✨ Add is_admin attribute on User model

app/models/token.py

@@ -3,4 +3,5 @@ from pydantic import BaseModel
 class Token(BaseModel):
     access_token: str
     token_type: str
-    user_id: str
+    user_id: str
+    is_admin: bool

app/models/user.py

@@ -4,4 +4,5 @@ from pydantic import BaseModel, Field
 class User(BaseModel):
     uid: str = Field(..., alias="_id")
     username: str
-    password: str
+    password: str
+    is_admin: bool = False

app/routes/auth.py

@@ -34,12 +34,27 @@ async def register(user: UserRegisterDTO):
         )
 
     hashed_password = get_password_hash(user.password)
-    user_id = users_collection.insert_one({"username": user.username, "password": hashed_password})
+    user_id = users_collection.insert_one({
+        "username": user.username, 
+        "password": hashed_password,
+        "is_admin": False
+    })
 
     access_token_expires = timedelta(minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
-    access_token = create_access_token(data={"sub": user.username}, expires_delta=access_token_expires)
+    access_token = create_access_token(
+        data={
+            "sub": user.username,
+            "is_admin": False
+        }, 
+        expires_delta=access_token_expires
+    )
 
-    return {"access_token": access_token, "token_type": "bearer", "user_id": str(user_id.inserted_id)}
+    return {
+        "access_token": access_token, 
+        "token_type": "bearer", 
+        "user_id": str(user_id.inserted_id),
+        "is_admin": False
+    }
 
 @auth_router.post(
     path="/login", 
@@ -56,10 +71,20 @@ async def login(form_data: OAuth2PasswordRequestForm = Depends()):
         )
     
     access_token_expires = timedelta(minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
-    access_token = create_access_token(data={"sub": form_data.username}, expires_delta=access_token_expires)
-
-    return {"access_token": access_token, "token_type": "bearer", "user_id": str(user["_id"])}
+    access_token = create_access_token(
+        data={
+            "sub": form_data.username,
+            "is_admin": user.get("is_admin", False)
+        }, 
+        expires_delta=access_token_expires
+    )
 
+    return {
+        "access_token": access_token, 
+        "token_type": "bearer", 
+        "user_id": str(user["_id"]),
+        "is_admin": user.get("is_admin", False)
+    }
 
 @auth_router.get(
     path="/logout",

app/serializers/user_serializer.py

@@ -15,5 +15,6 @@ def user_serialize(user) -> User:
     return User(
         _id=str(user['_id']),
         username=user['username'],
-        password=user['password']
+        password=user['password'],
+        is_admin=user['is_admin']
     )

app/stub.py

@@ -55,12 +55,14 @@ def populate_data():
     # Créer les utilisateurs
     user1_id = users_collection.insert_one({
         "username": "string",
-        "password": get_password_hash("string")
+        "password": get_password_hash("string"),
+        "is_admin": True
     }).inserted_id
 
     user2_id = users_collection.insert_one({
         "username": "test",
-        "password": get_password_hash("test")
+        "password": get_password_hash("test"),
+        "is_admin": False
     }).inserted_id
 
     # Créer d'abord les pins