From 022149c23786092b4aedda6aaa1ed2e50eb6219c Mon Sep 17 00:00:00 2001 From: Fanilo-Nantenaina Date: Tue, 20 Jan 2026 13:46:27 +0300 Subject: [PATCH 1/2] refactor(api): replace get_sage_client_for_user with get_current_user for dependency injection --- api.py | 174 ++++++++++++++++++------------------- scripts/manage_security.py | 22 +++-- 2 files changed, 97 insertions(+), 99 deletions(-) diff --git a/api.py b/api.py index 0196fa7..7fe1356 100644 --- a/api.py +++ b/api.py @@ -210,7 +210,7 @@ app.include_router(entreprises_router) async def obtenir_clients( query: Optional[str] = Query(None), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: clients = sage.lister_clients(filtre=query or "") @@ -224,7 +224,7 @@ async def obtenir_clients( async def lire_client_detail( code: str, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: client = sage.lire_client(code) @@ -247,7 +247,7 @@ async def modifier_client( client_update: ClientUpdate, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: resultat = sage.modifier_client(code, client_update.dict(exclude_none=True)) @@ -273,7 +273,7 @@ async def ajouter_client( client: ClientCreate, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: nouveau_client = sage.creer_client(client.model_dump(mode="json")) @@ -298,7 +298,7 @@ async def ajouter_client( async def rechercher_articles( query: Optional[str] = Query(None), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: articles = sage.lister_articles(filtre=query or "") @@ -317,7 +317,7 @@ async def rechercher_articles( async def creer_article( article: ArticleCreate, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: if not article.reference or not article.designation: @@ -358,7 +358,7 @@ async def modifier_article( reference: str = Path(..., description="Référence de l'article à modifier"), article: ArticleUpdate = Body(...), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: article_data = article.dict(exclude_unset=True) @@ -402,7 +402,7 @@ async def modifier_article( async def lire_article( reference: str = Path(..., description="Référence de l'article"), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: article = sage.lire_article(reference) @@ -432,7 +432,7 @@ async def lire_article( async def creer_devis( devis: DevisRequest, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: devis_data = { @@ -472,7 +472,7 @@ async def modifier_devis( devis_update: DevisUpdate, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: update_data = {} @@ -518,7 +518,7 @@ async def creer_commande( commande: CommandeCreate, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: commande_data = { @@ -568,7 +568,7 @@ async def modifier_commande( commande_update: CommandeUpdate, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: update_data = {} @@ -617,7 +617,7 @@ async def lister_devis( True, description="Inclure les lignes de chaque devis" ), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: devis_list = sage.lister_devis( @@ -634,7 +634,7 @@ async def lister_devis( async def lire_devis( id: str, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: devis = sage.lire_devis(id) @@ -655,7 +655,7 @@ async def lire_devis( async def telecharger_devis_pdf( id: str, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: pdf_bytes = email_queue._generate_pdf(id, TypeDocument.DEVIS) @@ -678,7 +678,7 @@ async def telecharger_document_pdf( ), numero: str = Path(..., description="Numéro du document"), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: types_labels = { @@ -735,7 +735,7 @@ async def envoyer_devis_email( request: EmailEnvoi, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: tous_destinataires = [request.destinataire] + request.cc + request.cci @@ -791,7 +791,7 @@ async def changer_statut_document( ..., ge=0, le=6, description="0=Saisi, 1=Confirmé, 2=Accepté" ), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): document_type_sql = None document_type_code = None @@ -908,7 +908,7 @@ async def changer_statut_document( async def lire_commande( id: str, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: commande = sage.lire_document(id, TypeDocumentSQL.BON_COMMANDE) @@ -927,7 +927,7 @@ async def lister_commandes( limit: int = Query(100, le=1000), statut: Optional[int] = Query(None), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: commandes = sage.lister_commandes(limit=limit, statut=statut) @@ -943,7 +943,7 @@ async def devis_vers_commande( id: str, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: resultat = sage.transformer_document( @@ -988,7 +988,7 @@ async def commande_vers_facture( id: str, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: resultat = sage.transformer_document( @@ -1090,7 +1090,7 @@ async def valider_remise( client_id: str = Query(..., min_length=1), remise_pourcentage: float = Query(0.0, ge=0, le=100), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: remise_max = sage.lire_remise_max_client(client_id) @@ -1124,7 +1124,7 @@ async def relancer_devis_signature( relance: RelanceDevis, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: devis = sage.lire_devis(id) @@ -1191,7 +1191,7 @@ class ContactClientResponse(BaseModel): async def recuperer_contact_devis( id: str, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: devis = sage.lire_devis(id) @@ -1219,7 +1219,7 @@ async def lister_factures( limit: int = Query(100, le=1000), statut: Optional[int] = Query(None), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: factures = sage.lister_factures(limit=limit, statut=statut) @@ -1234,7 +1234,7 @@ async def lister_factures( async def lire_facture_detail( numero: str, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: facture = sage.lire_document(numero, TypeDocumentSQL.FACTURE) @@ -1261,7 +1261,7 @@ async def creer_facture( facture: FactureCreate, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: facture_data = { @@ -1311,7 +1311,7 @@ async def modifier_facture( facture_update: FactureUpdate, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: update_data = {} @@ -1381,7 +1381,7 @@ async def relancer_facture( relance: RelanceFacture, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: facture = sage.lire_document(id, TypeDocumentSQL.FACTURE) @@ -1452,7 +1452,7 @@ async def journal_emails( limit: int = Query(100, le=1000), session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): query = select(EmailLog) @@ -1488,7 +1488,7 @@ async def exporter_logs_csv( statut: Optional[StatutEmail] = Query(None), session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): query = select(EmailLog) if statut: @@ -1645,7 +1645,7 @@ async def supprimer_template( async def previsualiser_email( preview: TemplatePreview, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): if preview.template_id not in templates_email_db: raise HTTPException(404, f"Template {preview.template_id} introuvable") @@ -1684,7 +1684,7 @@ async def previsualiser_email( async def rechercher_prospects( query: Optional[str] = Query(None), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: prospects = sage.lister_prospects(filtre=query or "") @@ -1698,7 +1698,7 @@ async def rechercher_prospects( async def lire_prospect( code: str, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: prospect = sage.lire_prospect(code) @@ -1718,7 +1718,7 @@ async def lire_prospect( async def rechercher_fournisseurs( query: Optional[str] = Query(None), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: fournisseurs = sage.lister_fournisseurs(filtre=query or "") @@ -1740,7 +1740,7 @@ async def ajouter_fournisseur( fournisseur: FournisseurCreate, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: nouveau_fournisseur = sage.creer_fournisseur(fournisseur.dict()) @@ -1770,7 +1770,7 @@ async def modifier_fournisseur( fournisseur_update: FournisseurUpdate, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: resultat = sage.modifier_fournisseur( @@ -1793,7 +1793,7 @@ async def modifier_fournisseur( async def lire_fournisseur( code: str, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: fournisseur = sage.lire_fournisseur(code) @@ -1812,7 +1812,7 @@ async def lister_avoirs( limit: int = Query(100, le=1000), statut: Optional[int] = Query(None), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: avoirs = sage.lister_avoirs(limit=limit, statut=statut) @@ -1826,7 +1826,7 @@ async def lister_avoirs( async def lire_avoir( numero: str, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: avoir = sage.lire_document(numero, TypeDocumentSQL.BON_AVOIR) @@ -1845,7 +1845,7 @@ async def creer_avoir( avoir: AvoirCreate, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: avoir_data = { @@ -1893,7 +1893,7 @@ async def modifier_avoir( avoir_update: AvoirUpdate, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: update_data = {} @@ -1939,7 +1939,7 @@ async def lister_livraisons( limit: int = Query(100, le=1000), statut: Optional[int] = Query(None), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: livraisons = sage.lister_livraisons(limit=limit, statut=statut) @@ -1953,7 +1953,7 @@ async def lister_livraisons( async def