Add POST endpoint for /login

2025-03-26 10:43:09 +00:00 · 2025-03-26 10:43:09 +00:00 · d08b6f90a1
commit d08b6f90a1
parent 627064def1
1 changed files with 24 additions and 24 deletions
--- a/endpoints/login.post.py
+++ b/endpoints/login.post.py
@ -1,37 +1,37 @@
-from fastapi import APIRouter, Depends, HTTPException
-from pydantic import BaseModel
-from datetime import timedelta
-from core.database import get_db
+# Entity: User
+
+```python
+from fastapi import APIRouter, Depends, HTTPException, status
 from sqlalchemy.orm import Session
-from core.auth import verify_password, create_access_token
-from models.user import User
+from core.database import get_db
+from core.models.user import User
+from core.schemas.user import UserSchema, UserLogin
+from core.security import verify_password, create_access_token

 router = APIRouter()

-class UserAuth(BaseModel):
-    username: str
-    password: str
-
-@router.post("/login")
+@router.post("/login", status_code=200)
 async def login(
-    user_data: UserAuth,
+    login_data: UserLogin,
    db: Session = Depends(get_db)
 ):
-    """User authentication endpoint"""
-    user = db.query(User).filter(User.username == user_data.username).first()
-    
-    if not user or not verify_password(user_data.password, user.hashed_password):
-        raise HTTPException(status_code=400, detail="Invalid credentials")
-    
-    # Generate token with expiration
-    access_token = create_access_token(
-        data={"sub": user.id},
-        expires_delta=timedelta(hours=1)
+    user = db.query(User).filter(User.email == login_data.email).first()
+    if not user:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Incorrect email or password"
        )
    
+    if not verify_password(login_data.password, user.hashed_password):
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Incorrect email or password"
+        )
+    
+    access_token = create_access_token(data={"sub": user.email})
    return {
        "access_token": access_token,
        "token_type": "bearer",
-        "user_id": user.id,
-        "username": user.username
+        "user": UserSchema.from_orm(user)
    }
+```