backend.im/userauthenticationservice-5yrx1t
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
userauthenticationservice-5.../app/routes/auth.py
Automated Action 50b3fc513b Implement FastAPI user authentication service with MongoDB 
- Set up FastAPI application with MongoDB Motor driver
- Implemented user registration, login, and logout with HTTP-only cookies
- Added JWT token authentication and password hashing
- Created user management endpoints for username updates and password changes
- Structured application with proper separation of concerns (models, schemas, services, routes)
- Added CORS configuration and health endpoints
- Documented API endpoints and environment variables in README
2025-06-20 14:19:13 +00:00

70 lines
2.5 KiB
Python
Raw Blame History

from fastapi import APIRouter, HTTPException, status, Response, Depends
from fastapi.responses import JSONResponse
from datetime import timedelta
from app.schemas.user import UserCreate, UserLogin, UserResponse, Message
from app.services.user_service import user_service
from app.utils.security import create_access_token, ACCESS_TOKEN_EXPIRE_MINUTES
from app.utils.dependencies import get_current_active_user
from app.models.user import UserInDB
router = APIRouter()
@router.post("/register", response_model=UserResponse, status_code=status.HTTP_201_CREATED)
async def register(user_data: UserCreate):
user = await user_service.create_user(user_data)
if not user:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="Email or username already registered"
)
return UserResponse(
id=str(user.id),
email=user.email,
username=user.username,
is_active=user.is_active,
created_at=user.created_at,
updated_at=user.updated_at
)
@router.post("/login", response_model=Message)
async def login(user_credentials: UserLogin, response: Response):
user = await user_service.authenticate_user(user_credentials.email, user_credentials.password)
if not user:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Incorrect email or password"
)
access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
access_token = create_access_token(
data={"sub": user.email}, expires_delta=access_token_expires
)
response.set_cookie(
key="access_token",
value=access_token,
max_age=ACCESS_TOKEN_EXPIRE_MINUTES * 60,
httponly=True,
secure=False, # Set to True in production with HTTPS
samesite="lax"
)
return {"message": "Login successful"}
@router.post("/logout", response_model=Message)
async def logout(response: Response, current_user: UserInDB = Depends(get_current_active_user)):
response.delete_cookie(key="access_token")
return {"message": "Logout successful"}
@router.get("/me", response_model=UserResponse)
async def get_current_user_info(current_user: UserInDB = Depends(get_current_active_user)):
return UserResponse(
id=str(current_user.id),
email=current_user.email,
username=current_user.username,
is_active=current_user.is_active,
created_at=current_user.created_at,
updated_at=current_user.updated_at
)
Reference in New Issue View Git Blame Copy Permalink