98 lines
2.3 KiB
Markdown
98 lines
2.3 KiB
Markdown
# Account Manager API Documentation
|
|
|
|
## Overview
|
|
The `AccountManager` class provides functionality for managing user accounts, including:
|
|
- Account creation and authentication
|
|
- Password management (hashing, verification, reset)
|
|
- Account search and retrieval
|
|
- Tenant association management
|
|
|
|
## Class Methods
|
|
|
|
### `hash_password(password, salt=None)`
|
|
Generates a hashed password and salt for secure storage.
|
|
|
|
**Parameters:**
|
|
- `password` (str): Plain text password to hash
|
|
- `salt` (bytes, optional): Optional salt value. If None, generates new salt.
|
|
|
|
**Returns:**
|
|
- Tuple of (base64_password_hashed, base64_salt)
|
|
|
|
**Example:**
|
|
```python
|
|
hashed_pw, salt = AccountManager.hash_password("mysecurepassword")
|
|
```
|
|
|
|
### `create_account(username, email, password)`
|
|
Creates a new user account.
|
|
|
|
**Parameters:**
|
|
- `username` (str): Unique username
|
|
- `email` (str): User email address
|
|
- `password` (str): Plain text password
|
|
|
|
**Returns:**
|
|
- Dictionary with created account details:
|
|
```python
|
|
{
|
|
"id": UUID,
|
|
"username": str,
|
|
"email": str,
|
|
"created_at": datetime
|
|
}
|
|
```
|
|
|
|
### `get_user_by_username(username)`
|
|
Retrieves user information by username.
|
|
|
|
**Parameters:**
|
|
- `username` (str): Username to search for
|
|
|
|
**Returns:**
|
|
- User dictionary or None if not found
|
|
|
|
### `search_accounts(search=None, page=1, page_size=10)`
|
|
Searches accounts with pagination.
|
|
|
|
**Parameters:**
|
|
- `search` (str): Optional search term
|
|
- `page` (int): Page number (1-based)
|
|
- `page_size` (int): Items per page
|
|
|
|
**Returns:**
|
|
```python
|
|
{
|
|
"data": [user_dicts],
|
|
"total": int
|
|
}
|
|
```
|
|
|
|
### `verify_password(plain_password, hashed_password, salt)`
|
|
Verifies a password against stored hash.
|
|
|
|
**Parameters:**
|
|
- `plain_password` (str): Password to verify
|
|
- `hashed_password` (str): Stored password hash
|
|
- `salt` (str): Password salt
|
|
|
|
**Returns:**
|
|
- bool: True if password matches
|
|
|
|
### Password Management
|
|
- `update_password(username, email, new_password)`
|
|
- `reset_password(account_id)`
|
|
|
|
### Tenant Association
|
|
- `associate_with_tenant(account_id, tenant_id, role, invited_by, current)`
|
|
- `get_tenant_accounts(tenant_id)`
|
|
- `get_account_tenants(account_id)`
|
|
|
|
## Error Handling
|
|
All methods raise exceptions on failure and log errors using the module logger.
|
|
|
|
## Security Notes
|
|
- Uses PBKDF2 with SHA-256 for password hashing
|
|
- Generates random salts for each password
|
|
- All sensitive operations are logged
|