mindroot.coreplugins.user_service package¶
Submodules¶
mindroot.coreplugins.user_service.admin_init module¶
- async mindroot.coreplugins.user_service.admin_init.check_for_admin(user_data_root: str) bool[source]¶
Check if any admin user exists.
- mindroot.coreplugins.user_service.admin_init.generate_random_credentials(prefix: str = 'admin', length: int = 8) Tuple[str, str][source]¶
Generate random admin username and password.
- async mindroot.coreplugins.user_service.admin_init.initialize_admin(user_data_root: str, app) Tuple[str | None, str | None][source]¶
Check for and create admin user if needed. Returns tuple of (username, password) if created, (None, None) if admin exists.
This should be called during system startup to ensure at least one admin exists. The admin user will have ‘admin’, ‘verified’, and ‘user’ roles.
mindroot.coreplugins.user_service.email_service module¶
- async mindroot.coreplugins.user_service.email_service.send_password_reset_email(email: str, username: str, reset_token: str)[source]¶
Send password reset email to user.
mindroot.coreplugins.user_service.mod module¶
- async mindroot.coreplugins.user_service.mod.create_user(user_data: UserCreate, roles: List[str] = None, skip_verification: bool = False, context=None) UserBase[source]¶
Create new user directory and auth file
- async mindroot.coreplugins.user_service.mod.get_user_data(username: str, include_email=False, context=None) UserBase | None[source]¶
Get user data excluding sensitive info
- async mindroot.coreplugins.user_service.mod.list_users(context=None) list[str][source]¶
List all usernames
mindroot.coreplugins.user_service.models module¶
- class mindroot.coreplugins.user_service.models.PasswordResetToken(*, token: str, expires_at: str, is_admin_reset: bool = False)[source]¶
Bases:
BaseModelData for password reset tokens
- expires_at: str¶
- is_admin_reset: bool¶
- model_config: ClassVar[ConfigDict] = {}¶
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
- token: str¶
- class mindroot.coreplugins.user_service.models.UserAuth(*, username: ~typing.Annotated[str, ~annotated_types.MinLen(min_length=3), ~annotated_types.MaxLen(max_length=32)], email: ~pydantic.networks.EmailStr | None, created_at: str, last_login: str | None = None, email_verified: bool = False, roles: ~typing.List[str] = <factory>, password_hash: str, verification_token: str | None = None, verification_expires: str | None = None)[source]¶
Bases:
UserBaseUser data including auth-sensitive fields
- model_config: ClassVar[ConfigDict] = {}¶
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
- password_hash: str¶
- verification_expires: str | None¶
- verification_token: str | None¶
- class mindroot.coreplugins.user_service.models.UserBase(*, username: ~typing.Annotated[str, ~annotated_types.MinLen(min_length=3), ~annotated_types.MaxLen(max_length=32)], email: ~pydantic.networks.EmailStr | None, created_at: str, last_login: str | None = None, email_verified: bool = False, roles: ~typing.List[str] = <factory>)[source]¶
Bases:
BaseModelBase user data that’s safe to expose
- created_at: str¶
- email: EmailStr | None¶
- email_verified: bool¶
- last_login: str | None¶
- model_config: ClassVar[ConfigDict] = {}¶
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
- roles: List[str]¶
- username: str¶
- class mindroot.coreplugins.user_service.models.UserCreate(*, username: Annotated[str, MinLen(min_length=3), MaxLen(max_length=32), _PydanticGeneralMetadata(pattern='^[a-zA-Z0-9_]+$')], email: EmailStr, password: Annotated[str, MinLen(min_length=8)])[source]¶
Bases:
BaseModelData required to create a new user
- email: EmailStr¶
- model_config: ClassVar[ConfigDict] = {}¶
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
- password: str¶
- username: str¶
- class mindroot.coreplugins.user_service.models.UserInRequest(*, username: ~typing.Annotated[str, ~annotated_types.MinLen(min_length=3), ~annotated_types.MaxLen(max_length=32)], email: ~pydantic.networks.EmailStr | None, created_at: str, last_login: str | None = None, email_verified: bool = False, roles: ~typing.List[str] = <factory>, token_data: dict)[source]¶
Bases:
UserBaseUser data as attached to request.state.user
- model_config: ClassVar[ConfigDict] = {}¶
Configuration for the model, should be a dictionary conforming to [ConfigDict][pydantic.config.ConfigDict].
- token_data: dict¶
mindroot.coreplugins.user_service.password_reset_service module¶
mindroot.coreplugins.user_service.role_service module¶
- async mindroot.coreplugins.user_service.role_service.add_role(username: str, role: str, user_data_root: str) bool[source]¶
Add a role to a user. Should be called only from admin context.
- async mindroot.coreplugins.user_service.role_service.get_user_roles(username: str, user_data_root: str) List[str][source]¶
Get all roles for a user
mindroot.coreplugins.user_service.router module¶
- async mindroot.coreplugins.user_service.router.get_reset_password_form_by_file(request: Request, filename: str)[source]¶
Show password reset form if trigger file exists
- async mindroot.coreplugins.user_service.router.handle_reset_password_by_file(request: ~starlette.requests.Request, filename: str, password: str = Form(PydanticUndefined), confirm_password: str = Form(PydanticUndefined), services: ~lib.providers.ProviderManager = Depends(<lambda>))[source]¶
Handle password reset using trigger file