derekc
7cd2dfb710
Sends alerts on admin login, new registrations, user disable/delete, and impersonation. NTFY_URL and NTFY_TOKEN are optional — leave blank to disable. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
170 lines
6.1 KiB
Python
170 lines
6.1 KiB
Python
import logging
|
|
|
|
from fastapi import APIRouter, BackgroundTasks, Depends, HTTPException, Request, Response
|
|
from sqlalchemy import select
|
|
from sqlalchemy.orm import Session
|
|
|
|
from database import get_db
|
|
from models import User
|
|
from ntfy import notify
|
|
from schemas import UserCreate, UserOut, ResetPasswordRequest, AuthResponse
|
|
from auth import hash_password, create_access_token, get_current_admin, get_token_payload, set_auth_cookie, token_to_user_payload
|
|
|
|
router = APIRouter(prefix="/api/admin", tags=["admin"])
|
|
logger = logging.getLogger("yolkbook")
|
|
|
|
|
|
@router.get("/users", response_model=list[UserOut])
|
|
def list_users(
|
|
_: User = Depends(get_current_admin),
|
|
db: Session = Depends(get_db),
|
|
):
|
|
return db.scalars(select(User).order_by(User.created_at).limit(500)).all()
|
|
|
|
|
|
@router.post("/users", response_model=UserOut, status_code=201)
|
|
def create_user(
|
|
body: UserCreate,
|
|
_: User = Depends(get_current_admin),
|
|
db: Session = Depends(get_db),
|
|
):
|
|
existing = db.scalars(select(User).where(User.username == body.username)).first()
|
|
if existing:
|
|
raise HTTPException(status_code=409, detail="Username already taken")
|
|
user = User(
|
|
username=body.username,
|
|
hashed_password=hash_password(body.password),
|
|
is_admin=False,
|
|
)
|
|
db.add(user)
|
|
db.commit()
|
|
db.refresh(user)
|
|
return user
|
|
|
|
|
|
@router.post("/users/{user_id}/reset-password")
|
|
def reset_password(
|
|
user_id: int,
|
|
body: ResetPasswordRequest,
|
|
current_admin: User = Depends(get_current_admin),
|
|
db: Session = Depends(get_db),
|
|
):
|
|
user = db.get(User, user_id)
|
|
if not user:
|
|
raise HTTPException(status_code=404, detail="User not found")
|
|
user.hashed_password = hash_password(body.new_password)
|
|
db.commit()
|
|
logger.warning("Admin '%s' reset password for user '%s' (id=%d).", current_admin.username, user.username, user.id)
|
|
return {"detail": f"Password reset for {user.username}"}
|
|
|
|
|
|
@router.post("/users/{user_id}/disable")
|
|
def disable_user(
|
|
user_id: int,
|
|
request: Request,
|
|
background_tasks: BackgroundTasks,
|
|
current_admin: User = Depends(get_current_admin),
|
|
db: Session = Depends(get_db),
|
|
):
|
|
user = db.get(User, user_id)
|
|
if not user:
|
|
raise HTTPException(status_code=404, detail="User not found")
|
|
if user.id == current_admin.id:
|
|
raise HTTPException(status_code=400, detail="Cannot disable your own account")
|
|
user.is_disabled = True
|
|
db.commit()
|
|
logger.warning("Admin '%s' disabled user '%s' (id=%d).", current_admin.username, user.username, user.id)
|
|
ip = request.headers.get("X-Forwarded-For", request.client.host if request.client else "unknown")
|
|
background_tasks.add_task(
|
|
notify,
|
|
title="Yolkbook User Disabled",
|
|
message=f"User: {user.username}\nBy admin: {current_admin.username}\nIP: {ip}",
|
|
priority="high",
|
|
tags=["warning"],
|
|
)
|
|
return {"detail": f"User {user.username} disabled"}
