48 lines
1.5 KiB
Python
48 lines
1.5 KiB
Python
"""Auth API:POST /api/auth/login、GET /api/auth/me。"""
|
||
from fastapi import APIRouter, Depends, HTTPException
|
||
from pydantic import BaseModel
|
||
from sqlalchemy.ext.asyncio import AsyncSession
|
||
|
||
from app.database import get_db
|
||
from app.deps import get_current_user
|
||
from app.models import User
|
||
from app.services.auth_service import (
|
||
get_user_by_username,
|
||
verify_password,
|
||
create_access_token,
|
||
)
|
||
|
||
router = APIRouter()
|
||
|
||
|
||
class LoginBody(BaseModel):
|
||
username: str
|
||
password: str
|
||
|
||
|
||
class LoginResponse(BaseModel):
|
||
access_token: str
|
||
token_type: str = "bearer"
|
||
|
||
|
||
@router.post("/login", response_model=LoginResponse)
|
||
async def login(body: LoginBody, db: AsyncSession = Depends(get_db)):
|
||
user = await get_user_by_username(db, body.username)
|
||
if not user or not verify_password(body.password, user.password_hash):
|
||
raise HTTPException(status_code=401, detail="用户名或密码错误")
|
||
if not user.is_active:
|
||
raise HTTPException(status_code=403, detail="账号已禁用")
|
||
token = create_access_token(subject=user.username)
|
||
return LoginResponse(access_token=token, token_type="bearer")
|
||
|
||
|
||
@router.get("/me")
|
||
async def me(current_user: User = Depends(get_current_user)):
|
||
return {
|
||
"id": str(current_user.id),
|
||
"username": current_user.username,
|
||
"role": current_user.role,
|
||
"is_active": current_user.is_active,
|
||
"created_at": current_user.created_at.isoformat() if current_user.created_at else None,
|
||
}
|