40 lines
1.3 KiB
Python
40 lines
1.3 KiB
Python
"""Auth endpoints: login, refresh (rotation), logout, and current-user."""
|
|
|
|
from fastapi import APIRouter, status
|
|
|
|
from app.api.deps import AuthServiceDep, CurrentUser
|
|
from app.api.schemas.auth import LoginRequest, RefreshRequest, TokenResponse
|
|
from app.api.schemas.user import UserResponse
|
|
from app.domain.tokens import TokenPair
|
|
|
|
router = APIRouter(prefix="/auth", tags=["auth"])
|
|
|
|
|
|
def _to_token_response(pair: TokenPair) -> TokenResponse:
|
|
return TokenResponse(
|
|
access_token=pair.access.encoded,
|
|
refresh_token=pair.refresh.encoded,
|
|
)
|
|
|
|
|
|
@router.post("/login", response_model=TokenResponse)
|
|
async def login(body: LoginRequest, auth: AuthServiceDep) -> TokenResponse:
|
|
pair = await auth.login(body.username, body.password)
|
|
return _to_token_response(pair)
|
|
|
|
|
|
@router.post("/refresh", response_model=TokenResponse)
|
|
async def refresh(body: RefreshRequest, auth: AuthServiceDep) -> TokenResponse:
|
|
pair = await auth.refresh(body.refresh_token)
|
|
return _to_token_response(pair)
|
|
|
|
|
|
@router.post("/logout", status_code=status.HTTP_204_NO_CONTENT)
|
|
async def logout(body: RefreshRequest, auth: AuthServiceDep) -> None:
|
|
await auth.logout(body.refresh_token)
|
|
|
|
|
|
@router.get("/me", response_model=UserResponse)
|
|
async def me(user: CurrentUser) -> UserResponse:
|
|
return UserResponse.from_entity(user)
|