backend/app/routers/auth.py

from fastapi import APIRouter, Depends, HTTPException, status
from sqlalchemy.ext.asyncio import AsyncSession
from sqlalchemy import select
from ..database import get_db
from ..models.user import User
from ..schemas.user import UserCreate, UserLogin, UserResponse, Token
from ..utils.security import get_password_hash, verify_password, create_access_token
from ..services.auth import get_current_user

router = APIRouter(prefix="/api/auth", tags=["auth"])


@router.post("/register", response_model=Token)
async def register(user_data: UserCreate, db: AsyncSession = Depends(get_db)):
    # Check if email exists
    result = await db.execute(select(User).where(User.email == user_data.email))
    if result.scalar_one_or_none():
        raise HTTPException(
            status_code=status.HTTP_400_BAD_REQUEST,
            detail="Email already registered",
        )

    # Check if username exists
    result = await db.execute(select(User).where(User.username == user_data.username))
    if result.scalar_one_or_none():
        raise HTTPException(
            status_code=status.HTTP_400_BAD_REQUEST,
            detail="Username already taken",
        )

    # Create user
    user = User(
        username=user_data.username,
        email=user_data.email,
        password_hash=get_password_hash(user_data.password),
    )
    db.add(user)
    await db.flush()

    # Create token
    access_token = create_access_token(data={"sub": str(user.id)})
    return Token(access_token=access_token)


@router.post("/login", response_model=Token)
async def login(user_data: UserLogin, db: AsyncSession = Depends(get_db)):
    result = await db.execute(select(User).where(User.email == user_data.email))
    user = result.scalar_one_or_none()

    if not user or not verify_password(user_data.password, user.password_hash):
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Invalid email or password",
        )

    access_token = create_access_token(data={"sub": str(user.id)})
    return Token(access_token=access_token)


@router.get("/me", response_model=UserResponse)
async def get_me(current_user: User = Depends(get_current_user)):
    return current_user
init 2025-12-12 13:30:09 +03:00			`from fastapi import APIRouter, Depends, HTTPException, status`
			`from sqlalchemy.ext.asyncio import AsyncSession`
			`from sqlalchemy import select`
			`from ..database import get_db`
			`from ..models.user import User`
			`from ..schemas.user import UserCreate, UserLogin, UserResponse, Token`
			`from ..utils.security import get_password_hash, verify_password, create_access_token`
			`from ..services.auth import get_current_user`

			`router = APIRouter(prefix="/api/auth", tags=["auth"])`


			`@router.post("/register", response_model=Token)`
			`async def register(user_data: UserCreate, db: AsyncSession = Depends(get_db)):`
			`# Check if email exists`
			`result = await db.execute(select(User).where(User.email == user_data.email))`
			`if result.scalar_one_or_none():`
			`raise HTTPException(`
			`status_code=status.HTTP_400_BAD_REQUEST,`
			`detail="Email already registered",`
			`)`

			`# Check if username exists`
			`result = await db.execute(select(User).where(User.username == user_data.username))`
			`if result.scalar_one_or_none():`
			`raise HTTPException(`
			`status_code=status.HTTP_400_BAD_REQUEST,`
			`detail="Username already taken",`
			`)`

			`# Create user`
			`user = User(`
			`username=user_data.username,`
			`email=user_data.email,`
			`password_hash=get_password_hash(user_data.password),`
			`)`
			`db.add(user)`
			`await db.flush()`

			`# Create token`
			`access_token = create_access_token(data={"sub": str(user.id)})`
			`return Token(access_token=access_token)`


			`@router.post("/login", response_model=Token)`
			`async def login(user_data: UserLogin, db: AsyncSession = Depends(get_db)):`
			`result = await db.execute(select(User).where(User.email == user_data.email))`
			`user = result.scalar_one_or_none()`

			`if not user or not verify_password(user_data.password, user.password_hash):`
			`raise HTTPException(`
			`status_code=status.HTTP_401_UNAUTHORIZED,`
			`detail="Invalid email or password",`
			`)`

			`access_token = create_access_token(data={"sub": str(user.id)})`
			`return Token(access_token=access_token)`


			`@router.get("/me", response_model=UserResponse)`
			`async def get_me(current_user: User = Depends(get_current_user)):`
			`return current_user`