| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162 |
- # -*- coding: utf-8 -*-
- """用户管理:注册、登录、JWT 签发"""
- from fastapi import APIRouter, Depends, HTTPException
- from pydantic import BaseModel
- from sqlalchemy.orm import Session
- from backend.database import get_db
- from backend.models import User
- from backend.services.auth import create_access_token
- router = APIRouter(prefix="/auth", tags=["认证"])
- class LoginRequest(BaseModel):
- username: str
- password: str
- class RegisterRequest(BaseModel):
- username: str
- password: str
- role: str = "student"
- class TokenResponse(BaseModel):
- access_token: str
- token_type: str = "bearer"
- user_id: int
- username: str
- role: str
- @router.post("/login", response_model=TokenResponse)
- def login(req: LoginRequest, db: Session = Depends(get_db)):
- user = db.query(User).filter(User.username == req.username).first()
- if not user or not user.check_password(req.password):
- raise HTTPException(status_code=401, detail="用户名或密码错误")
- token = create_access_token(data={"sub": str(user.id), "role": user.role})
- return TokenResponse(
- access_token=token,
- user_id=user.id,
- username=user.username,
- role=user.role,
- )
- @router.post("/register", response_model=TokenResponse)
- def register(req: RegisterRequest, db: Session = Depends(get_db)):
- if db.query(User).filter(User.username == req.username).first():
- raise HTTPException(status_code=400, detail="用户名已存在")
- user = User(username=req.username, role=req.role)
- user.set_password(req.password)
- db.add(user)
- db.commit()
- db.refresh(user)
- token = create_access_token(data={"sub": str(user.id), "role": user.role})
- return TokenResponse(
- access_token=token,
- user_id=user.id,
- username=user.username,
- role=user.role,
- )
|