43 lines
1.2 KiB
Python
43 lines
1.2 KiB
Python
from fastapi import APIRouter
|
|
from shared.firebase import get_db
|
|
from auth.models import LoginRequest, TokenResponse
|
|
from auth.utils import verify_password, create_access_token
|
|
from shared.exceptions import AuthenticationError
|
|
|
|
router = APIRouter(prefix="/api/auth", tags=["auth"])
|
|
|
|
|
|
@router.post("/login", response_model=TokenResponse)
|
|
async def login(body: LoginRequest):
|
|
db = get_db()
|
|
if not db:
|
|
raise AuthenticationError("Service unavailable")
|
|
|
|
users_ref = db.collection("admin_users")
|
|
query = users_ref.where("email", "==", body.email).limit(1).get()
|
|
|
|
if not query:
|
|
raise AuthenticationError("Invalid email or password")
|
|
|
|
doc = query[0]
|
|
user_data = doc.to_dict()
|
|
|
|
if not user_data.get("is_active", True):
|
|
raise AuthenticationError("Account is disabled")
|
|
|
|
if not verify_password(body.password, user_data["hashed_password"]):
|
|
raise AuthenticationError("Invalid email or password")
|
|
|
|
token = create_access_token({
|
|
"sub": doc.id,
|
|
"email": user_data["email"],
|
|
"role": user_data["role"],
|
|
"name": user_data["name"],
|
|
})
|
|
|
|
return TokenResponse(
|
|
access_token=token,
|
|
role=user_data["role"],
|
|
name=user_data["name"],
|
|
)
|