48 lines
1.7 KiB
Python
48 lines
1.7 KiB
Python
"""Authentication router: login and current-user endpoints."""
|
|
|
|
from fastapi import APIRouter, Depends, HTTPException, status
|
|
from fastapi.security import OAuth2PasswordRequestForm
|
|
from sqlalchemy.orm import Session
|
|
|
|
from app.auth import verify_password, create_access_token
|
|
from app.database import get_db
|
|
from app.dependencies.auth import get_current_user
|
|
from app.models.user import User
|
|
from app.schemas.auth import TokenResponse, UserOut
|
|
|
|
router = APIRouter(prefix="/auth", tags=["auth"])
|
|
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# POST /auth/login
|
|
# ---------------------------------------------------------------------------
|
|
|
|
|
|
@router.post("/login", response_model=TokenResponse)
|
|
def login(
|
|
form_data: OAuth2PasswordRequestForm = Depends(),
|
|
db: Session = Depends(get_db),
|
|
):
|
|
"""Authenticate a user and return a JWT access token."""
|
|
user = db.query(User).filter(User.username == form_data.username).first()
|
|
|
|
if user is None or not verify_password(form_data.password, user.hashed_password):
|
|
raise HTTPException(
|
|
status_code=status.HTTP_400_BAD_REQUEST,
|
|
detail="Incorrect username or password",
|
|
)
|
|
|
|
access_token = create_access_token(data={"sub": user.username})
|
|
return TokenResponse(access_token=access_token)
|
|
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# GET /auth/me
|
|
# ---------------------------------------------------------------------------
|
|
|
|
|
|
@router.get("/me", response_model=UserOut)
|
|
def read_current_user(current_user: User = Depends(get_current_user)):
|
|
"""Return the profile of the currently authenticated user."""
|
|
return current_user
|