Initial import

2026-03-05 14:27:30 +00:00
commit bcbf9155d7
26 changed files with 841 additions and 0 deletions
--- a/backend/api/init.py
+++ b/backend/api/init.py
--- a/backend/api/deps.py
+++ b/backend/api/deps.py
@@ -0,0 +1,36 @@
+import jwt
+from fastapi import Depends, HTTPException, status
+from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
+from sqlalchemy import select
+from sqlalchemy.ext.asyncio import AsyncSession
+
+from core.security import decode_access_token
+from database.models import User
+from database.session import get_db
+
+_bearer_scheme = HTTPBearer()
+
+
+async def get_current_user(
+    credentials: HTTPAuthorizationCredentials = Depends(_bearer_scheme),
+    db: AsyncSession = Depends(get_db),
+) -> User:
+    credentials_exception = HTTPException(
+        status_code=status.HTTP_401_UNAUTHORIZED,
+        detail="Could not validate credentials",
+        headers={"WWW-Authenticate": "Bearer"},
+    )
+
+    try:
+        user_id_str = decode_access_token(credentials.credentials)
+        user_id = int(user_id_str)
+    except (jwt.PyJWTError, ValueError):
+        raise credentials_exception
+
+    result = await db.execute(select(User).where(User.id == user_id))
+    user: User | None = result.scalar_one_or_none()
+
+    if user is None:
+        raise credentials_exception
+
+    return user
--- a/backend/api/routers/init.py
+++ b/backend/api/routers/init.py
--- a/backend/api/routers/auth.py
+++ b/backend/api/routers/auth.py
@@ -0,0 +1,41 @@
+from fastapi import APIRouter, Depends, HTTPException, status
+from sqlalchemy import select
+from sqlalchemy.ext.asyncio import AsyncSession
+
+from core.security import create_access_token, hash_password, verify_password
+from database.models import User
+from database.session import get_db
+from schemas.user import TokenResponse, UserLoginRequest, UserRegisterRequest, UserResponse
+
+router = APIRouter(prefix="/api/auth", tags=["auth"])
+
+
+@router.post("/register", response_model=UserResponse, status_code=status.HTTP_201_CREATED)
+async def register(body: UserRegisterRequest, db: AsyncSession = Depends(get_db)) -> User:
+    result = await db.execute(select(User).where(User.email == body.email))
+    if result.scalar_one_or_none() is not None:
+        raise HTTPException(
+            status_code=status.HTTP_409_CONFLICT,
+            detail="User with this email already exists",
+        )
+
+    user = User(email=body.email, hashed_password=hash_password(body.password))
+    db.add(user)
+    await db.commit()
+    await db.refresh(user)
+    return user
+
+
+@router.post("/login", response_model=TokenResponse)
+async def login(body: UserLoginRequest, db: AsyncSession = Depends(get_db)) -> TokenResponse:
+    result = await db.execute(select(User).where(User.email == body.email))
+    user: User | None = result.scalar_one_or_none()
+
+    if user is None or not verify_password(body.password, user.hashed_password):
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Invalid email or password",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+
+    return TokenResponse(access_token=create_access_token(subject=user.id))