feat: auth & admin

2026-06-03 10:40:00 +03:00
parent 4bca90a50e
commit 93199a3095
34 changed files with 1634 additions and 119 deletions
@@ -0,0 +1,39 @@
+"""Auth endpoints: login, refresh (rotation), logout, and current-user."""
+
+from fastapi import APIRouter, status
+
+from app.api.deps import AuthServiceDep, CurrentUser
+from app.api.schemas.auth import LoginRequest, RefreshRequest, TokenResponse
+from app.api.schemas.user import UserResponse
+from app.domain.tokens import TokenPair
+
+router = APIRouter(prefix="/auth", tags=["auth"])
+
+
+def _to_token_response(pair: TokenPair) -> TokenResponse:
+    return TokenResponse(
+        access_token=pair.access.encoded,
+        refresh_token=pair.refresh.encoded,
+    )
+
+
+@router.post("/login", response_model=TokenResponse)
+async def login(body: LoginRequest, auth: AuthServiceDep) -> TokenResponse:
+    pair = await auth.login(body.username, body.password)
+    return _to_token_response(pair)
+
+
+@router.post("/refresh", response_model=TokenResponse)
+async def refresh(body: RefreshRequest, auth: AuthServiceDep) -> TokenResponse:
+    pair = await auth.refresh(body.refresh_token)
+    return _to_token_response(pair)
+
+
+@router.post("/logout", status_code=status.HTTP_204_NO_CONTENT)
+async def logout(body: RefreshRequest, auth: AuthServiceDep) -> None:
+    await auth.logout(body.refresh_token)
+
+
+@router.get("/me", response_model=UserResponse)
+async def me(user: CurrentUser) -> UserResponse:
+    return UserResponse.from_entity(user)