backend/app/api/auth.py

from __future__ import annotations

from typing import Any

from fastapi import APIRouter, Request
from pydantic import BaseModel

from app.services import auth_service
from app.services.audit_log_service import log_event


router = APIRouter(prefix="/api/auth", tags=["auth"])


class LoginPayload(BaseModel):
    usuario: str
    matricula: str


@router.post("/login")
def login(payload: LoginPayload, request: Request) -> dict[str, Any]:
    try:
        user = auth_service.authenticate_user(payload.usuario, payload.matricula)
    except Exception:
        log_event(
            "auth",
            "login",
            status="fail",
            details={"usuario_informado": str(payload.usuario or "").strip()},
            request=request,
        )
        raise

    token = auth_service.create_auth_session(user)
    log_event("auth", "login", user=user, status="ok", request=request)
    return {
        "token": token,
        "usuario": auth_service.public_user(user),
    }


@router.get("/me")
def me(request: Request) -> dict[str, Any]:
    user = auth_service.require_user(request)
    return {"usuario": auth_service.public_user(user)}


@router.post("/logout")
def logout(request: Request) -> dict[str, str]:
    user = auth_service.require_user(request)
    token = auth_service.extract_token_from_request(request)
    auth_service.destroy_auth_session(token)
    log_event("auth", "logout", user=user, status="ok", request=request)
    return {"status": "ok"}