lire_livraison( numero: str, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: livraison = sage.lire_document(numero, TypeDocumentSQL.BON_LIVRAISON) @@ -1972,7 +1972,7 @@ async def creer_livraison( livraison: LivraisonCreate, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: livraison_data = { @@ -2026,7 +2026,7 @@ async def modifier_livraison( livraison_update: LivraisonUpdate, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: update_data = {} @@ -2072,7 +2072,7 @@ async def livraison_vers_facture( id: str, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: resultat = sage.transformer_document( @@ -2116,7 +2116,7 @@ async def devis_vers_facture_direct( id: str, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: devis_existant = sage.lire_devis(id) @@ -2177,7 +2177,7 @@ async def commande_vers_livraison( id: str, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: commande_existante = sage.lire_document(id, TypeDocumentSQL.BON_COMMANDE) @@ -2249,7 +2249,7 @@ async def commande_vers_livraison( async def lister_familles( filtre: Optional[str] = Query(None, description="Filtre sur code ou intitulé"), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: familles = sage.lister_familles(filtre or "") @@ -2275,7 +2275,7 @@ async def lister_familles( async def lire_famille( code: str = Path(..., description="Code de la famille (ex: ZDIVERS)"), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: famille = sage.lire_famille(code) @@ -2311,7 +2311,7 @@ async def lire_famille( async def creer_famille( famille: FamilleCreate, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: if not famille.code or not famille.intitule: @@ -2355,7 +2355,7 @@ async def creer_famille( async def creer_entree_stock( entree: EntreeStock, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: entree_data = entree.dict() @@ -2392,7 +2392,7 @@ async def creer_entree_stock( async def creer_sortie_stock( sortie: SortieStock, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: sortie_data = sortie.dict() @@ -2428,7 +2428,7 @@ async def creer_sortie_stock( async def lire_mouvement_stock( numero: str = Path(..., description="Numéro du mouvement (ex: ME00123 ou MS00124)"), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: mouvement = sage.lire_mouvement_stock(numero) @@ -2461,7 +2461,7 @@ async def lire_mouvement_stock( ) async def statistiques_familles( user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: stats = sage.get_stats_familles() @@ -2570,7 +2570,7 @@ async def creer_contact( numero: str, contact: ContactCreate, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: try: @@ -2603,7 +2603,7 @@ async def creer_contact( async def lister_contacts( numero: str, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: contacts = sage.lister_contacts(numero) @@ -2622,7 +2622,7 @@ async def obtenir_contact( numero: str, contact_numero: int, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: contact = sage.obtenir_contact(numero, contact_numero) @@ -2648,7 +2648,7 @@ async def modifier_contact( contact_numero: int, contact: ContactUpdate, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: contact_existant = sage.obtenir_contact(numero, contact_numero) @@ -2680,7 +2680,7 @@ async def supprimer_contact( numero: str, contact_numero: int, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: sage.supprimer_contact(numero, contact_numero) @@ -2695,7 +2695,7 @@ async def definir_contact_defaut( numero: str, contact_numero: int, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: resultat = sage.definir_contact_defaut(numero, contact_numero) @@ -2717,7 +2717,7 @@ async def obtenir_tiers( ), query: Optional[str] = Query(None, description="Recherche sur code ou intitulé"), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: type_normalise = normaliser_type_tiers(type_tiers) @@ -2732,7 +2732,7 @@ async def obtenir_tiers( async def lire_tiers_detail( code: str, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: tiers = sage.lire_tiers(code) @@ -2770,7 +2770,7 @@ async def lister_collaborateurs( True, description="Exclure les collaborateurs en sommeil" ), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): """Liste tous les collaborateurs""" try: @@ -2789,7 +2789,7 @@ async def lister_collaborateurs( async def lire_collaborateur_detail( numero: int, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): """Lit un collaborateur par son numéro""" try: @@ -2816,7 +2816,7 @@ async def lire_collaborateur_detail( async def creer_collaborateur( collaborateur: