feat: invite code

2025-03-05 19:34:16 +03:00
parent 6c2698679d
commit 3d9a3cef73
5 changed files with 17 additions and 12 deletions
--- a/services/auth.py
+++ b/services/auth.py
@@ -38,6 +38,8 @@ async def get_current_user(
        user = await session.get(User, user_id)
        if not user:
            raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail='Invalid credentials')
+        if user.is_deleted or user.is_blocked:
+            raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail='Пользователь заблокирован или удален')
        return user
    except JWTError as e:
        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail='Invalid token')
@@ -82,15 +84,12 @@ class AuthService(BaseService):
            delta = datetime.now() - invite_code.created_at
            if delta.seconds >= constants.INVITE_CODE_EXPIRY:
                raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail='Код приглашения устарел')
-            user = User(
-                telegram_id=request.id,
-                is_admin=False,
-                role_key=UserRole.user
-            )
-            self.session.add(user)
+            user = await self.session.get(User, invite_code.user_id)
+            if not user:
+                raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail='Пользователь не найден')
+            user.telegram_id = request.id
            await self.session.flush()
            invite_code.is_activated = True
-            invite_code.activated_by_id = user.id
            await self.session.commit()
        if not user:
            raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail='Пользователь не найден')