From e2134243ae3707fa492d63e2fc68ac72f451f425 Mon Sep 17 00:00:00 2001
From: Automated Action <action@example.com>
Date: Thu, 12 Jun 2025 18:27:55 +0000
Subject: [PATCH] Update login endpoint to use JSON request body instead of
 form data

---
 app/api/v1/endpoints/auth.py | 25 ++++++++-----------------
 app/schemas/token.py         |  9 +++++++--
 2 files changed, 15 insertions(+), 19 deletions(-)

diff --git a/app/api/v1/endpoints/auth.py b/app/api/v1/endpoints/auth.py
index e139542..c37fe20 100644
--- a/app/api/v1/endpoints/auth.py
+++ b/app/api/v1/endpoints/auth.py
@@ -2,7 +2,6 @@ from datetime import timedelta
 from typing import Any
 
 from fastapi import APIRouter, Depends, HTTPException, status
-from fastapi.security import OAuth2PasswordRequestForm
 from sqlalchemy.orm import Session
 
 from app import crud, schemas
@@ -14,15 +13,11 @@ router = APIRouter()
 
 
 @router.post("/login", response_model=schemas.Token)
-def login_access_token(
-    db: Session = Depends(get_db), form_data: OAuth2PasswordRequestForm = Depends()
-) -> Any:
+def login_access_token(login_data: schemas.LoginRequest, db: Session = Depends(get_db)) -> Any:
     """
-    OAuth2 compatible token login, get an access token for future requests
+    JSON-based token login, get an access token for future requests
     """
-    user = crud.user.authenticate(
-        db, email=form_data.username, password=form_data.password
-    )
+    user = crud.user.authenticate(db, email=login_data.email, password=login_data.password)
     if not user:
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
@@ -30,14 +25,10 @@ def login_access_token(
             headers={"WWW-Authenticate": "Bearer"},
         )
     elif not crud.user.is_active(user):
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST, detail="Inactive user"
-        )
+        raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail="Inactive user")
     access_token_expires = timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
     return {
-        "access_token": create_access_token(
-            user.id, expires_delta=access_token_expires
-        ),
+        "access_token": create_access_token(user.id, expires_delta=access_token_expires),
         "token_type": "bearer",
     }
 
@@ -57,13 +48,13 @@ def register_user(
             status_code=status.HTTP_400_BAD_REQUEST,
             detail="A user with this email already exists",
         )
-    
+
     username_exists = crud.user.get_by_username(db, username=user_in.username)
     if username_exists:
         raise HTTPException(
             status_code=status.HTTP_400_BAD_REQUEST,
             detail="A user with this username already exists",
         )
-    
+
     user = crud.user.create(db, obj_in=user_in)
-    return user
\ No newline at end of file
+    return user
diff --git a/app/schemas/token.py b/app/schemas/token.py
index 69541e2..4c6f2b6 100644
--- a/app/schemas/token.py
+++ b/app/schemas/token.py
@@ -1,6 +1,6 @@
 from typing import Optional
 
-from pydantic import BaseModel
+from pydantic import BaseModel, EmailStr, Field
 
 
 class Token(BaseModel):
@@ -9,4 +9,9 @@ class Token(BaseModel):
 
 
 class TokenPayload(BaseModel):
-    sub: Optional[int] = None
\ No newline at end of file
+    sub: Optional[int] = None
+
+
+class LoginRequest(BaseModel):
+    email: EmailStr
+    password: str = Field(..., min_length=8)