member/member-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(identity): rename authentik_sub to user_sub and authentik_user_id to idp_user_id

Browse Source
This commit is contained in:
Chris
2026-03-31 22:32:48 +08:00
parent ed5679948b
commit 4060ebff70
22 changed files with 208 additions and 165 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
app/services/authentik_admin_service.py
View File

@@ -14,7 +14,7 @@ from app.core.config import Settings
class AuthentikSyncResult:
user_id: int
action: str
authentik_sub: str | None = None
user_sub: str | None = None
@dataclass
@@ -108,7 +108,7 @@ class AuthentikAdminService:
username: str | None,
display_name: str | None,
is_active: bool = True,
authentik_user_id: int | None = None,
idp_user_id: int | None = None,
) -> AuthentikSyncResult:
resolved_username = username or self._safe_username(sub=sub, email=email)
payload = {
@@ -120,8 +120,8 @@ class AuthentikAdminService:
with self._client() as client:
existing = None
if authentik_user_id is not None:
existing = self._lookup_user_by_id(client, authentik_user_id)
if idp_user_id is not None:
existing = self._lookup_user_by_id(client, idp_user_id)
if existing is None:
existing = self._lookup_user_by_email_or_username(client, email=email, username=resolved_username)
@@ -130,7 +130,7 @@ class AuthentikAdminService:
patch_resp = client.patch(f"/api/v3/core/users/{user_pk}/", json=payload)
if patch_resp.status_code >= 400:
raise HTTPException(status_code=502, detail="authentik_update_failed")
return AuthentikSyncResult(user_id=user_pk, action="updated", authentik_sub=existing.get("uid"))
return AuthentikSyncResult(user_id=user_pk, action="updated", user_sub=existing.get("uid"))
create_resp = client.post("/api/v3/core/users/", json=payload)
if create_resp.status_code >= 400:
@@ -139,20 +139,20 @@ class AuthentikAdminService:
return AuthentikSyncResult(
user_id=int(created["pk"]),
action="created",
authentik_sub=created.get("uid"),
user_sub=created.get("uid"),
)
def reset_password(
self,
*,
authentik_user_id: int | None,
idp_user_id: int | None,
email: str | None,
username: str | None,
) -> AuthentikPasswordResetResult:
with self._client() as client:
existing = None
if authentik_user_id is not None:
existing = self._lookup_user_by_id(client, authentik_user_id)
if idp_user_id is not None:
existing = self._lookup_user_by_id(client, idp_user_id)
if existing is None:
existing = self._lookup_user_by_email_or_username(client, email=email, username=username)
if not existing or existing.get("pk") is None:
@@ -169,14 +169,14 @@ class AuthentikAdminService:
def delete_user(
self,
*,
authentik_user_id: int | None,
idp_user_id: int | None,
email: str | None,
username: str | None,
) -> AuthentikDeleteResult:
with self._client() as client:
existing = None
if authentik_user_id is not None:
existing = self._lookup_user_by_id(client, authentik_user_id)
if idp_user_id is not None:
existing = self._lookup_user_by_id(client, idp_user_id)
if existing is None:
existing = self._lookup_user_by_email_or_username(client, email=email, username=username)
if not existing or existing.get("pk") is None:

4
app/services/permission_service.py
View File

@@ -3,9 +3,9 @@ from app.schemas.permissions import PermissionItem, PermissionSnapshotResponse
class PermissionService:
@staticmethod
def build_snapshot(authentik_sub: str, permissions: list[tuple[str, str, str | None, str, str]]) -> PermissionSnapshotResponse:
def build_snapshot(user_sub: str, permissions: list[tuple[str, str, str | None, str, str]]) -> PermissionSnapshotResponse:
return PermissionSnapshotResponse(
authentik_sub=authentik_sub,
user_sub=user_sub,
permissions=[
PermissionItem(scope_type=s_type, scope_id=s_id, system=system, module=module, action=action)
for s_type, s_id, system, module, action in permissions