
return True
|
|
|
|
@property
|
|
def is_anonymous(self) -> bool:
|
|
"""User is never anonymous."""
|
|
return False
|
|
|
|
@staticmethod
|
|
def get(user_id: str, db_session: Session = None) -> Optional['User']:
|
|
"""
|
|
Get user by ID (Flask-Login user_loader).
|
|
|
|
Args:
|
|
user_id: User ID to load
|
|
db_session: Database session (unused - kept for compatibility)
|
|
|
|
Returns:
|
|
User instance if ID is valid, None otherwise
|
|
"""
|
|
if user_id == User.USER_ID:
|
|
return User(user_id)
|
|
return None
|
|
|
|
@staticmethod
|
|
def authenticate(password: str, db_session: Session) -> Optional['User']:
|
|
"""
|
|
Authenticate user with password.
|
|
|
|
Args:
|
|
password: Password to verify
|
|
db_session: Database session for accessing settings
|
|
|
|
Returns:
|
|
User instance if password is correct, None otherwise
|
|
"""
|
|
settings_manager = SettingsManager(db_session)
|
|
|
|
if PasswordManager.verify_app_password(settings_manager, password):
|
|
return User(User.USER_ID)
|
|
|
|
return None
|
|
|
|
@staticmethod
|
|
def has_password_set(db_session: Session) -> bool:
|
|
"""
|
|
Check if application password is set.
|
|
|
|
Args:
|
|
db_session: Database session for accessing settings
|
|
|
|
Returns:
|
|
True if password is set, False otherwise
|
|
"""
|
|
settings_manager = SettingsManager(db_session)
|
|
stored_hash = settings_manager.get('app_password', decrypt=False)
|
|
return bool(stored_hash)
|