|
|
|
|
|
|
@router.post("/users/{user_id}/enable")
|
|
def enable_user(
|
|
user_id: int,
|
|
_: User = Depends(get_current_admin),
|
|
db: Session = Depends(get_db),
|
|
):
|
|
user = db.get(User, user_id)
|
|
if not user:
|
|
raise HTTPException(status_code=404, detail="User not found")
|
|
user.is_disabled = False
|
|
db.commit()
|
|
return {"detail": f"User {user.username} enabled"}
|
|
|
|
|
|
@router.delete("/users/{user_id}", status_code=204)
|
|
def delete_user(
|
|
user_id: int,
|
|
request: Request,
|
|
background_tasks: BackgroundTasks,
|
|
current_admin: User = Depends(get_current_admin),
|
|
db: Session = Depends(get_db),
|
|
):
|
|
user = db.get(User, user_id)
|
|
if not user:
|
|
raise HTTPException(status_code=404, detail="User not found")
|
|
if user.id == current_admin.id:
|
|
raise HTTPException(status_code=400, detail="Cannot delete your own account")
|
|
logger.warning("Admin '%s' deleted user '%s' (id=%d).", current_admin.username, user.username, user.id)
|
|
ip = request.headers.get("X-Forwarded-For", request.client.host if request.client else "unknown")
|
|
background_tasks.add_task(
|
|
notify,
|
|
title="Yolkbook User Deleted",
|
|
message=f"User: {user.username}\nBy admin: {current_admin.username}\nIP: {ip}",
|
|
priority="urgent",
|
|
tags=["warning", "wastebasket"],
|
|
)
|
|
db.delete(user)
|
|
db.commit()
|
|
|
|
|
|
@router.post("/users/{user_id}/impersonate", response_model=AuthResponse)
|
|
def impersonate_user(
|
|
user_id: int,
|
|
response: Response,
|
|
request: Request,
|
|
background_tasks: BackgroundTasks,
|
|
current_admin: User = Depends(get_current_admin),
|
|
db: Session = Depends(get_db),
|
|
):
|
|
user = db.get(User, user_id)
|
|
if not user:
|
|
raise HTTPException(status_code=404, detail="User not found")
|
|
token = create_access_token(user.id, user.username, user.is_admin, user.timezone, admin_id=current_admin.id)
|
|
set_auth_cookie(response, token)
|
|
logger.warning("Admin '%s' (id=%d) is impersonating user '%s' (id=%d).", current_admin.username, current_admin.id, user.username, user.id)
|
|
ip = request.headers.get("X-Forwarded-For", request.client.host if request.client else "unknown")
|
|
background_tasks.add_task(
|
|
notify,
|
|
title="Yolkbook Admin Impersonation",
|
|
message=f"Admin: {current_admin.username} → User: {user.username}\nIP: {ip}",
|
|
priority="high",
|
|
tags=["eyes"],
|
|
)
|
|
return AuthResponse(user=token_to_user_payload(token))
|
|
|
|
|
|
@router.post("/unimpersonate", response_model=AuthResponse)
|
|
def unimpersonate(
|
|
response: Response,
|
|
payload: dict = Depends(get_token_payload),
|
|
db: Session = Depends(get_db),
|
|
):
|
|
admin_id = payload.get("admin_id")
|
|
if not admin_id:
|
|
raise HTTPException(status_code=400, detail="Not in an impersonation session")
|
|
admin = db.get(User, int(admin_id))
|
|
if not admin or admin.is_disabled or not admin.is_admin:
|
|
raise HTTPException(status_code=403, detail="Original admin account is no longer valid")
|
|
token = create_access_token(admin.id, admin.username, admin.is_admin, admin.timezone)
|
|
set_auth_cookie(response, token)
|
|
logger.warning("Admin '%s' (id=%d) ended impersonation session.", admin.username, admin.id)
|
|
return AuthResponse(user=token_to_user_payload(token))
|