69 lines
1.9 KiB
Python
69 lines
1.9 KiB
Python
"""Authentication router"""
|
|
from fastapi import APIRouter, Depends, HTTPException, status
|
|
from sqlalchemy.orm import Session
|
|
from datetime import timedelta
|
|
|
|
from app.core.database import get_db
|
|
from app.core.security import hash_password, verify_password, create_access_token
|
|
from app.models.user import User
|
|
from app.schemas.user import UserCreate, UserLogin, UserResponse
|
|
|
|
router = APIRouter(prefix="/auth", tags=["auth"])
|
|
|
|
|
|
@router.post("/register", response_model=UserResponse)
|
|
def register(user_in: UserCreate, db: Session = Depends(get_db)):
|
|
"""Register new user"""
|
|
# Check if user exists
|
|
existing = db.query(User).filter(
|
|
(User.email == user_in.email) | (User.username == user_in.username)
|
|
).first()
|
|
|
|
if existing:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_400_BAD_REQUEST,
|
|
detail="User already exists"
|
|
)
|
|
|
|
# Create user
|
|
user = User(
|
|
email=user_in.email,
|
|
username=user_in.username,
|
|
full_name=user_in.full_name,
|
|
hashed_password=hash_password(user_in.password)
|
|
)
|
|
db.add(user)
|
|
db.commit()
|
|
db.refresh(user)
|
|
|
|
return user
|
|
|
|
|
|
@router.post("/login")
|
|
def login(user_in: UserLogin, db: Session = Depends(get_db)):
|
|
"""Login and get access token"""
|
|
user = db.query(User).filter(User.email == user_in.email).first()
|
|
|
|
if not user or not verify_password(user_in.password, user.hashed_password):
|
|
raise HTTPException(
|
|
status_code=status.HTTP_401_UNAUTHORIZED,
|
|
detail="Invalid credentials"
|
|
)
|
|
|
|
if not user.is_active:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_403_FORBIDDEN,
|
|
detail="User account is inactive"
|
|
)
|
|
|
|
# Create token
|
|
access_token = create_access_token(
|
|
data={"sub": user.email}
|
|
)
|
|
|
|
return {
|
|
"access_token": access_token,
|
|
"token_type": "bearer",
|
|
"user": UserResponse.from_orm(user)
|
|
}
|