45 lines
1.5 KiB
Python
45 lines
1.5 KiB
Python
from datetime import timedelta
|
|
|
|
from fastapi import APIRouter, HTTPException
|
|
|
|
from app.api.dependencies import LoginDep, SessionDep
|
|
from app.core import security
|
|
from app.core.config import settings
|
|
from app.crud import user_crud
|
|
from app.schemas.user_schemas import Token
|
|
|
|
router = APIRouter(tags=["Dashboard", "Login"])
|
|
|
|
|
|
@router.post("/login/access-token", include_in_schema=settings.is_local_environment, response_model=Token)
|
|
def login_access_token(
|
|
session: SessionDep, form_data: LoginDep
|
|
) -> Token:
|
|
"""
|
|
OAuth2 compatible token login for the dashboard.
|
|
|
|
This endpoint generates an access token required for authenticating future
|
|
requests to the dashboard section of the application. The token is valid for
|
|
a predefined expiration period.
|
|
|
|
- **username**: User's email
|
|
- **password**: User's password
|
|
|
|
**Note:** This login is restricted to dashboard access only and cannot be
|
|
used for tenant accounts access to shops
|
|
"""
|
|
user = None
|
|
user = user_crud.authenticate(
|
|
session=session, email=form_data.username, password=form_data.password, shop_id=None
|
|
)
|
|
if not user:
|
|
raise HTTPException(status_code=400, detail="Incorrect email or password")
|
|
elif not user:
|
|
raise HTTPException(status_code=400, detail="Inactive user")
|
|
access_token_expires = timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
|
|
return Token(
|
|
access_token=security.create_access_token(
|
|
user.id, expires_delta=access_token_expires
|
|
)
|
|
)
|