Add backend support for users

backend/model.py

@@ -1,9 +1,12 @@
 from sqlalchemy import create_engine, Column, Integer, String, Text, ForeignKey, Boolean
+from sqlalchemy.sql.sqltypes import DateTime
 from sqlalchemy.ext.declarative import declarative_base
 from sqlalchemy.orm import sessionmaker
 from sqlalchemy.sql.functions import func
 from sqlalchemy.sql.sqltypes import DateTime
 import os
+import secrets
+from passlib.context import CryptContext
 
 # Initialize the database
 DATABASE_URL = os.getenv("DATABASE_URL")
@@ -17,7 +20,15 @@ SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
 Base = declarative_base()
 
 
-# Define the table model
+class User(Base):
+    __tablename__ = "users"
+
+    id = Column(Integer, primary_key=True, index=True)
+    username = Column(String(64), unique=True, nullable=False, index=True)
+    password_hash = Column(String(128), nullable=False)
+    created_at = Column(
+        DateTime(timezone=True), nullable=False, server_default=func.now()
+    )
 
 
 class Script(Base):
@@ -30,6 +41,9 @@ class Script(Base):
     created_at = Column(
         DateTime(timezone=True), nullable=False, server_default=func.now()
     )
+    user_id = Column(
+        Integer, ForeignKey("users.id", name="fk_script_user_id"), nullable=False
+    )
 
 
 class Log(Base):
@@ -43,7 +57,9 @@ class Log(Base):
         DateTime(timezone=True), nullable=False, server_default=func.now()
     )
 
-    script_id = Column(Integer, ForeignKey("scripts.id"), nullable=False)
+    script_id = Column(
+        Integer, ForeignKey("scripts.id", name="fk_log_script_id"), nullable=False
+    )
 
 
 class Settings(Base):
@@ -52,8 +68,10 @@ class Settings(Base):
     id = Column(Integer, primary_key=True, index=True)
     requirements = Column(String, nullable=False)
     environment = Column(String, nullable=False)
-    user = Column(String, nullable=False)
     ntfy_url = Column(String, nullable=True)
+    user_id = Column(
+        Integer, ForeignKey("users.id", name="fk_user_settings_user_id"), nullable=False
+    )
 
 
 class Subscription(Base):
@@ -65,6 +83,9 @@ class Subscription(Base):
     created_at = Column(
         DateTime(timezone=True), nullable=False, server_default=func.now()
     )
+    user_id = Column(
+        Integer, ForeignKey("users.id", name="fk_subscription_user_id"), nullable=False
+    )
 
 
 class Notification(Base):
@@ -77,7 +98,11 @@ class Notification(Base):
     viewed = Column(Boolean, default=False)
     sent = Column(Boolean, default=False)
 
-    subscription_id = Column(Integer, ForeignKey("subscriptions.id"), nullable=False)
+    subscription_id = Column(
+        Integer,
+        ForeignKey("subscriptions.id", name="fk_notification_subscription_id"),
+        nullable=False,
+    )
     created_at = Column(
         DateTime(timezone=True), nullable=False, server_default=func.now()
     )
@@ -87,20 +112,39 @@ class Notification(Base):
 Base.metadata.create_all(bind=engine)
 
 
-# Ensure a default setting line exists
+# Ensure a default admin user exists
 def ensure_default_setting():
     db = SessionLocal()
-    default_setting = db.query(Settings).filter(Settings.user == "default").first()
+    admin_user = db.query(User).filter(User.username == "admin").first()
+    if not admin_user:
+        pwd_context = CryptContext(schemes=["argon2"], deprecated="auto")
+        random_password = secrets.token_urlsafe(12)
+        password_hash = pwd_context.hash(random_password)
+        admin_user = User(username="admin", password_hash=password_hash)
+        db.add(admin_user)
+        db.commit()
+        print(
+            f"Default admin user created. Username: admin, Password: {random_password}"
+        )
+        # Refresh to get admin_user.id
+        db.refresh(admin_user)
+    # Set all rows with null user_id in Script and Subscription to admin user id
+    db.query(Script).filter(Script.user_id is None).update({"user_id": admin_user.id})
+    db.query(Subscription).filter(Subscription.user_id is None).update(
+        {"user_id": admin_user.id}
+    )
+    db.commit()
+
+    default_setting = (
+        db.query(Settings).filter(Settings.user_id == admin_user.id).first()
+    )
     if not default_setting:
         new_setting = Settings(
             requirements="",
             environment="",
-            user="default",
+            user_id=admin_user.id,
             ntfy_url="https://ntfy.abzk.fr",
         )
         db.add(new_setting)
         db.commit()
     db.close()
-
-
-ensure_default_setting()