qsethuk/tg_loader
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update user_id for bigint and update secure

Browse Source
This commit is contained in:
qsethuk
2025-12-04 16:11:38 +03:00
parent d67371dcee
commit e74ab668ce
3 changed files with 72 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
alembic/versions/44f93e0fb396_change_user_id_to_bigint.py Normal file
View File

@@ -0,0 +1,66 @@
"""change_user_id_to_bigint
Revision ID: 44f93e0fb396
Revises: 7ac28bbbc5ee
Create Date: 2025-12-04 01:38:07.580350
"""
from typing import Sequence, Union
from alembic import op
import sqlalchemy as sa
# revision identifiers, used by Alembic.
revision: str = '44f93e0fb396'
down_revision: Union[str, Sequence[str], None] = '7ac28bbbc5ee'
branch_labels: Union[str, Sequence[str], None] = None
depends_on: Union[str, Sequence[str], None] = None
def upgrade() -> None:
"""Upgrade schema."""
# Change user_id from Integer to BigInteger in all tables
# PostgreSQL allows direct type change from INTEGER to BIGINT
# First, change foreign keys in tasks table
op.alter_column('tasks', 'user_id',
existing_type=sa.Integer(),
type_=sa.BigInteger(),
existing_nullable=False)
# Change foreign key in otp_codes table
op.alter_column('otp_codes', 'user_id',
existing_type=sa.Integer(),
type_=sa.BigInteger(),
existing_nullable=False)
# Finally, change primary key in users table
op.alter_column('users', 'user_id',
existing_type=sa.Integer(),
type_=sa.BigInteger(),
existing_nullable=False)
def downgrade() -> None:
"""Downgrade schema."""
# Change user_id back from BigInteger to Integer
# Note: This may fail if there are values larger than INTEGER max value
# Change primary key in users table first
op.alter_column('users', 'user_id',
existing_type=sa.BigInteger(),
type_=sa.Integer(),
existing_nullable=False)
# Change foreign key in otp_codes table
op.alter_column('otp_codes', 'user_id',
existing_type=sa.BigInteger(),
type_=sa.Integer(),
existing_nullable=False)
# Change foreign key in tasks table
op.alter_column('tasks', 'user_id',
existing_type=sa.BigInteger(),
type_=sa.Integer(),
existing_nullable=False)

5
bot/modules/access_control/auth.py
View File

@@ -48,9 +48,10 @@ async def is_authorized(user_id: int) -> bool:
# If private mode is disabled # If private mode is disabled
# Check whitelist (if configured) # Check whitelist (if configured)
if settings.authorized_users_list: if settings.authorized_users_list:
return user_id in settings.authorized_users_list if user_id in settings.authorized_users_list:
return True
# If whitelist is not configured, check in database # Check in database (users added via /adduser should have access)
async with AsyncSessionLocal() as session: async with AsyncSessionLocal() as session:
user = await session.get(User, user_id) user = await session.get(User, user_id)
# If user exists in database and is not blocked - allow access # If user exists in database and is not blocked - allow access

6
shared/database/models.py
View File

@@ -13,7 +13,7 @@ class User(Base):
"""User model""" """User model"""
__tablename__ = "users" __tablename__ = "users"
user_id = Column(Integer, primary_key=True, unique=True, index=True) user_id = Column(BigInteger, primary_key=True, unique=True, index=True)
username = Column(String(255), nullable=True) username = Column(String(255), nullable=True)
first_name = Column(String(255), nullable=True) first_name = Column(String(255), nullable=True)
last_name = Column(String(255), nullable=True) last_name = Column(String(255), nullable=True)
@@ -34,7 +34,7 @@ class Task(Base):
__tablename__ = "tasks" __tablename__ = "tasks"
id = Column(BigInteger, primary_key=True, index=True) id = Column(BigInteger, primary_key=True, index=True)
user_id = Column(Integer, ForeignKey("users.user_id"), nullable=False, index=True) # Index for frequent queries user_id = Column(BigInteger, ForeignKey("users.user_id"), nullable=False, index=True) # Index for frequent queries
task_type = Column(String(50), nullable=False) # download, process, etc. task_type = Column(String(50), nullable=False) # download, process, etc.
status = Column(String(50), default="pending", index=True) # Index for status filtering status = Column(String(50), default="pending", index=True) # Index for status filtering
url = Column(Text, nullable=True) url = Column(Text, nullable=True)
@@ -77,7 +77,7 @@ class OTPCode(Base):
__tablename__ = "otp_codes" __tablename__ = "otp_codes"
id = Column(Integer, primary_key=True, index=True) id = Column(Integer, primary_key=True, index=True)
user_id = Column(Integer, ForeignKey("users.user_id"), nullable=False, index=True) user_id = Column(BigInteger, ForeignKey("users.user_id"), nullable=False, index=True)
code = Column(String(6), nullable=False, index=True) # 6-digit code code = Column(String(6), nullable=False, index=True) # 6-digit code
expires_at = Column(DateTime, nullable=False, index=True) expires_at = Column(DateTime, nullable=False, index=True)
used = Column(Boolean, default=False, index=True) used = Column(Boolean, default=False, index=True)