35 lines
1006 B
Python
35 lines
1006 B
Python
from werkzeug.security import check_password_hash, generate_password_hash
|
|
|
|
from app.database import get_db_connection
|
|
|
|
|
|
def create_user(username: str, password: str, role: str = "user") -> bool:
|
|
conn = get_db_connection()
|
|
existing = conn.execute(
|
|
"SELECT id FROM users WHERE username = ?",
|
|
(username,),
|
|
).fetchone()
|
|
if existing is not None:
|
|
conn.close()
|
|
return False
|
|
|
|
conn.execute(
|
|
"INSERT INTO users (username, password_hash, role) VALUES (?, ?, ?)",
|
|
(username, generate_password_hash(password), role),
|
|
)
|
|
conn.commit()
|
|
conn.close()
|
|
return True
|
|
|
|
|
|
def verify_basic_admin(username: str, password: str) -> bool:
|
|
conn = get_db_connection()
|
|
user = conn.execute(
|
|
"SELECT password_hash, role FROM users WHERE username = ?",
|
|
(username,),
|
|
).fetchone()
|
|
conn.close()
|
|
if user is None:
|
|
return False
|
|
return user["role"] == "admin" and check_password_hash(user["password_hash"], password)
|