""" Authentication Router for Universal Model Trainer Handles login, logout, and auth status endpoints """ from fastapi import APIRouter, Request, HTTPException, Form from fastapi.responses import JSONResponse from app.auth import verify_password from app.config import settings router = APIRouter(prefix="/api/auth", tags=["Authentication"]) @router.post("/login") async def login(request: Request, password: str = Form(...)): """Login with password""" if not verify_password(password): raise HTTPException(status_code=401, detail="Invalid password") request.session["user"] = { "authenticated": True, "username": "admin" } return {"success": True, "message": "Logged in successfully"} @router.post("/logout") async def logout(request: Request): """Logout and clear session""" request.session.clear() return {"success": True, "message": "Logged out successfully"} @router.get("/check") async def check_auth(request: Request): """Check if user is authenticated""" user = request.session.get("user") if user and user.get("authenticated"): return {"authenticated": True} # If no password is configured, consider authenticated if not settings.APP_PASSWORD: return {"authenticated": True, "no_password_required": True} return {"authenticated": False}