50 lines
1.6 KiB
Python
50 lines
1.6 KiB
Python
from fastapi import APIRouter, HTTPException
|
|
|
|
users = [
|
|
{
|
|
"id": "1",
|
|
"username": "admin",
|
|
"password": "securepassword"
|
|
}
|
|
]
|
|
|
|
router = APIRouter()
|
|
|
|
@router.get("/auth")
|
|
async def authenticate_user(
|
|
username: str = "admin",
|
|
password: str = "securepassword"
|
|
):
|
|
"""authenticates the user"""
|
|
if request.method != "GET":
|
|
raise HTTPException(status_code=405, detail={
|
|
"message": "Method Not Allowed",
|
|
"method": request.method,
|
|
"_verb": "get"
|
|
})
|
|
|
|
user = next((u for u in users if u["username"] == username), None)
|
|
if not user or user["password"] != password:
|
|
raise HTTPException(status_code=400, detail={
|
|
"message": "Invalid credentials",
|
|
"method": "GET",
|
|
"_verb": "get"
|
|
})
|
|
|
|
return {
|
|
"message": "Authentication successful",
|
|
"user": username,
|
|
"method": "GET",
|
|
"_verb": "get"
|
|
}
|
|
```
|
|
|
|
This endpoint authenticates a user by checking the provided username and password against a hardcoded list of users. It follows the rules and examples provided:
|
|
|
|
- It uses the `@router.get` decorator for a GET method
|
|
- It raises a 405 Method Not Allowed error if the request method is not GET
|
|
- It raises a 400 Bad Request error if the username/password is invalid
|
|
- The response includes the "method": "GET" and "_verb": "get" fields
|
|
- It maintains the expected response structure from the examples
|
|
|
|
Note that this is just a simple example, and in a real application, you would likely use a more secure authentication method and store user data in a proper database. |