| | """Authentication endpoints.""" |
| |
|
| | from fastapi import APIRouter, HTTPException, Depends |
| |
|
| | from api.schemas import LoginRequest, LoginResponse |
| | from services.database import db_service |
| | from services.auth import auth_service |
| |
|
| | router = APIRouter(tags=["auth"]) |
| |
|
| |
|
| | @router.post("/auth/login", response_model=LoginResponse) |
| | async def login(request: LoginRequest): |
| | """ |
| | Authenticate a user and return a JWT token. |
| | Credentials must be created manually using the create_user.py script. |
| | """ |
| | user = await db_service.get_user(request.username) |
| | if not user: |
| | raise HTTPException(status_code=401, detail="Invalid username or password") |
| |
|
| | hashed_password = user.get("hashed_password") |
| | if not hashed_password: |
| | raise HTTPException(status_code=500, detail="User data corrupted") |
| |
|
| | if not auth_service.verify_password(request.password, hashed_password): |
| | raise HTTPException(status_code=401, detail="Invalid username or password") |
| |
|
| | token = auth_service.create_access_token(request.username) |
| | return { |
| | "token": token, |
| | "username": request.username, |
| | "message": "Login successful", |
| | } |
| |
|