CollaborateurCreate, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): """Crée un nouveau collaborateur""" try: @@ -2843,7 +2843,7 @@ async def modifier_collaborateur( numero: int, collaborateur: CollaborateurUpdate, user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): """Modifie un collaborateur existant""" try: @@ -2866,7 +2866,7 @@ async def modifier_collaborateur( @app.get("/societe/info", response_model=SocieteInfo, tags=["Société"]) async def obtenir_informations_societe( user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: societe = sage.lire_informations_societe() @@ -2886,7 +2886,7 @@ async def obtenir_informations_societe( @app.get("/societe/logo", tags=["Société"]) async def obtenir_logo_societe( user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): """Retourne le logo en tant qu'image directe""" try: @@ -2911,7 +2911,7 @@ async def obtenir_logo_societe( @app.get("/societe/preview", response_class=HTMLResponse, tags=["Société"]) async def preview_societe( user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): """Page HTML pour visualiser les infos société avec logo""" try: @@ -2985,7 +2985,7 @@ async def valider_facture( numero_facture: str, _: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: resultat = sage.valider_facture(numero_facture) @@ -3009,7 +3009,7 @@ async def devalider_facture( numero_facture: str, _: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: resultat = sage.devalider_facture(numero_facture) @@ -3033,7 +3033,7 @@ async def get_statut_validation_facture( numero_facture: str, _: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: resultat = sage.get_statut_validation(numero_facture) @@ -3054,7 +3054,7 @@ async def regler_facture( reglement: ReglementFactureCreate, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: resultat = sage.regler_facture( @@ -3098,7 +3098,7 @@ async def regler_factures_multiple( reglement: ReglementMultipleCreate, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: resultat = sage.regler_factures_client( @@ -3137,7 +3137,7 @@ async def get_reglements_facture( numero_facture: str, session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: resultat = sage.get_reglements_facture(numero_facture) @@ -3162,7 +3162,7 @@ async def get_reglements_client( inclure_soldees: bool = Query(True, description="Inclure les factures soldées"), session: AsyncSession = Depends(get_session), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: resultat = sage.get_reglements_client( @@ -3187,7 +3187,7 @@ async def get_reglements_client( @app.get("/journaux/banque", tags=["Règlements"]) async def get_journaux_banque( user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): try: resultat = sage.get_journaux_banque() @@ -3200,7 +3200,7 @@ async def get_journaux_banque( @app.get("/reglements/modes", tags=["Référentiels"]) async def get_modes_reglement( user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): """Liste des modes de règlement disponibles dans Sage""" try: @@ -3214,7 +3214,7 @@ async def get_modes_reglement( @app.get("/devises", tags=["Référentiels"]) async def get_devises( user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): """Liste des devises disponibles dans Sage""" try: @@ -3228,7 +3228,7 @@ async def get_devises( @app.get("/journaux/tresorerie", tags=["Référentiels"]) async def get_journaux_tresorerie( user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): """Liste des journaux de trésorerie (banque + caisse)""" try: @@ -3247,7 +3247,7 @@ async def get_comptes_generaux( description="client | fournisseur | banque | caisse | tva | produit | charge", ), user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): """Liste des comptes généraux""" try: @@ -3261,7 +3261,7 @@ async def get_comptes_generaux( @app.get("/tva/taux", tags=["Référentiels"]) async def get_tva_taux( user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): """Liste des taux de TVA""" try: @@ -3275,7 +3275,7 @@ async def get_tva_taux( @app.get("/parametres/encaissement", tags=["Référentiels"]) async def get_parametres_encaissement( user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): """Paramètres TVA sur encaissement""" try: @@ -3322,7 +3322,7 @@ async def get_reglement_detail(rg_no): @app.get("/health", tags=["System"]) async def health_check( user: User = Depends(get_current_user), - sage: SageGatewayClient = Depends(get_sage_client_for_user), + sage: SageGatewayClient = Depends(get_current_user), ): gateway_health = sage.health() diff --git a/scripts/manage_security.py b/scripts/manage_security.py index b1c14de..066e92c 