From 9d4664109b5e39c508e4a1950fcc417ad60384b9 Mon Sep 17 00:00:00 2001 From: Backend IM Bot Date: Thu, 27 Mar 2025 16:40:06 +0000 Subject: [PATCH] Add POST endpoint for /login --- endpoints/login.post.py | 47 +++++++++++++++++------------------------ 1 file changed, 19 insertions(+), 28 deletions(-) diff --git a/endpoints/login.post.py b/endpoints/login.post.py index a8ab4aa..8a53ee9 100644 --- a/endpoints/login.post.py +++ b/endpoints/login.post.py @@ -1,37 +1,28 @@ -from fastapi import APIRouter, Depends, HTTPException -from pydantic import BaseModel -from datetime import timedelta -from core.database import get_db +# Entity: User + +from fastapi import APIRouter, Depends, HTTPException, status from sqlalchemy.orm import Session -from core.auth import verify_password, create_access_token +from core.database import get_db from models.user import User +from schemas.user import UserSchema, UserLogin +from helpers.user_helpers import authenticate_user +from core.security import create_access_token router = APIRouter() -class UserAuth(BaseModel): - username: str - password: str - -@router.post("/login") +@router.post("/login", status_code=200) async def login( - user_data: UserAuth, + login_data: UserLogin, db: Session = Depends(get_db) ): - """User authentication endpoint""" - user = db.query(User).filter(User.username == user_data.username).first() + """Authenticate user and return access token""" + user = authenticate_user(db, login_data.username, login_data.password) + if not user: + raise HTTPException( + status_code=status.HTTP_401_UNAUTHORIZED, + detail="Incorrect username or password", + headers={"WWW-Authenticate": "Bearer"}, + ) - if not user or not verify_password(user_data.password, user.hashed_password): - raise HTTPException(status_code=400, detail="Invalid credentials") - - # Generate token with expiration - access_token = create_access_token( - data={"sub": user.id}, - expires_delta=timedelta(hours=1) - ) - - return { - "access_token": access_token, - "token_type": "bearer", - "user_id": user.id, - "username": user.username - } + access_token = create_access_token(data={"sub": user.username}) + return {"access_token": access_token, "token_type": "bearer"} \ No newline at end of file