initial commit

app/api/auth.py

@@ -0,0 +1,49 @@
+from datetime import timedelta
+
+from fastapi import APIRouter, Depends, HTTPException, status
+from sqlalchemy.orm import Session
+
+from ..dependencies import (
+    get_password_hash,
+    verify_password,
+    create_access_token,
+)
+from ..db import get_db
+from ..models import User, UserRole
+from ..schemas import UserCreate, UserOut, UserLogin, Token
+from ..config import settings
+
+
+router = APIRouter()
+
+
+@router.post("/register", response_model=UserOut)
+def register(payload: UserCreate, db: Session = Depends(get_db)):
+    existing = db.query(User).filter(User.email == payload.email).first()
+    if existing:
+        raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail="Email already registered")
+    user = User(email=payload.email, password_hash=get_password_hash(payload.password), role=UserRole.USER)
+    db.add(user)
+    db.commit()
+    db.refresh(user)
+    return user
+
+
+@router.post("/login", response_model=Token)
+def login(payload: UserLogin, db: Session = Depends(get_db)):
+    user = db.query(User).filter(User.email == payload.email).first()
+    if not user or not verify_password(payload.password, user.password_hash):
+        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Incorrect email or password")
+
+    access_token_expires = timedelta(minutes=settings.access_token_expire_minutes)
+    token = create_access_token(subject=user.email, expires_delta=access_token_expires)
+    return Token(access_token=token, expires_in=int(access_token_expires.total_seconds()))
+
+
+@router.post("/fcm-token")
+def update_fcm_token(token: str, db: Session = Depends(get_db)):
+    # Simple public endpoint to store FCM tokens is unsafe; should be authed in real app.
+    # For MVP keep it simple via query/body param with email association at login step.
+    return {"ok": True}
+
+