Создание чата4

backend/app/api/endpoints/admin.py

@@ -1,11 +1,14 @@
 """Admin router"""
-from fastapi import APIRouter, Depends, HTTPException
+from fastapi import APIRouter, Depends, HTTPException, status
 from sqlalchemy.orm import Session
 from typing import List
-from ..database import get_db
-from ..crud import requests, statistics
-from ..schemas.request import Request
-from ..utils.auth import get_current_admin
+from datetime import datetime, timedelta
+from app.database import get_db
+from app.models.user import User
+from app.models.request import Request
+from app.core.auth import get_current_user
+from app.schemas.request import RequestCreate, Request as RequestSchema
+from app.schemas.user import User as UserSchema
 
 router = APIRouter()
 

backend/app/api/endpoints/auth.py

@@ -1,59 +1,37 @@
 """Authentication router"""
+from datetime import timedelta
 from fastapi import APIRouter, Depends, HTTPException, status
-from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
+from fastapi.security import OAuth2PasswordRequestForm
 from sqlalchemy.orm import Session
-from typing import Optional
 
-from ..database import get_db
-from ..crud import employees
-from ..schemas.auth import Token
-from ..utils.auth import verify_password
-from ..utils.jwt import create_and_save_token
+from app.core.auth import create_access_token, get_current_user, verify_password, ACCESS_TOKEN_EXPIRE_MINUTES
+from app.database import get_db
+from app.models.user import User
+from app.schemas.token import Token
+from app.schemas.user import User as UserSchema
 
 router = APIRouter()
-oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/auth/login")
 
-@router.post("/login", response_model=Token)
-async def login_for_access_token(
+@router.post("/token", response_model=Token)
+def login_for_access_token(
     form_data: OAuth2PasswordRequestForm = Depends(),
     db: Session = Depends(get_db)
 ):
-    # Проверяем учетные данные сотрудника
-    employee = employees.get_employee_by_last_name(db, form_data.username)
-    if not employee or not verify_password(form_data.password, employee.hashed_password):
+    user = db.query(User).filter(User.email == form_data.username).first()
+    if not user or not verify_password(form_data.password, user.hashed_password):
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
             detail="Incorrect username or password",
             headers={"WWW-Authenticate": "Bearer"},
         )
     
-    # Создаем и сохраняем токен
-    access_token = create_and_save_token(employee.id, db)
-    
-    return {
-        "access_token": access_token,
-        "token_type": "bearer"
-    }
+    access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
+    access_token = create_access_token(
+        data={"sub": user.email}, expires_delta=access_token_expires
+    )
+    return {"access_token": access_token, "token_type": "bearer"}
 
-@router.post("/admin/login", response_model=Token)
-async def admin_login(
-    form_data: OAuth2PasswordRequestForm = Depends(),
-    db: Session = Depends(get_db)
-):
-    # Проверяем учетные данные администратора
-    if form_data.username != "admin" or form_data.password != "admin123":
-        raise HTTPException(
-            status_code=status.HTTP_401_UNAUTHORIZED,
-            detail="Incorrect username or password",
-            headers={"WWW-Authenticate": "Bearer"},
-        )
-    
-    # Для админа используем специальный ID
-    admin_id = -1
-    access_token = create_and_save_token(admin_id, db)
-    
-    return {
-        "access_token": access_token,
-        "token_type": "bearer"
-    }
+@router.get("/me", response_model=UserSchema)
+def read_users_me(current_user: User = Depends(get_current_user)):
+    return current_user
 

backend/app/api/endpoints/employees.py

@@ -2,116 +2,51 @@
 from fastapi import APIRouter, Depends, HTTPException, status
 from sqlalchemy.orm import Session
 from typing import List
-import logging
-from ..database import get_db
-from ..crud import employees
-from ..schemas.employee import Employee, EmployeeCreate, EmployeeUpdate
-from ..utils.auth import get_current_admin, get_password_hash
 
