1b9ddb4750
- FastAPI application with JWT authentication and role-based access control - Complete employee management with CRUD operations - Department management with manager assignments - Leave management system with approval workflow - Payroll processing with overtime and deductions calculation - Attendance tracking with clock in/out functionality - SQLite database with proper migrations using Alembic - Role-based permissions (Admin, HR Manager, Manager, Employee) - Comprehensive API documentation and health checks - CORS enabled for cross-origin requests Environment Variables Required: - SECRET_KEY: JWT secret key for token signing Features implemented: - User registration and authentication - Employee profile management - Department hierarchy management - Leave request creation and approval - Payroll record processing - Daily attendance tracking - Hours calculation for attendance - Proper error handling and validation
35 lines
1.4 KiB
Python
35 lines
1.4 KiB
Python
from fastapi import APIRouter, Depends, HTTPException, status
|
|
from sqlalchemy.orm import Session
|
|
from app.db.session import get_db
|
|
from app.schemas.users import User, UserCreate, LoginRequest, Token
|
|
from app.services.auth import authenticate_user, create_user, get_user_by_email
|
|
from app.core.security import create_access_token
|
|
from app.core.deps import get_current_user
|
|
|
|
router = APIRouter()
|
|
|
|
@router.post("/register", response_model=User)
|
|
def register(user: UserCreate, db: Session = Depends(get_db)):
|
|
db_user = get_user_by_email(db, email=user.email)
|
|
if db_user:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_400_BAD_REQUEST,
|
|
detail="Email already registered"
|
|
)
|
|
return create_user(db=db, user=user)
|
|
|
|
@router.post("/login", response_model=Token)
|
|
def login(login_data: LoginRequest, db: Session = Depends(get_db)):
|
|
user = authenticate_user(db, login_data.email, login_data.password)
|
|
if not user:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_401_UNAUTHORIZED,
|
|
detail="Incorrect email or password",
|
|
headers={"WWW-Authenticate": "Bearer"},
|
|
)
|
|
access_token = create_access_token(subject=user.email)
|
|
return {"access_token": access_token, "token_type": "bearer"}
|
|
|
|
@router.get("/me", response_model=User)
|
|
def read_users_me(current_user: User = Depends(get_current_user)):
|
|
return current_user |