update app/routers/auth.py

app/routers/auth.py

@@ -0,0 +1,135 @@
+from fastapi import APIRouter, Depends, HTTPException, Response, Cookie, Request
+from fastapi.responses import RedirectResponse
+from sqlalchemy.ext.asyncio import AsyncSession
+from pydantic import BaseModel
+from typing import Optional
+import os
+
+from app.database import get_db
+from app.oauth import oauth_handler
+from app.dependencies import get_current_user
+from app.db_models import User
+from app.config import settings
+
+router = APIRouter(prefix="/auth", tags=["authentication"])
+
+# Access limiter from app state via request
+from slowapi import Limiter
+from slowapi.util import get_remote_address
+
+limiter = Limiter(key_func=get_remote_address)
+
+
+class UserInfo(BaseModel):
+    id: int
+    email: str
+    username: str
+    avatar_url: Optional[str]
+    role: str
+
+    class Config:
+        from_attributes = True
+
+
+@router.get("/me", response_model=UserInfo)
+@limiter.limit("60/minute")
+async def get_current_user_info(
+    request: Request,
+    current_user: Optional[User] = Depends(get_current_user),
+):
+    if not current_user:
+        raise HTTPException(status_code=401, detail="Not authenticated")
+
+    return UserInfo(
+        id=current_user.id,
+        email=current_user.email,
+        username=current_user.username,
+        avatar_url=current_user.avatar_url,
+        role=current_user.role,
+    )
+
+
+@router.get("/github")
+@limiter.limit("10/minute")
+async def github_login(request: Request):
+    return RedirectResponse(
+        url=f"https://github.com/login/oauth/authorize?client_id={settings.GITHUB_CLIENT_ID}&scope=user:email"
+    )
+
+
+@router.get("/github/callback")
+@limiter.limit("20/minute")
+async def github_callback(
+    request: Request,
+    code: str,
+    response: Response,
+    session: AsyncSession = Depends(get_db),
+):
+    try:
+        user, token = await oauth_handler.github_callback(code, session)
+
+        response = RedirectResponse(url=f"{settings.FRONTEND_URL}/dashboard")
+        response.set_cookie(
+            key="access_token",
+            value=token,
+            httponly=True,
+            secure=True if settings.FRONTEND_URL.startswith("https") else False,
+            samesite="lax",
+            max_age=60 * 60 * 24 * 7,
+        )
+
+        return response
+
+    except Exception as e:
+        return RedirectResponse(url=f"{settings.FRONTEND_URL}/login?error={str(e)}")
+
+
+@router.get("/google")
+@limiter.limit("10/minute")
+async def google_login(request: Request):
+    google_client_id = settings.GOOGLE_CLIENT_ID
+    redirect_uri = f"{settings.API_URL}/auth/google/callback"
+
+    return RedirectResponse(
+        url=f"https://accounts.google.com/o/oauth2/v2/auth?"
+        f"client_id={google_client_id}&"
+        f"redirect_uri={redirect_uri}&"
+        f"response_type=code&"
+        f"scope=openid email profile"
+    )
+
+
+@router.get("/google/callback")
+@limiter.limit("20/minute")
+async def google_callback(
+    request: Request,
+    code: str,
+    response: Response,
+    session: AsyncSession = Depends(get_db),
+):
+    try:
+        redirect_uri = f"{settings.API_URL}/auth/google/callback"
+        user, token = await oauth_handler.google_callback(code, redirect_uri, session)
+
+        response = RedirectResponse(url=f"{settings.FRONTEND_URL}/dashboard")
+        response.set_cookie(
+            key="access_token",
+            value=token,
+            httponly=True,
+            secure=True if settings.FRONTEND_URL.startswith("https") else False,
+            samesite="lax",
+            max_age=60 * 60 * 24 * 7,
+        )
+
+        return response
+
+    except Exception as e:
+        return RedirectResponse(url=f"{settings.FRONTEND_URL}/login?error={str(e)}")
+
+
+@router.post("/logout")
+@limiter.limit("30/minute")
+async def logout(request: Request, response: Response):
+    response = Response(content={"message": "Logged out successfully"})
+    response.delete_cookie(key="access_token")
+    return response