100644 --- a/scripts/manage_security.py +++ b/scripts/manage_security.py @@ -1,25 +1,23 @@ import asyncio import sys -import os from pathlib import Path - -current_dir = Path(__file__).resolve().parent -parent_dir = current_dir.parent -sys.path.insert(0, str(parent_dir)) +from database import get_session +from database.models.api_key import SwaggerUser, ApiKey +from services.api_key import ApiKeyService +from security.auth import hash_password +from sqlalchemy import select import argparse from datetime import datetime import logging +current_dir = Path(__file__).resolve().parent +parent_dir = current_dir.parent +sys.path.insert(0, str(parent_dir)) + logging.basicConfig(level=logging.INFO, format="%(levelname)s - %(message)s") logger = logging.getLogger(__name__) -from database import get_session -from database.models.api_key import SwaggerUser, ApiKey -from services.api_key import ApiKeyService -from security.auth import hash_password, verify_password -from sqlalchemy import select - async def add_swagger_user(username: str, password: str, full_name: str = None): """Ajouter un utilisateur Swagger""" @@ -132,7 +130,7 @@ async def create_api_key( f" Endpoints autorisés: {', '.join(api_key_obj.allowed_endpoints)}" ) else: - logger.info(f" Endpoints autorisés: Tous") + logger.info(" Endpoints autorisés: Tous") logger.info("=" * 60) logger.info(" IMPORTANT: Sauvegardez cette clé, elle ne sera plus affichée !") From 5b584bf9692aafaabd8f453b7cf5b96cdb36804d Mon Sep 17 00:00:00 2001 From: Fanilo-Nantenaina Date: Tue, 20 Jan 2026 13:51:09 +0300 Subject: [PATCH 2/2] refactor(security): improve auth middleware and logging --- middleware/security.py | 37 ++++++++++++++++++++++--------------- 1 file changed, 22 insertions(+), 15 deletions(-) diff --git a/middleware/security.py b/middleware/security.py index 137e7dd..c6e75e7 100644 --- a/middleware/security.py +++ b/middleware/security.py @@ -34,7 +34,7 @@ async def verify_swagger_credentials(credentials: HTTPBasicCredentials) -> bool: logger.info(f" Accès Swagger autorisé (DB): {username}") return True - logger.warning(f" Tentative d'accès Swagger refusée: {username}") + logger.warning(f"Tentative d'accès Swagger refusée: {username}") return False except Exception as e: @@ -43,6 +43,7 @@ async def verify_swagger_credentials(credentials: HTTPBasicCredentials) -> bool: class SwaggerAuthMiddleware: + def __init__(self, app): self.app = app @@ -54,7 +55,7 @@ class SwaggerAuthMiddleware: request = Request(scope, receive=receive) path = request.url.path - protected_paths = ["/docs", "/redoc", "/openapi.json"] + protected_paths = ["/docs", "/redoc"] if any(path.startswith(protected_path) for protected_path in protected_paths): auth_header = request.headers.get("Authorization") @@ -104,6 +105,7 @@ class SwaggerAuthMiddleware: class ApiKeyMiddleware: + def __init__(self, app): self.app = app @@ -115,21 +117,24 @@ class ApiKeyMiddleware: request = Request(scope, receive=receive) path = request.url.path - excluded_paths = [ + public_exact_paths = [ + "/", + "/health", "/docs", "/redoc", "/openapi.json", - "/health", - "/", - "/auth/login", - "/auth/register", - "/auth/verify-email", - "/auth/reset-password", - "/auth/request-reset", - "/auth/refresh", ] - if any(path.startswith(excluded_path) for excluded_path in excluded_paths): + public_path_prefixes = [ + "/api/v1/auth/", + ] + + is_public = path in public_exact_paths or any( + path.startswith(prefix) for prefix in public_path_prefixes + ) + + if is_public: + logger.debug(f"Chemin public: {path}") await self.app(scope, receive, send) return @@ -140,12 +145,12 @@ class ApiKeyMiddleware: has_api_key = api_key is not None if has_jwt: - logger.debug(f" JWT détecté pour {path}") + logger.debug(f"🔑 JWT détecté pour {path}") await self.app(scope, receive, send) return elif has_api_key: - logger.debug(f" API Key détectée pour {path}") + logger.debug(f"🔑 API Key détectée pour {path}") from services.api_key import ApiKeyService @@ -218,8 +223,9 @@ class ApiKeyMiddleware: response = JSONResponse( status_code=status.HTTP_401_UNAUTHORIZED, content={ - "detail": "Authentification requise", + "detail": "Authentification requise (JWT ou API Key)", "hint": "Utilisez soit 'X-API-Key: sdk_live_xxx' soit 'Authorization: Bearer '", + "endpoint": path, }, headers={"WWW-Authenticate": 'Bearer realm="API", charset="UTF-8"'}, ) @@ -233,4 +239,5 @@ def get_api_key_from_request(request: Request) -> Optional: def get_auth_method(request: Request) -> str: + return getattr(request.state, "authenticated_via", "none")