auth_router.py 1.8 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162
  1. # -*- coding: utf-8 -*-
  2. """用户管理:注册、登录、JWT 签发"""
  3. from fastapi import APIRouter, Depends, HTTPException
  4. from pydantic import BaseModel
  5. from sqlalchemy.orm import Session
  6. from backend.database import get_db
  7. from backend.models import User
  8. from backend.services.auth import create_access_token
  9. router = APIRouter(prefix="/auth", tags=["认证"])
  10. class LoginRequest(BaseModel):
  11. username: str
  12. password: str
  13. class RegisterRequest(BaseModel):
  14. username: str
  15. password: str
  16. role: str = "student"
  17. class TokenResponse(BaseModel):
  18. access_token: str
  19. token_type: str = "bearer"
  20. user_id: int
  21. username: str
  22. role: str
  23. @router.post("/login", response_model=TokenResponse)
  24. def login(req: LoginRequest, db: Session = Depends(get_db)):
  25. user = db.query(User).filter(User.username == req.username).first()
  26. if not user or not user.check_password(req.password):
  27. raise HTTPException(status_code=401, detail="用户名或密码错误")
  28. token = create_access_token(data={"sub": str(user.id), "role": user.role})
  29. return TokenResponse(
  30. access_token=token,
  31. user_id=user.id,
  32. username=user.username,
  33. role=user.role,
  34. )
  35. @router.post("/register", response_model=TokenResponse)
  36. def register(req: RegisterRequest, db: Session = Depends(get_db)):
  37. if db.query(User).filter(User.username == req.username).first():
  38. raise HTTPException(status_code=400, detail="用户名已存在")
  39. user = User(username=req.username, role=req.role)
  40. user.set_password(req.password)
  41. db.add(user)
  42. db.commit()
  43. db.refresh(user)
  44. token = create_access_token(data={"sub": str(user.id), "role": user.role})
  45. return TokenResponse(
  46. access_token=token,
  47. user_id=user.id,
  48. username=user.username,
  49. role=user.role,
  50. )