51 lines
1.3 KiB
Python
51 lines
1.3 KiB
Python
from fastapi import APIRouter, Depends, HTTPException
|
|
from core.database import fake_users_db
|
|
from fastapi.responses import JSONResponse
|
|
from core.auth import create_access_token, create_refresh_token
|
|
from datetime import timedelta
|
|
|
|
router = APIRouter()
|
|
|
|
@router.post("/login-user")
|
|
async def login_user_handler(
|
|
username: str,
|
|
password: str,
|
|
db: Session = Depends(get_db)
|
|
):
|
|
"""Login user and set access, refresh and session cookies"""
|
|
user = fake_users_db.get(username)
|
|
if not user or user["password"] != password:
|
|
raise HTTPException(status_code=400, detail="Invalid credentials")
|
|
|
|
access_token = create_access_token(user["id"])
|
|
refresh_token = create_refresh_token(user["id"])
|
|
|
|
response = JSONResponse({
|
|
"message": "Login successful",
|
|
"user_id": user["id"],
|
|
"username": username
|
|
})
|
|
|
|
response.set_cookie(
|
|
key="access_token",
|
|
value=access_token,
|
|
httponly=True,
|
|
max_age=1800,
|
|
expires=1800
|
|
)
|
|
response.set_cookie(
|
|
key="refresh_token",
|
|
value=refresh_token,
|
|
httponly=True,
|
|
max_age=604800,
|
|
expires=604800
|
|
)
|
|
response.set_cookie(
|
|
key="session_id",
|
|
value=user["id"],
|
|
httponly=True,
|
|
max_age=604800,
|
|
expires=604800
|
|
)
|
|
|
|
return response |