50 lines
1.8 KiB
Python
50 lines
1.8 KiB
Python
from datetime import timedelta
|
|
|
|
from fastapi import APIRouter, Depends, HTTPException, status
|
|
from sqlalchemy.orm import Session
|
|
|
|
from ..dependencies import (
|
|
get_password_hash,
|
|
verify_password,
|
|
create_access_token,
|
|
)
|
|
from ..db import get_db
|
|
from ..models import User, UserRole
|
|
from ..schemas import UserCreate, UserOut, UserLogin, Token
|
|
from ..config import settings
|
|
|
|
|
|
router = APIRouter()
|
|
|
|
|
|
@router.post("/register", response_model=UserOut)
|
|
def register(payload: UserCreate, db: Session = Depends(get_db)):
|
|
existing = db.query(User).filter(User.email == payload.email).first()
|
|
if existing:
|
|
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail="Email already registered")
|
|
user = User(email=payload.email, password_hash=get_password_hash(payload.password), role=UserRole.USER)
|
|
db.add(user)
|
|
db.commit()
|
|
db.refresh(user)
|
|
return user
|
|
|
|
|
|
@router.post("/login", response_model=Token)
|
|
def login(payload: UserLogin, db: Session = Depends(get_db)):
|
|
user = db.query(User).filter(User.email == payload.email).first()
|
|
if not user or not verify_password(payload.password, user.password_hash):
|
|
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Incorrect email or password")
|
|
|
|
access_token_expires = timedelta(minutes=settings.access_token_expire_minutes)
|
|
token = create_access_token(subject=user.email, expires_delta=access_token_expires)
|
|
return Token(access_token=token, expires_in=int(access_token_expires.total_seconds()))
|
|
|
|
|
|
@router.post("/fcm-token")
|
|
def update_fcm_token(token: str, db: Session = Depends(get_db)):
|
|
# Simple public endpoint to store FCM tokens is unsafe; should be authed in real app.
|
|
# For MVP keep it simple via query/body param with email association at login step.
|
|
return {"ok": True}
|
|
|
|
|