from fastapi import APIRouter, Depends, HTTPException from fastapi.security import OAuth2PasswordRequestForm from sqlalchemy.orm import Session from pydantic import BaseModel from app.database import get_db from app.models.models import User from app.auth import get_password_hash, verify_password, create_access_token, get_current_user router = APIRouter() class UserCreate(BaseModel): username: str email: str password: str class Token(BaseModel): access_token: str token_type: str @router.post("/register") def register(user: UserCreate, db: Session = Depends(get_db)): if db.query(User).filter(User.username == user.username).first(): raise HTTPException(status_code=400, detail="Username already exists") if db.query(User).filter(User.email == user.email).first(): raise HTTPException(status_code=400, detail="Email already exists") db_user = User( username=user.username, email=user.email, hashed_password=get_password_hash(user.password) ) db.add(db_user) db.commit() db.refresh(db_user) return {"message": "User created successfully"} @router.post("/login", response_model=Token) def login(form_data: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(get_db)): user = db.query(User).filter(User.username == form_data.username).first() if not user or not verify_password(form_data.password, user.hashed_password): raise HTTPException(status_code=401, detail="Incorrect username or password") if user.is_banned: raise HTTPException(status_code=403, detail="Ваш аккаунт заблокирован") access_token = create_access_token(data={"sub": user.username}) return {"access_token": access_token, "token_type": "bearer"} @router.get("/me") def get_current_user_info(current_user: User = Depends(get_current_user)): return { "id": current_user.id, "username": current_user.username, "email": current_user.email, "is_admin": current_user.is_admin, "is_owner": current_user.is_owner }