19 lines
770 B
Python
19 lines
770 B
Python
from fastapi import APIRouter, Depends, HTTPException, status
|
|
from sqlalchemy.orm import Session
|
|
|
|
from auth_utils import verify_password, create_access_token
|
|
from database import get_db
|
|
from models.admin import Admin
|
|
from schemas.admin import LoginRequest, TokenOut
|
|
|
|
router = APIRouter()
|
|
|
|
|
|
@router.post("/login", response_model=TokenOut)
|
|
def login(body: LoginRequest, db: Session = Depends(get_db)):
|
|
admin = db.query(Admin).filter(Admin.username == body.username).first()
|
|
if not admin or not verify_password(body.password, admin.password_hash):
|
|
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid credentials")
|
|
token = create_access_token({"sub": admin.username, "role": admin.role})
|
|
return TokenOut(access_token=token)
|