kenard-pc4ogw/endpoints/login-user.post.py
2025-03-21 09:53:07 +01:00

53 lines
1.4 KiB
Python

from fastapi import APIRouter, Depends, HTTPException
from core.database import fake_users_db
from fastapi.responses import JSONResponse
from core.auth import create_access_token, create_refresh_token
from datetime import timedelta
router = APIRouter()
@router.post("/login-user")
async def login_user_handler(
username: str,
password: str,
db: Session = Depends(get_db)
):
"""Demo login endpoint"""
user = fake_users_db.get(username)
if not user or user["password"] != password:
raise HTTPException(status_code=400, detail="Invalid credentials")
access_token = create_access_token(data={"sub": user["id"]})
refresh_token = create_refresh_token(data={"sub": user["id"]})
response = JSONResponse({
"message": "Login successful",
"access_token": access_token,
"refresh_token": refresh_token,
"token_type": "bearer",
"expires_in": timedelta(minutes=15)
})
response.set_cookie(
key="access_token",
value=access_token,
httponly=True,
samesite="strict",
expires=timedelta(minutes=15)
)
response.set_cookie(
key="refresh_token",
value=refresh_token,
httponly=True,
samesite="strict",
expires=timedelta(days=30)
)
response.set_cookie(
key="session_id",
value=user["id"],
httponly=True,
samesite="strict",
expires=timedelta(days=30)
)
return response