-# Настройка логирования
-logger = logging.getLogger(__name__)
+from app.core.auth import get_current_user, get_password_hash
+from app.database import get_db
+from app.models.user import User
+from app.schemas.user import UserCreate, User as UserSchema
 
-router = APIRouter(tags=["employees"])
+router = APIRouter()
 
-@router.post("", response_model=Employee, status_code=status.HTTP_201_CREATED)
-async def create_employee(
-    employee: EmployeeCreate,
-    db: Session = Depends(get_db),
-    _: dict = Depends(get_current_admin)
+@router.post("/", response_model=UserSchema)
+def create_employee(
+    user: UserCreate,
+    db: Session = Depends(get_db)
 ):
-    """Create new employee"""
-    try:
-        logger.info(f"Creating employee: {employee}")
-        hashed_password = get_password_hash(employee.password)
-        return employees.create_employee(db, employee, hashed_password)
-    except Exception as e:
-        logger.error(f"Error creating employee: {e}")
+    # Проверяем, не существует ли уже пользователь с таким email
+    db_user = db.query(User).filter(User.email == user.email).first()
+    if db_user:
         raise HTTPException(
-            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
-            detail="Error creating employee"
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Email already registered"
         )
+    
+    # Создаем нового пользователя
+    hashed_password = get_password_hash(user.password)
+    db_user = User(
+        email=user.email,
+        full_name=user.full_name,
+        hashed_password=hashed_password,
+        is_admin=False
+    )
+    db.add(db_user)
+    db.commit()
+    db.refresh(db_user)
+    return db_user
 
-@router.get("", response_model=List[Employee])
-async def get_employees(
+@router.get("/", response_model=List[UserSchema])
+def read_employees(
     skip: int = 0,
     limit: int = 100,
-    db: Session = Depends(get_db),
-    _: dict = Depends(get_current_admin)
+    current_user: User = Depends(get_current_user),
+    db: Session = Depends(get_db)
 ):
-    """Get all employees"""
-    try:
-        logger.info("Getting all employees")
-        return employees.get_employees(db, skip=skip, limit=limit)
-    except Exception as e:
-        logger.error(f"Error getting employees: {e}")
+    if not current_user.is_admin:
         raise HTTPException(
-            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
-            detail="Error getting employees"
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Not enough permissions"
         )
-
-@router.get("/{employee_id}", response_model=Employee)
-async def get_employee(
-    employee_id: int,
-    db: Session = Depends(get_db),
-    _: dict = Depends(get_current_admin)
-):
-    """Get employee by ID"""
-    try:
-        logger.info(f"Getting employee by ID: {employee_id}")
-        db_employee = employees.get_employee(db, employee_id)
-        if db_employee is None:
-            raise HTTPException(status_code=404, detail="Employee not found")
-        return db_employee
-    except HTTPException:
-        raise
-    except Exception as e:
-        logger.error(f"Error getting employee: {e}")
-        raise HTTPException(
-            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
-            detail="Error getting employee"
-        )
-
-@router.put("/{employee_id}", response_model=Employee)
-async def update_employee(
-    employee_id: int,
-    employee: EmployeeUpdate,
-    db: Session = Depends(get_db),
-    _: dict = Depends(get_current_admin)
-):
-    """Update employee data"""
-    try:
-        logger.info(f"Updating employee {employee_id}: {employee}")
-        db_employee = employees.update_employee(db, employee_id, employee)
-        if db_employee is None:
-            raise HTTPException(status_code=404, detail="Employee not found")
-        return db_employee
-    except HTTPException:
-        raise
-    except Exception as e:
-        logger.error(f"Error updating employee: {e}")
-        raise HTTPException(
-            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
-            detail="Error updating employee"
-        )
-
-@router.delete("/{employee_id}", response_model=Employee)
-async def delete_employee(
-    employee_id: int,
-    db: Session = Depends(get_db),
-    _: dict = Depends(get_current_admin)
-):
-    """Delete employee"""
-    try:
-        logger.info(f"Deleting employee: {employee_id}")
-        db_employee = employees.delete_employee(db, employee_id)
-        if db_employee is None:
-            raise HTTPException(status_code=404, detail="Employee not found")
-        return db_employee
-    except HTTPException:
-        raise
-    except Exception as e:
-        logger.error(f"Error deleting employee: {e}")
-        raise HTTPException(
-            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
-            detail="Error deleting employee"
-        )
+    users = db.query(User).filter(User.is_admin == False).offset(skip).limit(limit).all()
+    return users

