Add ability to update user's data

- Password
- Access token

app.py

@@ -22,7 +22,6 @@ from models import (
     TableListDefinition,
     UserDefinition,
 )
-from secutils import hash_password
 from utils import (
     check_if_admin_access_token,
     parse_columns_from_definition,
@@ -136,6 +135,26 @@ async def createUser(
     return {"ok": True}
 
 
+@app.post("/api/updateUser")
+async def updateUser(
+    user: UserDefinition,
+    access_token: str | None = Header(default=None),
+):
+    is_admin = check_if_admin_access_token(connector, access_token)
+    if not is_admin:
+        return {"error": "Not allowed"}
+
+    if not user.user_id or not user.password or not user.access_token:
+        return {"error": "Malformed request"}
+
+    try:
+        update_user(connector, user.user_id, user.password, user.access_token)
+    except Exception as e:
+        return {"error": str(e)}
+
+    return {"ok": True}
+
+
 @app.post("/items/{tableName}")
 async def items(
     tableName: str,

dba.py

@@ -96,6 +96,25 @@ def create_user(conn: DBConnector, username: str, password: str):
         return False, e
 
 
+def update_user(conn: DBConnector, id: int, password: str, access_token: str):
+    try:
+        hashedPwd = hash_password(password)
+        conn.updateDataInTable(
+            USERS_TABLE_NAME,
+            [
+                ColumnUpdate("password", hashedPwd),
+                ColumnUpdate("access_token", access_token),
+            ],
+            [
+                ColumnCondition("id", id),
+            ],
+        )
+        return True, None
+    except Exception as e:
+        logger.exception(e)
+        return False, e
+
+
 def get_user_by_username(conn: DBConnector, username: str):
     try:
         users = conn.filterFromTable(

models.py

@@ -17,8 +17,10 @@ class ColumnsDefinitionList(BaseModel):
 
 
 class UserDefinition(BaseModel):
+    user_id: int | None = None
     username: str
     password: str
+    access_token: str | None = None
 
 
 class ColumnDefinition(BaseModel):