diff --git a/endpoints/login.post.py b/endpoints/login.post.py index a8ab4aa..7a15381 100644 --- a/endpoints/login.post.py +++ b/endpoints/login.post.py @@ -1,37 +1,35 @@ -from fastapi import APIRouter, Depends, HTTPException -from pydantic import BaseModel -from datetime import timedelta -from core.database import get_db +from fastapi import APIRouter, Depends, HTTPException, status from sqlalchemy.orm import Session -from core.auth import verify_password, create_access_token +from typing import List +from core.database import get_db from models.user import User +from schemas.user import UserSchema, UserLogin +from helpers.user_helpers import authenticate_user, create_access_token router = APIRouter() -class UserAuth(BaseModel): - username: str - password: str - -@router.post("/login") +@router.post("/login", status_code=200) async def login( - user_data: UserAuth, + user_data: UserLogin, db: Session = Depends(get_db) ): - """User authentication endpoint""" - user = db.query(User).filter(User.username == user_data.username).first() + user = authenticate_user(db, user_data.email, user_data.password) + if not user: + raise HTTPException( + status_code=status.HTTP_401_UNAUTHORIZED, + detail="Incorrect email or password", + headers={"WWW-Authenticate": "Bearer"}, + ) - if not user or not verify_password(user_data.password, user.hashed_password): - raise HTTPException(status_code=400, detail="Invalid credentials") - - # Generate token with expiration access_token = create_access_token( - data={"sub": user.id}, - expires_delta=timedelta(hours=1) + data={ + "sub": user.email, + "fullname": user.fullname + } ) return { "access_token": access_token, "token_type": "bearer", - "user_id": user.id, - "username": user.username - } + "fullname": user.fullname + } \ No newline at end of file