backend/app/api/endpoints/requests.py

@@ -1,71 +1,105 @@
 """Requests router"""
-from fastapi import APIRouter, Depends, HTTPException, Query
+from fastapi import APIRouter, Depends, HTTPException, status
 from sqlalchemy.orm import Session
-from typing import List, Optional
-from ..database import get_db
-from ..crud import requests
-from ..schemas.request import Request, RequestCreate, RequestUpdate
-from ..models.request import RequestStatus
-from ..utils.auth import get_current_employee, get_current_admin
-from ..utils.telegram import notify_new_request
+from typing import List
+
+from app.core.auth import get_current_user
+from app.database import get_db
+from app.models.user import User
+from app.models.request import Request
+from app.schemas.request import RequestCreate, Request as RequestSchema
 
 router = APIRouter()
 
-@router.post("/", response_model=Request)
-async def create_request(
+@router.post("/", response_model=RequestSchema)
+def create_request(
     request: RequestCreate,
-    db: Session = Depends(get_db),
-    current_employee: dict = Depends(get_current_employee)
+    current_user: User = Depends(get_current_user),
+    db: Session = Depends(get_db)
 ):
     """Create new request"""
-    db_request = requests.create_request(db, request, current_employee["id"])
-    # Отправляем уведомление в Telegram
-    await notify_new_request(db_request.id)
+    db_request = Request(
+        **request.dict(),
+        employee_id=current_user.id,
+        status="new"
+    )
+    db.add(db_request)
+    db.commit()
+    db.refresh(db_request)
     return db_request
 
-@router.get("/my", response_model=List[Request])
-def get_employee_requests(
-    db: Session = Depends(get_db),
-    current_employee: dict = Depends(get_current_employee)
-):
-    """Get current employee's requests"""
-    return requests.get_employee_requests(db, current_employee["id"])
-
-@router.get("/admin", response_model=List[Request])
-def get_all_requests(
-    status: Optional[RequestStatus] = Query(None),
+@router.get("/", response_model=List[RequestSchema])
+def read_requests(
     skip: int = 0,
     limit: int = 100,
-    db: Session = Depends(get_db),
-    _: dict = Depends(get_current_admin)
+    current_user: User = Depends(get_current_user),
+    db: Session = Depends(get_db)
 ):
     """Get all requests (admin only)"""
-    return requests.get_requests(db, status=status, skip=skip, limit=limit)
+    if current_user.is_admin:
+        requests = db.query(Request).offset(skip).limit(limit).all()
+    else:
+        requests = db.query(Request).filter(
+            Request.employee_id == current_user.id
+        ).offset(skip).limit(limit).all()
+    return requests
 
-@router.patch("/{request_id}/status", response_model=Request)
-def update_request_status(
+@router.get("/{request_id}", response_model=RequestSchema)
+def read_request(
     request_id: int,
-    request_update: RequestUpdate,
-    db: Session = Depends(get_db),
-    _: dict = Depends(get_current_admin)
+    current_user: User = Depends(get_current_user),
+    db: Session = Depends(get_db)
 ):
-    """Update request status (admin only)"""
-    db_request = requests.update_request_status(db, request_id, request_update.status)
-    if db_request is None:
+    """Get a specific request"""
+    request = db.query(Request).filter(Request.id == request_id).first()
+    if not request:
         raise HTTPException(status_code=404, detail="Request not found")
+    
+    # Проверяем права доступа
+    if not current_user.is_admin and request.employee_id != current_user.id:
+        raise HTTPException(status_code=403, detail="Not enough permissions")
+    
+    return request
+
+@router.put("/{request_id}", response_model=RequestSchema)
+def update_request(
+    request_id: int,
+    request_update: RequestCreate,
+    current_user: User = Depends(get_current_user),
+    db: Session = Depends(get_db)
+):
+    """Update a request"""
+    db_request = db.query(Request).filter(Request.id == request_id).first()
+    if not db_request:
+        raise HTTPException(status_code=404, detail="Request not found")
+    
+    # Проверяем права доступа
+    if not current_user.is_admin and db_request.employee_id != current_user.id:
+        raise HTTPException(status_code=403, detail="Not enough permissions")
+    
+    # Обновляем заявку
+    for key, value in request_update.dict().items():
+        setattr(db_request, key, value)
+    
+    db.commit()
+    db.refresh(db_request)
     return db_request
 
