27 lines
927 B
Python
27 lines
927 B
Python
from fastapi import APIRouter, Depends, HTTPException, status
|
|
from fastapi.security import OAuth2PasswordRequestForm
|
|
from app.core import security
|
|
from app.core.config import settings
|
|
from pydantic import BaseModel
|
|
|
|
router = APIRouter()
|
|
|
|
class Token(BaseModel):
|
|
access_token: str
|
|
token_type: str
|
|
|
|
@router.post("/login", response_model=Token)
|
|
async def login(form_data: OAuth2PasswordRequestForm = Depends()):
|
|
# Simple admin check - in a real app, query a User table
|
|
if form_data.username == "admin" and form_data.password == settings.ADMIN_PASSWORD:
|
|
access_token = security.create_access_token(
|
|
data={"sub": form_data.username}
|
|
)
|
|
return {"access_token": access_token, "token_type": "bearer"}
|
|
|
|
raise HTTPException(
|
|
status_code=status.HTTP_401_UNAUTHORIZED,
|
|
detail="Incorrect username or password",
|
|
headers={"WWW-Authenticate": "Bearer"},
|
|
)
|