Spaces:

Bromeo777
/

RM

Build error

App Files Files Community

Bromeo777 commited on Mar 21

Commit

8bd5f4a

verified ·

1 Parent(s): 5599f11

Add app\api\v1\auth.py

Browse files

Files changed (1) hide show

app//api//v1//auth.py +122 -0

app//api//v1//auth.py ADDED Viewed

	@@ -0,0 +1,122 @@

+# app/api/v1/auth.py
+# Final Version: Compatible with deps.py - imports auth functions from deps
+# No circular imports, uses existing security utilities
+# SSO DISABLED
+import logging
+from datetime import timedelta
+from typing import Any, Optional
+from fastapi import APIRouter, Depends, HTTPException, status, Query, Request
+from fastapi.security import OAuth2PasswordRequestForm
+from fastapi.responses import RedirectResponse
+from sqlalchemy.ext.asyncio import AsyncSession
+# Import from deps (source of truth) - NO circular import
+from app.api import deps
+from app.core.config import settings
+from app.core import security
+from app.db import queries
+from app.models.user import User
+from app.schemas.user import UserCreate
+from app.schemas.common import Token
+# SSO DISABLED - file deleted
+# from app.services.auth.sso import sso_service
+logger = logging.getLogger("rm_research.auth")
+router = APIRouter()
+# ------------------------------------------------------------------------------
+# Utilities
+# ------------------------------------------------------------------------------
+def normalize_email(email: str) -> str:
+    """Standardize email for multi-tenant unique indexing."""
+    return email.strip().lower()
+# ------------------------------------------------------------------------------
+# Traditional Authentication
+# ------------------------------------------------------------------------------
+@router.post("/register", response_model=Token, status_code=status.HTTP_201_CREATED)
+async def register_user(
+    user_in: UserCreate,
+    db: AsyncSession = Depends(deps.get_db),
+) -> Any:
+    """Self-service registration for independent researchers."""
+    email_normalized = normalize_email(user_in.email)
+    existing_user = await queries.get_user_by_email(db, email=email_normalized)
+    if existing_user:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="A user with this email already exists."
+        )
+    db_user = User(
+        email=email_normalized,
+        hashed_password=security.get_password_hash(user_in.password),
+        is_active=True,
+        is_premium=False
+    )
+    db.add(db_user)
+    await db.commit()
+    await db.refresh(db_user)
+    access_token = security.create_access_token(subject=db_user.email)
+    return Token(
+        access_token=access_token,
+        token_type="bearer",
+        is_premium=db_user.is_premium
+    )
+@router.post("/login", response_model=Token)
+async def login_access_token(
+    db: AsyncSession = Depends(deps.get_db),
+    form_data: OAuth2PasswordRequestForm = Depends()
+) -> Any:
+    """Standard OAuth2 compatible token login."""
+    email_normalized = normalize_email(form_data.username)
+    user = await queries.get_user_by_email(db, email=email_normalized)
+    if not user or not security.verify_password(form_data.password, user.hashed_password):
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Incorrect email or password",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+    if not user.is_active:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Inactive user"
+        )
+    access_token = security.create_access_token(subject=user.email)
+    return Token(
+        access_token=access_token,
+        token_type="bearer",
+        is_premium=user.is_premium
+    )
+# ------------------------------------------------------------------------------
+# Institutional SSO Hub - DISABLED
+# ------------------------------------------------------------------------------
+@router.get("/sso/initiate")
+async def initiate_sso():
+    """SSO disabled - institutional authentication not available."""
+    raise HTTPException(
+        status_code=status.HTTP_503_SERVICE_UNAVAILABLE,
+        detail="SSO not configured"
+    )
+@router.post("/sso/callback")
+async def sso_callback():
+    """SSO disabled - institutional authentication not available."""
+    raise HTTPException(
+        status_code=status.HTTP_503_SERVICE_UNAVAILABLE,
+        detail="SSO not configured"
+    )