53 lines
1.4 KiB
Python
53 lines
1.4 KiB
Python
from fastapi import APIRouter, Depends, HTTPException
|
|
from core.database import fake_users_db
|
|
from fastapi.responses import JSONResponse
|
|
from core.auth import create_access_token, create_refresh_token
|
|
from datetime import timedelta
|
|
|
|
router = APIRouter()
|
|
|
|
@router.post("/login-user")
|
|
async def login_user_handler(
|
|
username: str,
|
|
password: str,
|
|
db: Session = Depends(get_db)
|
|
):
|
|
"""Demo login endpoint"""
|
|
user = fake_users_db.get(username)
|
|
if not user or user["password"] != password:
|
|
raise HTTPException(status_code=400, detail="Invalid credentials")
|
|
|
|
access_token = create_access_token(data={"sub": user["id"]})
|
|
refresh_token = create_refresh_token(data={"sub": user["id"]})
|
|
|
|
response = JSONResponse({
|
|
"message": "Login successful",
|
|
"access_token": access_token,
|
|
"refresh_token": refresh_token,
|
|
"token_type": "bearer",
|
|
"expires_in": timedelta(minutes=15)
|
|
})
|
|
|
|
response.set_cookie(
|
|
key="access_token",
|
|
value=access_token,
|
|
httponly=True,
|
|
samesite="strict",
|
|
expires=timedelta(minutes=15)
|
|
)
|
|
response.set_cookie(
|
|
key="refresh_token",
|
|
value=refresh_token,
|
|
httponly=True,
|
|
samesite="strict",
|
|
expires=timedelta(days=30)
|
|
)
|
|
response.set_cookie(
|
|
key="session_id",
|
|
value=user["id"],
|
|
httponly=True,
|
|
samesite="strict",
|
|
expires=timedelta(days=30)
|
|
)
|
|
|
|
return response |