52 lines
1.8 KiB
Python
52 lines
1.8 KiB
Python
from fastapi import APIRouter, Depends, HTTPException, Response, status
|
|
from sqlalchemy.orm import Session
|
|
from app import models, schemas
|
|
from app.auth import create_access_token, get_current_user, hash_password, verify_password
|
|
from app.database import get_db
|
|
|
|
router = APIRouter()
|
|
|
|
|
|
@router.post("/register", response_model=schemas.UserOut, status_code=201)
|
|
def register(body: schemas.UserCreate, db: Session = Depends(get_db)) -> models.User:
|
|
if db.query(models.User).filter(models.User.username == body.username).first():
|
|
raise HTTPException(status_code=400, detail="Username already registered")
|
|
if db.query(models.User).filter(models.User.email == body.email).first():
|
|
raise HTTPException(status_code=400, detail="Email already registered")
|
|
user = models.User(
|
|
username=body.username,
|
|
email=body.email,
|
|
hashed_password=hash_password(body.password),
|
|
)
|
|
db.add(user)
|
|
db.commit()
|
|
db.refresh(user)
|
|
return user
|
|
|
|
|
|
@router.post("/login")
|
|
def login(body: schemas.LoginRequest, response: Response, db: Session = Depends(get_db)) -> dict:
|
|
user = db.query(models.User).filter(models.User.username == body.username).first()
|
|
if not user or not verify_password(body.password, user.hashed_password):
|
|
raise HTTPException(status_code=401, detail="Invalid credentials")
|
|
token = create_access_token(user.id)
|
|
response.set_cookie(
|
|
key="access_token",
|
|
value=token,
|
|
httponly=True,
|
|
samesite="lax",
|
|
max_age=3600,
|
|
)
|
|
return {"message": "Logged in"}
|
|
|
|
|
|
@router.post("/logout")
|
|
def logout(response: Response) -> dict:
|
|
response.delete_cookie("access_token")
|
|
return {"message": "Logged out"}
|
|
|
|
|
|
@router.get("/me", response_model=schemas.UserOut)
|
|
def me(current_user: models.User = Depends(get_current_user)) -> models.User:
|
|
return current_user
|