feat: add authentication for OSS (#167)

* feat: add authentication for OSS Fixes #157 and #156 * fix: fix token generation * fix: limit fastapi workers to 1
2026-06-07 07:55:16 +02:00 · 2026-02-20 18:21:24 +05:30 · 2026-02-20 18:21:24 +05:30 · 642cc34e8c
commit 642cc34e8c
parent 0791975864
48 changed files with 994 additions and 303 deletions
--- a/api/db/models.py
+++ b/api/db/models.py
@ -69,6 +69,8 @@ class UserModel(Base):
        back_populates="users",
    )
    is_superuser = Column(Boolean, default=False)
+    email = Column(String, unique=True, index=True, nullable=True)
+    password_hash = Column(String, nullable=True)


 class UserConfigurationModel(Base):
--- a/api/db/user_client.py
+++ b/api/db/user_client.py
@ -1,3 +1,4 @@
+import uuid
 from datetime import datetime, timezone

 from loguru import logger
@ -148,3 +149,35 @@ class UserClient(BaseDBClient):
                raise ValueError(f"User with ID {user_id} not found")

            await session.commit()
+
+    async def update_user_email(self, user_id: int, email: str) -> None:
+        """Update the user's email address."""
+        async with self.async_session() as session:
+            from sqlalchemy import update
+
+            stmt = update(UserModel).where(UserModel.id == user_id).values(email=email)
+            await session.execute(stmt)
+            await session.commit()
+
+    async def get_user_by_email(self, email: str) -> UserModel | None:
+        """Fetch a user by their email address."""
+        async with self.async_session() as session:
+            result = await session.execute(
+                select(UserModel).where(UserModel.email == email)
+            )
+            return result.scalars().first()
+
+    async def create_user_with_email(
+        self, email: str, password_hash: str, name: str | None = None
+    ) -> UserModel:
+        """Create a new user with email and password hash."""
+        async with self.async_session() as session:
+            user = UserModel(
+                provider_id=f"oss_{int(datetime.now(timezone.utc).timestamp())}_{uuid.uuid4()}",
+                email=email,
+                password_hash=password_hash,
+            )
+            session.add(user)
+            await session.commit()
+            await session.refresh(user)
+            return user