|
|
"""Authentication endpoints.""" |
|
|
|
|
|
from fastapi import APIRouter, HTTPException, Depends |
|
|
|
|
|
from api.schemas import LoginRequest, LoginResponse |
|
|
from services.database import db_service |
|
|
from services.auth import auth_service |
|
|
|
|
|
router = APIRouter(tags=["auth"]) |
|
|
|
|
|
|
|
|
@router.post("/auth/login", response_model=LoginResponse) |
|
|
async def login(request: LoginRequest): |
|
|
""" |
|
|
Authenticate a user and return a JWT token. |
|
|
Credentials must be created manually using the create_user.py script. |
|
|
""" |
|
|
user = await db_service.get_user(request.username) |
|
|
if not user: |
|
|
raise HTTPException(status_code=401, detail="Invalid username or password") |
|
|
|
|
|
hashed_password = user.get("hashed_password") |
|
|
if not hashed_password: |
|
|
raise HTTPException(status_code=500, detail="User data corrupted") |
|
|
|
|
|
if not auth_service.verify_password(request.password, hashed_password): |
|
|
raise HTTPException(status_code=401, detail="Invalid username or password") |
|
|
|
|
|
token = auth_service.create_access_token(request.username) |
|
|
return { |
|
|
"token": token, |
|
|
"username": request.username, |
|
|
"message": "Login successful", |
|
|
} |
|
|
|
