45 lines
1.5 KiB
Python
45 lines
1.5 KiB
Python
# app/routes/auth.py
|
|
"""
|
|
Маршруты API для аутентификации
|
|
"""
|
|
from fastapi import APIRouter, HTTPException, Depends
|
|
from fastapi.security import HTTPBasic, HTTPBasicCredentials
|
|
from app.database import db
|
|
import bcrypt
|
|
|
|
router = APIRouter()
|
|
security = HTTPBasic()
|
|
|
|
@router.post("/login")
|
|
async def login(credentials: HTTPBasicCredentials = Depends(security)):
|
|
"""Аутентификация менеджера"""
|
|
try:
|
|
result = db.execute_query(
|
|
"SELECT manager_id, username, password_hash, full_name FROM managers WHERE username = %s AND is_active = TRUE",
|
|
(credentials.username,)
|
|
)
|
|
|
|
if not result:
|
|
raise HTTPException(status_code=401, detail="Invalid credentials")
|
|
|
|
manager = dict(result[0])
|
|
stored_hash = manager['password_hash']
|
|
|
|
# Проверка пароля
|
|
if bcrypt.checkpw(credentials.password.encode('utf-8'), stored_hash.encode('utf-8')):
|
|
return {
|
|
"manager_id": manager['manager_id'],
|
|
"username": manager['username'],
|
|
"full_name": manager['full_name'],
|
|
"authenticated": True
|
|
}
|
|
else:
|
|
raise HTTPException(status_code=401, detail="Invalid credentials")
|
|
|
|
except Exception as e:
|
|
raise HTTPException(status_code=500, detail=str(e))
|
|
|
|
@router.get("/verify")
|
|
async def verify_token():
|
|
"""Проверка валидности токена"""
|
|
return {"verified": True}
|