the beginning of the idiots

qwen/python/merchants_of_hope/api/v1/users.py

@@ -0,0 +1,111 @@
+"""
+Users API routes
+"""
+from fastapi import APIRouter, Depends, HTTPException, status
+from typing import List
+from pydantic import BaseModel
+import hashlib
+from sqlalchemy.orm import Session
+
+from ..database import SessionLocal
+from ..models import User, UserRole
+from ..config.settings import settings
+
+router = APIRouter()
+
+# Pydantic models for users
+class UserCreate(BaseModel):
+    email: str
+    username: str
+    password: str
+    role: UserRole
+
+class UserUpdate(BaseModel):
+    email: str = None
+    username: str = None
+    is_active: bool = None
+
+class UserResponse(BaseModel):
+    id: int
+    email: str
+    username: str
+    role: str
+    is_active: bool
+    is_verified: bool
+    tenant_id: int
+
+    class Config:
+        from_attributes = True
+
+def hash_password(password: str) -> str:
+    """Hash password using SHA256 (in production, use bcrypt)"""
+    return hashlib.sha256(password.encode()).hexdigest()
+
+@router.get("/", response_model=List[UserResponse])
+async def get_users(skip: int = 0, limit: int = 100, db: Session = Depends(SessionLocal)):
+    """Get all users"""
+    users = db.query(User).offset(skip).limit(limit).all()
+    return users
+
+@router.get("/{user_id}", response_model=UserResponse)
+async def get_user(user_id: int, db: Session = Depends(SessionLocal)):
+    """Get a specific user"""
+    user = db.query(User).filter(User.id == user_id).first()
+    if not user:
+        raise HTTPException(status_code=404, detail="User not found")
+    return user
+
+@router.post("/", response_model=UserResponse)
+async def create_user(user: UserCreate, db: Session = Depends(SessionLocal)):
+    """Create a new user"""
+    # Check if user already exists
+    existing_user = db.query(User).filter(
+        (User.email == user.email) | (User.username == user.username)
+    ).first()
+    
+    if existing_user:
+        raise HTTPException(status_code=400, detail="Email or username already registered")
+    
+    # Create new user
+    hashed_pwd = hash_password(user.password)
+    db_user = User(
+        email=user.email,
+        username=user.username,
+        hashed_password=hashed_pwd,
+        role=user.role.value,
+        tenant_id=1  # Default tenant, in real app would come from context
+    )
+    db.add(db_user)
+    db.commit()
+    db.refresh(db_user)
+    return db_user
+
+@router.put("/{user_id}", response_model=UserResponse)
+async def update_user(user_id: int, user_update: UserUpdate, db: Session = Depends(SessionLocal)):
+    """Update a user"""
+    db_user = db.query(User).filter(User.id == user_id).first()
+    if not db_user:
+        raise HTTPException(status_code=404, detail="User not found")
+    
+    # Update fields if provided
+    if user_update.email is not None:
+        db_user.email = user_update.email
+    if user_update.username is not None:
+        db_user.username = user_update.username
+    if user_update.is_active is not None:
+        db_user.is_active = user_update.is_active
+    
+    db.commit()
+    db.refresh(db_user)
+    return db_user
+
+@router.delete("/{user_id}")
+async def delete_user(user_id: int, db: Session = Depends(SessionLocal)):
+    """Delete a user"""
+    db_user = db.query(User).filter(User.id == user_id).first()
+    if not db_user:
+        raise HTTPException(status_code=404, detail="User not found")
+    
+    db.delete(db_user)
+    db.commit()
+    return {"message": "User deleted successfully"}