from fastapi import APIRouter, Depends, HTTPException from fastapi.security import OAuth2PasswordRequestForm from app.cores.security import create_access_token, verify_password from app.models.user import User from app.schemas.token import Token from app.cores.database import get_db from sqlalchemy.orm import Session router = APIRouter(tags=["Authentication"]) @router.post("/login", response_model=Token) def login(form_data: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(get_db)): user = db.query(User).filter(User.email == form_data.username).first() if not user or not verify_password(form_data.password, user.hashed_password): raise HTTPException(status_code=401, detail="Invalid credentials") token = create_access_token({"user_id": user.id}) return { "access_token": token, "token_type": "bearer" }