diff options
| author | l3wdfut4pwr <l3wdfut4pwr@gmail.com> | 2026-04-27 13:45:09 +0300 |
|---|---|---|
| committer | l3wdfut4pwr <l3wdfut4pwr@gmail.com> | 2026-04-27 13:45:09 +0300 |
| commit | 4848a9e9394b283022085a6305d00f94b11cd703 (patch) | |
| tree | d7ba45885f110e8ded4af20bc98b9f88f75b1f4a /app/routes/auth.py | |
| parent | f1842be3bfabe7850d33662da2da377676144c48 (diff) | |
add username change and logout
Diffstat (limited to 'app/routes/auth.py')
| -rw-r--r-- | app/routes/auth.py | 58 |
1 files changed, 0 insertions, 58 deletions
diff --git a/app/routes/auth.py b/app/routes/auth.py deleted file mode 100644 index 6e0d410..0000000 --- a/app/routes/auth.py +++ /dev/null @@ -1,58 +0,0 @@ -from fastapi import APIRouter, Depends, HTTPException, Response -from fastapi.security import OAuth2PasswordRequestForm -from sqlalchemy.ext.asyncio import AsyncSession - -from app.auth.jwt import create_access_token, create_refresh_token -from app.models.user import User -from app.utils.db import get_async_session -from app.utils.hash_cfg import verify_password -from app.utils.logger_cfg import logger - -router = APIRouter(tags=["auth"]) - - -@router.post("/login") -async def login( - response: Response, - form_data: OAuth2PasswordRequestForm = Depends(), - session: AsyncSession = Depends(get_async_session), -): - user = await User.get_user_by_email(form_data.username, session=session) - if not user: - user = await User.get_user_by_username( - form_data.username, session=session - ) - - if not user or not user.password: - logger.warning("Login failed | username/email={}", form_data.username) - raise HTTPException(status_code=401, detail="Invalid credentials") - - if not verify_password(form_data.password, user.password): - logger.warning("Login failed | username/email={}", form_data.username) - raise HTTPException(status_code=401, detail="Invalid credentials") - - access_token = create_access_token( - {"sub": str(user.id), "token_version": user.token_version} - ) - refresh_token = create_refresh_token( - {"sub": str(user.id), "token_version": user.token_version} - ) - - response.set_cookie( - key="access_token", - value=access_token, - httponly=True, - secure=False, - samesite="lax", - max_age=60 * 60, - ) - response.set_cookie( - key="refresh_token", - value=refresh_token, - httponly=True, - secure=True, - samesite="lax", - max_age=30 * 24 * 60 * 60, - ) - logger.info("User logged in | id={} username={}", user.id, user.username) - return {"message": "Logged in successfully"} |