From bd3e055edda987121c9245a8b6a1124d91424da6 Mon Sep 17 00:00:00 2001
From: Backend IM Bot <bot@backend.im>
Date: Tue, 11 Mar 2025 13:43:05 +0000
Subject: [PATCH] feat: Update endpoint login

---
 app/api/endpoints/login.py | 44 ++++++++++++++++++++++++++++++++++----
 1 file changed, 40 insertions(+), 4 deletions(-)

diff --git a/app/api/endpoints/login.py b/app/api/endpoints/login.py
index 6ed4dac..226c940 100644
--- a/app/api/endpoints/login.py
+++ b/app/api/endpoints/login.py
@@ -1,7 +1,43 @@
-from fastapi import APIRouter
+from fastapi import APIRouter, Depends, HTTPException, status
+from fastapi.security import OAuth2PasswordRequestForm
+from sqlalchemy.orm import Session
+from typing import Optional
+
+from models import User
+from schemas import UserCreate, Token
+from utils import get_db, authenticate_user, create_access_token
 
 router = APIRouter()
 
-@router.post("/login")
-async def login(username: str, password: str):
-    return {"message": "User logged in successfully", "username": username}
\ No newline at end of file
+@router.post("/login", response_model=Token)
+async def login(form_data: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(get_db)):
+    """
+    Authenticate a user and return an access token
+    """
+    user = authenticate_user(db, form_data.username, form_data.password)
+    if not user:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Incorrect username or password",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+    access_token = create_access_token(data={"sub": user.username})
+    return {"access_token": access_token, "token_type": "bearer"}
+
+@router.post("/signup", response_model=Token, status_code=status.HTTP_201_CREATED)
+async def signup(user_data: UserCreate, db: Session = Depends(get_db)):
+    """
+    Create a new user and return an access token
+    """
+    existing_user = db.query(User).filter(User.username == user_data.username).first()
+    if existing_user:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Username already exists",
+        )
+    new_user = User(**user_data.dict())
+    db.add(new_user)
+    db.commit()
+    db.refresh(new_user)
+    access_token = create_access_token(data={"sub": new_user.username})
+    return {"access_token": access_token, "token_type": "bearer"}
\ No newline at end of file