69 lines
2.0 KiB
Python
69 lines
2.0 KiB
Python
from fastapi import APIRouter, Depends, HTTPException, status
|
|
from sqlalchemy.orm import Session
|
|
from datetime import timedelta
|
|
from app.database.database import get_db
|
|
from app.models import User
|
|
from app.schemas.user import UserCreate, UserResponse
|
|
from app.services.auth import (
|
|
authenticate_user,
|
|
create_access_token,
|
|
get_password_hash,
|
|
verify_token,
|
|
)
|
|
from app.config import settings
|
|
|
|
router = APIRouter(prefix="/api/auth", tags=["auth"])
|
|
|
|
|
|
@router.post("/register", response_model=UserResponse)
|
|
def register(user: UserCreate, db: Session = Depends(get_db)):
|
|
db_user = db.query(User).filter(User.email == user.email).first()
|
|
if db_user:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_400_BAD_REQUEST,
|
|
detail="Email already registered",
|
|
)
|
|
|
|
hashed_password = get_password_hash(user.password)
|
|
db_user = User(
|
|
email=user.email,
|
|
full_name=user.full_name,
|
|
hashed_password=hashed_password,
|
|
)
|
|
db.add(db_user)
|
|
db.commit()
|
|
db.refresh(db_user)
|
|
return db_user
|
|
|
|
|
|
@router.post("/login")
|
|
def login(email: str, password: str, db: Session = Depends(get_db)):
|
|
user = authenticate_user(db, email, password)
|
|
if not user:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_401_UNAUTHORIZED,
|
|
detail="Invalid credentials",
|
|
)
|
|
|
|
access_token_expires = timedelta(minutes=settings.access_token_expire_minutes)
|
|
access_token = create_access_token(
|
|
data={"sub": str(user.id)}, expires_delta=access_token_expires
|
|
)
|
|
|
|
return {
|
|
"access_token": access_token,
|
|
"token_type": "bearer",
|
|
"user": UserResponse.from_orm(user),
|
|
}
|
|
|
|
|
|
@router.post("/verify-token")
|
|
def verify_token_endpoint(token: str):
|
|
user_id = verify_token(token)
|
|
if user_id is None:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_401_UNAUTHORIZED,
|
|
detail="Invalid token",
|
|
)
|
|
return {"user_id": user_id, "valid": True}
|