derekc
4db9988406
- Users table with email/bcrypt-hashed password; register and login via /auth/ endpoints - JWT tokens (30-day expiry) stored in localStorage; all API routes require Bearer auth - All data (varieties, batches, settings, notification logs) scoped to the authenticated user - Login/register screen overlays the app; sidebar shows user email and logout button - Scheduler sends daily ntfy summaries for every configured user - DB schema rewritten for multi-user; SECRET_KEY added to env Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
34 lines
1.3 KiB
Python
34 lines
1.3 KiB
Python
from fastapi import APIRouter, Depends, HTTPException
|
|
from sqlalchemy.orm import Session
|
|
|
|
from auth import create_access_token, get_current_user, hash_password, verify_password
|
|
from database import get_db
|
|
from models import User
|
|
from schemas import Token, UserCreate, UserLogin, UserOut
|
|
|
|
router = APIRouter(prefix="/auth", tags=["auth"])
|
|
|
|
|
|
@router.post("/register", response_model=UserOut, status_code=201)
|
|
def register(data: UserCreate, db: Session = Depends(get_db)):
|
|
if db.query(User).filter(User.email == data.email).first():
|
|
raise HTTPException(status_code=400, detail="Email already registered")
|
|
user = User(email=data.email, hashed_password=hash_password(data.password))
|
|
db.add(user)
|
|
db.commit()
|
|
db.refresh(user)
|
|
return user
|
|
|
|
|
|
@router.post("/login", response_model=Token)
|
|
def login(data: UserLogin, db: Session = Depends(get_db)):
|
|
user = db.query(User).filter(User.email == data.email).first()
|
|
if not user or not verify_password(data.password, user.hashed_password):
|
|
raise HTTPException(status_code=401, detail="Invalid email or password")
|
|
return {"access_token": create_access_token(user.id), "token_type": "bearer"}
|
|
|
|
|
|
@router.get("/me", response_model=UserOut)
|
|
def me(current_user: User = Depends(get_current_user)):
|
|
return current_user
|