Update migrations

2025-12-03 22:03:15 +01:00
parent ff7560b263
commit e2d96c712e
17 changed files with 786 additions and 683 deletions
--- a/app/auth.py
+++ b/app/auth.py
@@ -1,4 +1,3 @@
-# app/auth_core.py

 from contextlib import closing
 import bcrypt
@@ -13,7 +12,7 @@ from db import get_conn #, create_user, verify_user, get_role_for_user
 def create_user(
    username: str, 
    password: str, 
-    role: str = "user",
+    role_id: str = "user",
    email: str | None = None,
    firstname: str | None = None,
    lastname: str | None = None
@@ -27,8 +26,8 @@ def create_user(
    try:
        with closing(get_conn()) as conn, conn:
            conn.execute(
-                "INSERT INTO users (username, email, password_hash, role, firstname, lastname) VALUES (?, ?, ?, ?, ?, ?)",
-                (username, email, pw_hash, role, firstname, lastname),
+                "INSERT INTO users (username, email, password_hash, role_id, firstname, lastname) VALUES (?, ?, ?, ?, ?, ?)",
+                (username, email, pw_hash, role_id, firstname, lastname),
            )
        return True
    except Exception:
@@ -42,23 +41,23 @@ def create_user(
 def verify_user(username: str, password: str):
    """
    Vergleicht eingegebenes Passwort mit dem gespeicherten bcrypt-Hash.
-    Rückgabe: (True, role) oder (False, None)
+    Rückgabe: (True, role_id) oder (False, None)
    """
    with closing(get_conn()) as conn:
        row = conn.execute(
-            "SELECT password_hash, role FROM users WHERE username = ?",
+            "SELECT password_hash, role_id FROM users WHERE username = ?",
            (username,),
        ).fetchone()

    if not row:
        return False, None

-    stored_hash, role = row
+    stored_hash, role_id = row

    # stored_hash ist TEXT → zurück nach bytes
    ok = bcrypt.checkpw(password.encode("utf-8"), stored_hash.encode("utf-8"))

-    return (ok, role) if ok else (False, None)
+    return (ok, role_id) if ok else (False, None)


 # ---------------------------------------------------------------------------
@@ -68,7 +67,7 @@ def verify_user(username: str, password: str):
 def get_role_for_user(username: str) -> str:
    with closing(get_conn()) as conn:
        row = conn.execute(
-            "SELECT role FROM users WHERE username = ?",
+            "SELECT role_id FROM users WHERE username = ?",
            (username,),
        ).fetchone()
    return row[0] if row else "user"