초기 커밋 - EV AS 관리 시스템

backend/routers/accounts.py

@@ -0,0 +1,77 @@
+from fastapi import APIRouter, Depends, HTTPException, Form
+from sqlalchemy.orm import Session
+from typing import Optional
+from database import get_db
+import models
+from auth import require_admin, hash_password, get_current_user
+
+router = APIRouter(prefix="/api/accounts", tags=["accounts"])
+
+@router.get("")
+def list_users(role: Optional[str] = None, db: Session = Depends(get_db), _=Depends(require_admin)):
+    q = db.query(models.User)
+    if role: q = q.filter(models.User.role == role)
+    return [{
+        "id": u.id, "username": u.username, "role": u.role,
+        "company": u.company, "name": u.name, "phone": u.phone,
+        "email": u.email, "is_active": u.is_active,
+        "created_at": u.created_at.isoformat(),
+    } for u in q.order_by(models.User.id).all()]
+
+@router.post("")
+def create_user(
+    username: str = Form(...), password: str = Form(...),
+    role: str = Form(...), name: str = Form(...),
+    company: str = Form(""), phone: str = Form(""), email: str = Form(""),
+    db: Session = Depends(get_db), _=Depends(require_admin)
+):
+    if db.query(models.User).filter_by(username=username).first():
+        raise HTTPException(400, "이미 존재하는 아이디입니다.")
+    u = models.User(
+        username=username, password_hash=hash_password(password),
+        role=role, name=name, company=company or None,
+        phone=phone or None, email=email or None
+    )
+    db.add(u); db.commit(); db.refresh(u)
+    return {"id": u.id, "username": u.username}
+
+@router.put("/{user_id}")
+def update_user(
+    user_id: int,
+    name: str = Form(...), company: str = Form(""),
+    phone: str = Form(""), email: str = Form(""),
+    is_active: bool = Form(True),
+    password: Optional[str] = Form(None),
+    db: Session = Depends(get_db), _=Depends(require_admin)
+):
+    u = db.query(models.User).filter_by(id=user_id).first()
+    if not u: raise HTTPException(404)
+    u.name = name; u.company = company or None
+    u.phone = phone or None; u.email = email or None
+    u.is_active = is_active
+    if password: u.password_hash = hash_password(password)
+    db.commit()
+    return {"ok": True}
+
+@router.delete("/{user_id}")
+def delete_user(user_id: int, db: Session = Depends(get_db),
+                current_user: models.User = Depends(require_admin)):
+    if user_id == current_user.id:
+        raise HTTPException(400, "자신의 계정은 삭제할 수 없습니다.")
+    u = db.query(models.User).filter_by(id=user_id).first()
+    if not u: raise HTTPException(404)
+    u.is_active = False; db.commit()
+    return {"ok": True}
+
+@router.patch("/me/password")
+def change_my_password(
+    current_password: str = Form(...), new_password: str = Form(...),
+    db: Session = Depends(get_db),
+    current_user: models.User = Depends(get_current_user)
+):
+    from auth import verify_password
+    if not verify_password(current_password, current_user.password_hash):
+        raise HTTPException(400, "현재 비밀번호가 올바르지 않습니다.")
+    current_user.password_hash = hash_password(new_password)
+    db.commit()
+    return {"ok": True}