From 7e41576035cd9f0004255a7490e6691c6d989ff6 Mon Sep 17 00:00:00 2001
From: tycfuvgibhoinjok <aneuhmanh@gmail.com>
Date: Tue, 31 Mar 2026 13:46:18 +0300
Subject: add jwt

---
 app/routes/__init__.py | 12 ++++++++++++
 app/routes/auth.py     | 37 +++++++++++++++++++++++++++++++++++++
 app/routes/me.py       | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
 app/routes/register.py |  2 +-
 app/routes/routes.py   |  6 ------
 5 files changed, 98 insertions(+), 7 deletions(-)
 create mode 100644 app/routes/auth.py
 create mode 100644 app/routes/me.py
 delete mode 100644 app/routes/routes.py

(limited to 'app/routes')

diff --git a/app/routes/__init__.py b/app/routes/__init__.py
index e69de29..383ef66 100644
--- a/app/routes/__init__.py
+++ b/app/routes/__init__.py
@@ -0,0 +1,12 @@
+from fastapi import APIRouter
+
+from .auth import router as auth_router
+from .me import router as me_router
+from .register import router as register_router
+
+router = APIRouter()
+
+router.include_router(register_router, prefix="/auth")
+router.include_router(auth_router, prefix="/auth")
+
+router.include_router(me_router)
diff --git a/app/routes/auth.py b/app/routes/auth.py
new file mode 100644
index 0000000..aa68c52
--- /dev/null
+++ b/app/routes/auth.py
@@ -0,0 +1,37 @@
+from fastapi import APIRouter, Depends, HTTPException
+from fastapi.security import OAuth2PasswordRequestForm
+from sqlalchemy.ext.asyncio import AsyncSession
+
+from app.utils.logger_cfg import logger
+
+from app.auth.jwt import create_access_token, create_refresh_token
+from app.models.user import User
+from app.utils.db import get_async_session
+from app.utils.hash_cfg import verify_password
+
+router = APIRouter(tags=["auth"])
+
+
+@router.post("/login")
+async def login(
+    form_data: OAuth2PasswordRequestForm = Depends(),
+    session: AsyncSession = Depends(get_async_session),
+):
+    user = await User.get_user_by_email(form_data.username, session=session)
+    if not user:
+        user = await User.get_user_by_username(form_data.username, session=session)
+
+    if not user or not verify_password(form_data.password, user.password):
+        logger.warning("Login failed | username/email={}", form_data.username)
+        raise HTTPException(status_code=401, detail="Invalid credentials")
+
+    access_token = create_access_token({"sub": str(user.id)})
+    refresh_token = create_refresh_token({"sub": str(user.id)})
+
+    logger.info("User logged in | id={} username={}", user.id, user.username)
+
+    return {
+        "access_token": access_token,
+        "refresh_token": refresh_token,
+        "token_type": "bearer",
+    }
diff --git a/app/routes/me.py b/app/routes/me.py
new file mode 100644
index 0000000..a09453c
--- /dev/null
+++ b/app/routes/me.py
@@ -0,0 +1,48 @@
+from fastapi import APIRouter, Depends, HTTPException
+from fastapi.security import OAuth2PasswordBearer
+from sqlalchemy.ext.asyncio import AsyncSession
+
+from app.auth.jwt import decode_token
+from app.models.user import User
+from app.utils.db import get_async_session
+from app.utils.logger_cfg import logger
+
+router = APIRouter()
+oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/auth/login")
+
+
+@router.get("/me")
+async def read_current_user(
+    token: str = Depends(oauth2_scheme),
+    session: AsyncSession = Depends(get_async_session),
+):
+
+    if not token:
+        logger.warning("No token provided in /me request")
+        raise HTTPException(status_code=401, detail="Unauthorized")
+
+    try:
+        payload = decode_token(token)
+        user_id = int(payload.get("sub"))
+        user = await User.get_user_by_id(user_id, session=session)
+
+        if not user:
+            logger.warning("User not found in /me | id={}", user_id)
+            raise HTTPException(status_code=404, detail="User not found")
+
+        logger.info("User accessed /me | id={} username={}", user.id, user.username)
+
+        user_data = {
+            "id": user.id,
+            "username": user.username,
+            "email": user.email,
+            "premium": user.premium,
+            "is_banned": user.is_banned,
+            "is_moderator": user.is_moderator,
+        }
+        logger.debug("Returning /me data: {}", user_data)
+        return user_data
+
+    except ValueError as e:
+        logger.warning("Invalid token in /me request: {}", e)
+        raise HTTPException(status_code=401, detail="Invalid token")
diff --git a/app/routes/register.py b/app/routes/register.py
index 0134c56..fb8ec3d 100644
--- a/app/routes/register.py
+++ b/app/routes/register.py
@@ -11,7 +11,7 @@ from app.utils.db import get_async_session
 from app.utils.hash_cfg import hash_password
 from app.utils.logger_cfg import logger
 
-router = APIRouter(prefix="/auth", tags=["auth"])
+router = APIRouter(tags=["auth"])
 
 
 @router.post("/register", response_model=UserRead)
diff --git a/app/routes/routes.py b/app/routes/routes.py
deleted file mode 100644
index 7db7ec4..0000000
--- a/app/routes/routes.py
+++ /dev/null
@@ -1,6 +0,0 @@
-from fastapi import APIRouter
-
-from .register import router as register_router
-
-router = APIRouter()
-router.include_router(register_router)
-- 
cgit v1.3-3-g829e