1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
from fastapi import APIRouter, Depends, HTTPException
from fastapi.security import OAuth2PasswordRequestForm
from sqlalchemy.ext.asyncio import AsyncSession
from app.utils.logger_cfg import logger
from app.auth.jwt import create_access_token, create_refresh_token
from app.models.user import User
from app.utils.db import get_async_session
from app.utils.hash_cfg import verify_password
router = APIRouter(tags=["auth"])
@router.post("/login")
async def login(
form_data: OAuth2PasswordRequestForm = Depends(),
session: AsyncSession = Depends(get_async_session),
):
user = await User.get_user_by_email(form_data.username, session=session)
if not user:
user = await User.get_user_by_username(form_data.username, session=session)
if not user or not verify_password(form_data.password, user.password):
logger.warning("Login failed | username/email={}", form_data.username)
raise HTTPException(status_code=401, detail="Invalid credentials")
access_token = create_access_token({"sub": str(user.id)})
refresh_token = create_refresh_token({"sub": str(user.id)})
logger.info("User logged in | id={} username={}", user.id, user.username)
return {
"access_token": access_token,
"refresh_token": refresh_token,
"token_type": "bearer",
}
|
