init

app/api/api_v1.py

@@ -0,0 +1,9 @@
+from fastapi import APIRouter
+
+from app.api.routes import auth, health, users
+
+api_router = APIRouter()
+
+api_router.include_router(health.router, tags=["health"])
+api_router.include_router(auth.router)
+api_router.include_router(users.router)

app/api/deps.py

@@ -0,0 +1,44 @@
+from fastapi import Depends, HTTPException, status
+from fastapi.security import OAuth2PasswordBearer
+from jose import JWTError, jwt
+from sqlalchemy.orm import Session
+
+from app.core.config import get_settings
+from app.core.database import SessionLocal
+from app.crud import user as user_crud
+from app.models.user import User
+
+settings = get_settings()
+
+oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/v1/auth/login")
+
+
+def get_db():
+    db = SessionLocal()
+    try:
+        yield db
+    finally:
+        db.close()
+
+
+def get_current_user(
+    db: Session = Depends(get_db),
+    token: str = Depends(oauth2_scheme),
+) -> User:
+    credentials_exception = HTTPException(
+        status_code=status.HTTP_401_UNAUTHORIZED,
+        detail="Could not validate credentials",
+        headers={"WWW-Authenticate": "Bearer"},
+    )
+    try:
+        payload = jwt.decode(token, settings.SECRET_KEY, algorithms=["HS256"])
+        subject = payload.get("sub")
+        if subject is None:
+            raise credentials_exception
+    except JWTError:
+        raise credentials_exception
+
+    user = user_crud.get_by_email(db, subject)
+    if not user:
+        raise credentials_exception
+    return user

app/api/routes/__init__.py

@@ -0,0 +1,3 @@
+from app.api.routes import auth, health, users
+
+__all__ = ["auth", "health", "users"]

app/api/routes/auth.py

@@ -0,0 +1,31 @@
+from fastapi import APIRouter, Depends, HTTPException, status
+from fastapi.security import OAuth2PasswordRequestForm
+from sqlalchemy.orm import Session
+
+from app.api import deps
+from app.core.security import create_access_token
+from app.crud import user as user_crud
+from app.schemas.token import Token
+from app.schemas.user import UserCreate, UserRead
+
+router = APIRouter(prefix="/auth", tags=["auth"])
+
+
+@router.post("/register", response_model=UserRead, status_code=status.HTTP_201_CREATED)
+def register(user_in: UserCreate, db: Session = Depends(deps.get_db)):
+    existing = user_crud.get_by_email(db, user_in.email)
+    if existing:
+        raise HTTPException(status_code=400, detail="Email already registered")
+    return user_crud.create(db, user_in)
+
+
+@router.post("/login", response_model=Token)
+def login(
+    db: Session = Depends(deps.get_db),
+    form_data: OAuth2PasswordRequestForm = Depends(),
+):
+    user = user_crud.authenticate(db, form_data.username, form_data.password)
+    if not user:
+        raise HTTPException(status_code=400, detail="Incorrect email or password")
+    access_token = create_access_token(subject=user.email)
+    return {"access_token": access_token, "token_type": "bearer"}

app/api/routes/health.py

@@ -0,0 +1,8 @@
+from fastapi import APIRouter
+
+router = APIRouter()
+
+
+@router.get("/health")
+def health_check():
+    return {"status": "ok"}

app/api/routes/users.py

@@ -0,0 +1,12 @@
+from fastapi import APIRouter, Depends
+
+from app.api import deps
+from app.models.user import User
+from app.schemas.user import UserRead
+
+router = APIRouter(prefix="/users", tags=["users"])
+
+
+@router.get("/me", response_model=UserRead)
+def read_users_me(current_user: User = Depends(deps.get_current_user)):
+    return current_user