Coverage for opt/mealie/lib/python3.12/site-packages/mealie/routes/users/api_tokens.py: 91%

27 statements  

« prev     ^ index     » next       coverage.py v7.10.6, created at 2025-11-25 15:48 +0000

1from datetime import timedelta 1a

2 

3from fastapi import HTTPException, status 1a

4 

5from mealie.core.security import create_access_token 1a

6from mealie.routes._base import BaseUserController, controller 1a

7from mealie.routes._base.routers import UserAPIRouter 1a

8from mealie.schema.user import ( 1a

9 CreateToken, 

10 DeleteTokenResponse, 

11 LongLiveTokenCreateResponse, 

12 LongLiveTokenIn, 

13 LongLiveTokenInDB, 

14) 

15 

16router = UserAPIRouter(prefix="/users", tags=["Users: Tokens"]) 1a

17 

18 

19@controller(router) 1a

20class UserApiTokensController(BaseUserController): 1a

21 @router.post("/api-tokens", status_code=status.HTTP_201_CREATED, response_model=LongLiveTokenCreateResponse) 1a

22 def create_api_token( 1a

23 self, 

24 token_params: LongLiveTokenIn, 

25 ): 

26 """Create api_token in the Database""" 

27 

28 token_data = { 1defghicjklmnob

29 "long_token": True, 

30 "id": str(self.user.id), 

31 "name": token_params.name, 

32 "integration_id": token_params.integration_id, 

33 } 

34 

35 five_years = timedelta(1825) 1defghicjklmnob

36 token = create_access_token(token_data, five_years) 1defghicjklmnob

37 

38 token_model = CreateToken( 1defghicjklmnob

39 name=token_params.name, 

40 token=token, 

41 user_id=self.user.id, 

42 ) 

43 

44 new_token_in_db = self.repos.api_tokens.create(token_model) 1defghicjklmnob

45 

46 if new_token_in_db: 46 ↛ exitline 46 didn't return from function 'create_api_token' because the condition on line 46 was always true1defghicjklmnob

47 return new_token_in_db 1defghicjklmnob

48 

49 @router.delete("/api-tokens/{token_id}", response_model=DeleteTokenResponse) 1a

50 def delete_api_token(self, token_id: int): 1a

51 """Delete api_token from the Database""" 

52 token: LongLiveTokenInDB = self.repos.api_tokens.get_one(token_id) 1cb

53 

54 if not token: 1cb

55 raise HTTPException(status.HTTP_404_NOT_FOUND, f"Could not locate token with id '{token_id}' in database") 

56 

57 if token.user.email == self.user.email: 57 ↛ 61line 57 didn't jump to line 61 because the condition on line 57 was always true1cb

58 deleted_token = self.repos.api_tokens.delete(token_id) 1cb

59 return DeleteTokenResponse(token_delete=deleted_token.name) 1cb

60 else: 

61 raise HTTPException(status.HTTP_403_FORBIDDEN)