# User Authentication Service

A professional and reliable user authentication service built with FastAPI and SQLite. This service provides a secure authentication flow with JWT tokens, including refresh token functionality.

## Features

- User registration and login
- JWT-based authentication with access and refresh tokens
- Password hashing with bcrypt
- User profile management
- Role-based access control (superuser and regular user)
- Health check endpoint
- Alembic migrations
- SQLite database

## Project Structure

```
.
├── alembic.ini
├── app
│   ├── api
│   │   ├── deps.py
│   │   ├── endpoints
│   │   │   ├── auth.py
│   │   │   └── users.py
│   │   └── api.py
│   ├── core
│   │   ├── config.py
│   │   └── security.py
│   ├── db
│   │   ├── base.py
│   │   ├── base_class.py
│   │   └── session.py
│   ├── models
│   │   └── user.py
│   ├── schemas
│   │   ├── token.py
│   │   └── user.py
│   ├── services
│   │   └── user.py
│   └── storage
│       └── db
├── main.py
├── migrations
│   ├── env.py
│   ├── README
│   ├── script.py.mako
│   └── versions
│       └── 001_create_user_table.py
└── requirements.txt
```

## Getting Started

### Prerequisites

- Python 3.8 or higher

### Installation

1. Clone the repository
```bash
git clone <repository-url>
cd userauthenticationservice
```

2. Install dependencies
```bash
pip install -r requirements.txt
```

3. Run the migrations
```bash
alembic upgrade head
```

4. Start the server
```bash
uvicorn main:app --reload
```

## API Documentation

Once the server is running, you can access the API documentation at:

- Swagger UI: http://localhost:8000/docs
- ReDoc: http://localhost:8000/redoc

## API Endpoints

### Authentication

- `POST /api/v1/auth/register` - Register a new user
- `POST /api/v1/auth/login` - Login and get tokens
- `POST /api/v1/auth/refresh-token` - Refresh access token

### Users

- `GET /api/v1/users/me` - Get current user profile
- `PUT /api/v1/users/me` - Update current user profile
- `GET /api/v1/users/{user_id}` - Get user by ID (superuser only)

### Health Check

- `GET /health` - Service health check

## Security

- Passwords are hashed using bcrypt
- Authentication is handled via JWT tokens
- Access tokens expire after 30 minutes
- Refresh tokens expire after 7 days
- CORS protection is enabled

## Development

For development, you can run the server with auto-reload:

```bash
uvicorn main:app --reload
```