-@router.get("/statistics")
-def get_request_statistics(
-    db: Session = Depends(get_db),
-    _: dict = Depends(get_current_admin)
+@router.delete("/{request_id}", response_model=RequestSchema)
+def delete_request(
+    request_id: int,
+    current_user: User = Depends(get_current_user),
+    db: Session = Depends(get_db)
 ):
-    """Get request statistics (admin only)"""
-    stats = requests.get_statistics(db)
-    return {
-        "total": stats["total"],
-        "by_status": {
-            status: count
-            for status, count in stats["by_status"].items()
-        }
-    }
+    """Delete a request"""
+    db_request = db.query(Request).filter(Request.id == request_id).first()
+    if not db_request:
+        raise HTTPException(status_code=404, detail="Request not found")
+    
+    # Только админ может удалять заявки
+    if not current_user.is_admin:
+        raise HTTPException(status_code=403, detail="Not enough permissions")
+    
+    db.delete(db_request)
+    db.commit()
+    return db_request

backend/app/api/endpoints/statistics.py

@@ -1,16 +1,56 @@
 """Statistics router"""
-from fastapi import APIRouter, Depends
+from fastapi import APIRouter, Depends, HTTPException, status
 from sqlalchemy.orm import Session
-from ..database import get_db
-from ..crud import statistics
-from ..utils.auth import get_current_admin
+from sqlalchemy import func
+from datetime import datetime, timedelta
+
+from app.core.auth import get_current_user
+from app.database import get_db
+from app.models.user import User
+from app.models.request import Request
 
 router = APIRouter()
 
 @router.get("/")
 def get_statistics(
-    db: Session = Depends(get_db),
-    _: dict = Depends(get_current_admin)
+    current_user: User = Depends(get_current_user),
+    db: Session = Depends(get_db)
 ):
-    """Get system statistics"""
-    return statistics.get_request_statistics(db) 
+    if not current_user.is_admin:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Not enough permissions"
+        )
+
+    # Общая статистика
+    total_requests = db.query(func.count(Request.id)).scalar()
+    total_users = db.query(func.count(User.id)).filter(User.is_admin == False).scalar()
+
+    # Статистика по статусам
+    status_stats = db.query(
+        Request.status,
+        func.count(Request.id)
+    ).group_by(Request.status).all()
+
+    # Статистика за последние 7 дней
+    week_ago = datetime.utcnow() - timedelta(days=7)
+    daily_stats = db.query(
+        func.date(Request.created_at),
+        func.count(Request.id)
+    ).filter(
+        Request.created_at >= week_ago
+    ).group_by(
+        func.date(Request.created_at)
+    ).all()
+
+    return {
+        "total_requests": total_requests,
+        "total_users": total_users,
+        "status_stats": {
+            status: count for status, count in status_stats
+        },
+        "daily_stats": {
+            date.strftime("%Y-%m-%d"): count
+            for date, count in daily_stats
+        }
+    } 

backend/app/schemas/chat.py

@@ -1,7 +1,7 @@
 from pydantic import BaseModel
 from datetime import datetime
 from typing import List, Optional
-from models.user import User
+from app.models.user import User
 
 class ChatFileBase(BaseModel):
     file_name: str