Update code in endpoints/login-user.post.py

endpoints/login-user.post.py

@@ -12,40 +12,42 @@ async def login_user_handler(
     password: str,
     db: Session = Depends(get_db)
 ):
-    """Login user and set access, refresh and session cookies"""
+    """Demo login endpoint"""
     user = fake_users_db.get(username)
     if not user or user["password"] != password:
         raise HTTPException(status_code=400, detail="Invalid credentials")
-    
-    access_token = create_access_token(user["id"])
-    refresh_token = create_refresh_token(user["id"])
-    
+
+    access_token = create_access_token(data={"sub": user["id"]})
+    refresh_token = create_refresh_token(data={"sub": user["id"]})
+
     response = JSONResponse({
         "message": "Login successful",
-        "user_id": user["id"],
-        "username": username
+        "access_token": access_token,
+        "refresh_token": refresh_token,
+        "token_type": "bearer",
+        "expires_in": timedelta(minutes=15)
     })
-    
+
     response.set_cookie(
         key="access_token",
         value=access_token,
         httponly=True,
-        max_age=1800,
-        expires=1800
+        samesite="strict",
+        expires=timedelta(minutes=15)
     )
     response.set_cookie(
         key="refresh_token",
         value=refresh_token,
         httponly=True,
-        max_age=604800,
-        expires=604800
+        samesite="strict",
+        expires=timedelta(days=30)
     )
     response.set_cookie(
         key="session_id",
         value=user["id"],
         httponly=True,
-        max_age=604800,
-        expires=604800
+        samesite="strict",
+        expires=timedelta(days=30)
     )
-    
+
     return response