from typing import Any from fastapi import APIRouter, Depends, HTTPException, status from fastapi.security import OAuth2PasswordRequestForm from sqlalchemy.orm import Session from ... import deps from ....core import security from ....core.config import settings from ....db.session import get_db from ....models.user import User from ....schemas.user import UserCreate, User as UserSchema from ....schemas.token import Token router = APIRouter() @router.post("/register", response_model=dict) def register(user_in: UserCreate, db: Session = Depends(get_db)): # Check if username exists user = db.query(User).filter(User.username == user_in.username).first() if user: raise HTTPException( status_code=400, detail="The user with this username already exists in the system.", ) # Check if email exists user = db.query(User).filter(User.email == user_in.email).first() if user: raise HTTPException( status_code=400, detail="The user with this email already exists in the system.", ) hashed_password = security.get_password_hash(user_in.password) new_user = User( username=user_in.username, email=user_in.email, hashed_password=hashed_password ) db.add(new_user) db.commit() return {"message": "User registered successfully"} @router.post("/token", response_model=Token) def login_access_token( db: Session = Depends(get_db), form_data: OAuth2PasswordRequestForm = Depends() ) -> Any: # Treat the username field from the form as email user = db.query(User).filter(User.email == form_data.username).first() if not user or not security.verify_password(form_data.password, user.hashed_password): raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Incorrect email or password", headers={"WWW-Authenticate": "Bearer"}, ) elif not user.is_active: raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail="Inactive user") access_token = security.create_access_token(subject=user.email) return {"access_token": access_token, "token_type": "bearer"}