| from app import db |
| from app.user import hashing |
| from app.user.models import User |
| from fastapi import APIRouter, Depends, HTTPException, status |
| from fastapi.security import OAuth2PasswordRequestForm |
| from sqlalchemy.orm import Session |
|
|
| from .jwt import create_access_token |
|
|
| router = APIRouter(tags=["auth"]) |
|
|
|
|
| @router.post("/login") |
| def login( |
| request: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(db.get_db) |
| ): |
| user = db.query(User).filter(User.email == request.username).first() |
|
|
| if not user: |
| raise HTTPException( |
| status_code=status.HTTP_404_NOT_FOUND, detail="Invalid credentials" |
| ) |
| if not hashing.verify_password(request.password, user.password): |
| raise HTTPException( |
| status_code=status.HTTP_404_NOT_FOUND, detail="Incorrect password" |
| ) |
|
|
| access_token = create_access_token(data={"sub": user.email}) |
| return {"access_token": access_token, "token_type": "bearer"} |
|
|
