diff options
Diffstat (limited to 'app/routes')
| -rw-r--r-- | app/routes/__init__.py | 12 | ||||
| -rw-r--r-- | app/routes/auth.py | 37 | ||||
| -rw-r--r-- | app/routes/me.py | 48 | ||||
| -rw-r--r-- | app/routes/register.py | 2 | ||||
| -rw-r--r-- | app/routes/routes.py | 6 |
5 files changed, 98 insertions, 7 deletions
diff --git a/app/routes/__init__.py b/app/routes/__init__.py index e69de29..383ef66 100644 --- a/app/routes/__init__.py +++ b/app/routes/__init__.py @@ -0,0 +1,12 @@ +from fastapi import APIRouter + +from .auth import router as auth_router +from .me import router as me_router +from .register import router as register_router + +router = APIRouter() + +router.include_router(register_router, prefix="/auth") +router.include_router(auth_router, prefix="/auth") + +router.include_router(me_router) diff --git a/app/routes/auth.py b/app/routes/auth.py new file mode 100644 index 0000000..aa68c52 --- /dev/null +++ b/app/routes/auth.py @@ -0,0 +1,37 @@ +from fastapi import APIRouter, Depends, HTTPException +from fastapi.security import OAuth2PasswordRequestForm +from sqlalchemy.ext.asyncio import AsyncSession + +from app.utils.logger_cfg import logger + +from app.auth.jwt import create_access_token, create_refresh_token +from app.models.user import User +from app.utils.db import get_async_session +from app.utils.hash_cfg import verify_password + +router = APIRouter(tags=["auth"]) + + +@router.post("/login") +async def login( + form_data: OAuth2PasswordRequestForm = Depends(), + session: AsyncSession = Depends(get_async_session), +): + user = await User.get_user_by_email(form_data.username, session=session) + if not user: + user = await User.get_user_by_username(form_data.username, session=session) + + if not user or not verify_password(form_data.password, user.password): + logger.warning("Login failed | username/email={}", form_data.username) + raise HTTPException(status_code=401, detail="Invalid credentials") + + access_token = create_access_token({"sub": str(user.id)}) + refresh_token = create_refresh_token({"sub": str(user.id)}) + + logger.info("User logged in | id={} username={}", user.id, user.username) + + return { + "access_token": access_token, + "refresh_token": refresh_token, + "token_type": "bearer", + } diff --git a/app/routes/me.py b/app/routes/me.py new file mode 100644 index 0000000..a09453c --- /dev/null +++ b/app/routes/me.py @@ -0,0 +1,48 @@ +from fastapi import APIRouter, Depends, HTTPException +from fastapi.security import OAuth2PasswordBearer +from sqlalchemy.ext.asyncio import AsyncSession + +from app.auth.jwt import decode_token +from app.models.user import User +from app.utils.db import get_async_session +from app.utils.logger_cfg import logger + +router = APIRouter() +oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/auth/login") + + +@router.get("/me") +async def read_current_user( + token: str = Depends(oauth2_scheme), + session: AsyncSession = Depends(get_async_session), +): + + if not token: + logger.warning("No token provided in /me request") + raise HTTPException(status_code=401, detail="Unauthorized") + + try: + payload = decode_token(token) + user_id = int(payload.get("sub")) + user = await User.get_user_by_id(user_id, session=session) + + if not user: + logger.warning("User not found in /me | id={}", user_id) + raise HTTPException(status_code=404, detail="User not found") + + logger.info("User accessed /me | id={} username={}", user.id, user.username) + + user_data = { + "id": user.id, + "username": user.username, + "email": user.email, + "premium": user.premium, + "is_banned": user.is_banned, + "is_moderator": user.is_moderator, + } + logger.debug("Returning /me data: {}", user_data) + return user_data + + except ValueError as e: + logger.warning("Invalid token in /me request: {}", e) + raise HTTPException(status_code=401, detail="Invalid token") diff --git a/app/routes/register.py b/app/routes/register.py index 0134c56..fb8ec3d 100644 --- a/app/routes/register.py +++ b/app/routes/register.py @@ -11,7 +11,7 @@ from app.utils.db import get_async_session from app.utils.hash_cfg import hash_password from app.utils.logger_cfg import logger -router = APIRouter(prefix="/auth", tags=["auth"]) +router = APIRouter(tags=["auth"]) @router.post("/register", response_model=UserRead) diff --git a/app/routes/routes.py b/app/routes/routes.py deleted file mode 100644 index 7db7ec4..0000000 --- a/app/routes/routes.py +++ /dev/null @@ -1,6 +0,0 @@ -from fastapi import APIRouter - -from .register import router as register_router - -router = APIRouter() -router.include_router(register_router) |