Spaces:
Sleeping
Sleeping
File size: 3,471 Bytes
a8a2cf5 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 | # src/api/routes/auth.py
from fastapi import APIRouter, HTTPException, status, Depends, Request
from sqlmodel.ext.asyncio.session import AsyncSession
from ...models import UserCreate, UserLogin, Token, UserResponse
from ...core.dependencies import create_access_token
from ...services.user_service import UserService
from ...db.database import get_session
import logging
logger = logging.getLogger(__name__)
router = APIRouter(prefix="/auth", tags=["Authentication"])
@router.post("/register", response_model=UserResponse, status_code=status.HTTP_201_CREATED)
async def register(user_data: UserCreate, session: AsyncSession = Depends(get_session)):
"""
Register a new user.
Args:
user_data: User registration data (email, name, password)
Returns:
UserResponse with created user data
Raises:
HTTPException 400: If email already exists
HTTPException 500: If database operation fails
"""
try:
# Attempt to create user
user = await UserService.create_user(user_data, session)
if user is None:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="Email already registered"
)
logger.info(f"New user registered: {user.email}")
return user
except HTTPException:
raise
except Exception as e:
logger.error(f"Registration error: {e}", exc_info=True)
raise HTTPException(
status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
detail="Failed to register user"
)
@router.post("/login", response_model=Token)
async def login(credentials: UserLogin, request: Request, session: AsyncSession = Depends(get_session)):
"""
Login and get access token.
Args:
credentials: User login credentials (email, password)
request: FastAPI request object (for IP and user agent)
Returns:
Token with JWT access token
Raises:
HTTPException 401: If credentials are invalid
HTTPException 500: If database operation fails
"""
try:
# Verify credentials
user = await UserService.verify_credentials(
credentials.email,
credentials.password,
session,
)
if user is None:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Invalid email or password"
)
# Log the login session
ip_address = request.client.host if request.client else None
user_agent = request.headers.get("user-agent")
session_id = await UserService.log_login(
user_id=user['id'],
session=session,
ip_address=ip_address,
user_agent=user_agent,
)
# Create JWT token with session ID
token = create_access_token(
user_id=user['id'],
email=user['email']
)
logger.info(f"User logged in: {user['email']}, session: {session_id}")
return Token(access_token=token)
except HTTPException:
raise
except Exception as e:
logger.error(f"Login error: {e}", exc_info=True)
raise HTTPException(
status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
detail="Failed to login"
) |