liumangmang
29 lines
1.1 KiB
Python
29 lines
1.1 KiB
Python
from fastapi import APIRouter, Depends, HTTPException, status
|
|
from sqlalchemy.orm import Session
|
|
from app.database import get_db
|
|
from app.models.admin_user import AdminUser
|
|
from app.schemas.auth import LoginRequest, TokenResponse, UserInfo
|
|
from app.utils.auth import verify_password, create_access_token, get_current_user
|
|
|
|
router = APIRouter(prefix="/api/auth", tags=["auth"])
|
|
|
|
|
|
@router.post("/login", response_model=TokenResponse)
|
|
def login(req: LoginRequest, db: Session = Depends(get_db)):
|
|
user = db.query(AdminUser).filter(AdminUser.email == req.email).first()
|
|
if not user or not verify_password(req.password, user.password_hash):
|
|
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="邮箱或密码错误")
|
|
token = create_access_token(user.email)
|
|
return TokenResponse(access_token=token)
|
|
|
|
|
|
@router.get("/me", response_model=UserInfo)
|
|
def me(current_user: AdminUser = Depends(get_current_user)):
|
|
return UserInfo(email=current_user.email)
|
|
|
|
|
|
@router.post("/logout")
|
|
def logout():
|
|
# JWT is stateless — client discards token
|
|
return {"message": "logged out"}
|