|
| 1 | +from fastapi import APIRouter, Depends, HTTPException, Request, Response, status |
| 2 | +from sqlalchemy.ext.asyncio import AsyncSession |
| 3 | + |
| 4 | +from app.api.v1.deps import require_login |
| 5 | +from app.db.session import get_db |
| 6 | +from app.schemas.auth import ( |
| 7 | + AccessTokenResp, |
| 8 | + AuthResp, |
| 9 | + ChangePasswordReq, |
| 10 | + EmailCheckReq, |
| 11 | + EmailValidateReq, |
| 12 | + EmailValidateResp, |
| 13 | + EmailVerifyReq, |
| 14 | + LoginReq, |
| 15 | + RegisterReq, |
| 16 | + ResetPasswordReq, |
| 17 | + UserInfo, |
| 18 | +) |
| 19 | +from app.schemas.common import SuccessResponse |
| 20 | +from app.services import auth as auth_service |
| 21 | + |
| 22 | +router = APIRouter(prefix="/auth", tags=["Auth"]) |
| 23 | + |
| 24 | + |
| 25 | +@router.post("/email", response_model=SuccessResponse[None]) |
| 26 | +async def check_email( |
| 27 | + body: EmailCheckReq, |
| 28 | + db: AsyncSession = Depends(get_db), |
| 29 | +) -> SuccessResponse[None]: |
| 30 | + await auth_service.check_email_duplicate(db, body.email) |
| 31 | + return SuccessResponse(data=None) |
| 32 | + |
| 33 | + |
| 34 | +@router.post("/email/verify", response_model=SuccessResponse[None]) |
| 35 | +async def verify_email( |
| 36 | + body: EmailVerifyReq, |
| 37 | + db: AsyncSession = Depends(get_db), |
| 38 | +) -> SuccessResponse[None]: |
| 39 | + await auth_service.send_verification_code(db, body.email) |
| 40 | + return SuccessResponse(data=None) |
| 41 | + |
| 42 | + |
| 43 | +@router.post("/email/validate", response_model=SuccessResponse[EmailValidateResp]) |
| 44 | +async def validate_email( |
| 45 | + body: EmailValidateReq, |
| 46 | + db: AsyncSession = Depends(get_db), |
| 47 | +) -> SuccessResponse[EmailValidateResp]: |
| 48 | + token = await auth_service.validate_verification_code(db, body.email, body.code) |
| 49 | + return SuccessResponse(data=EmailValidateResp(verificationToken=token)) |
| 50 | + |
| 51 | + |
| 52 | +@router.post("/user", response_model=SuccessResponse[AuthResp]) |
| 53 | +async def register( |
| 54 | + body: RegisterReq, |
| 55 | + response: Response, |
| 56 | + db: AsyncSession = Depends(get_db), |
| 57 | +) -> SuccessResponse[AuthResp]: |
| 58 | + user, access_token, refresh_token = await auth_service.register(db, body) |
| 59 | + response.set_cookie( |
| 60 | + key="refresh_token", |
| 61 | + value=refresh_token, |
| 62 | + httponly=True, |
| 63 | + samesite="lax", |
| 64 | + ) |
| 65 | + return SuccessResponse( |
| 66 | + data=AuthResp( |
| 67 | + user=UserInfo(id=str(user.id), userRole=user.role), |
| 68 | + token=access_token, |
| 69 | + ) |
| 70 | + ) |
| 71 | + |
| 72 | + |
| 73 | +@router.get("/token", response_model=SuccessResponse[AccessTokenResp]) |
| 74 | +async def refresh_token(request: Request) -> SuccessResponse[AccessTokenResp]: |
| 75 | + token = request.cookies.get("refresh_token") |
| 76 | + if not token: |
| 77 | + raise HTTPException( |
| 78 | + status_code=status.HTTP_401_UNAUTHORIZED, |
| 79 | + detail="리프레시 토큰이 없습니다.", |
| 80 | + ) |
| 81 | + access_token = auth_service.refresh_access_token(token) |
| 82 | + return SuccessResponse(data=AccessTokenResp(accessToken=access_token)) |
| 83 | + |
| 84 | + |
| 85 | +@router.post("/user/session", response_model=SuccessResponse[AuthResp]) |
| 86 | +async def login( |
| 87 | + body: LoginReq, |
| 88 | + response: Response, |
| 89 | + db: AsyncSession = Depends(get_db), |
| 90 | +) -> SuccessResponse[AuthResp]: |
| 91 | + user, access_token, refresh_token = await auth_service.login(db, body) |
| 92 | + response.set_cookie( |
| 93 | + key="refresh_token", |
| 94 | + value=refresh_token, |
| 95 | + httponly=True, |
| 96 | + samesite="lax", |
| 97 | + ) |
| 98 | + return SuccessResponse( |
| 99 | + data=AuthResp( |
| 100 | + user=UserInfo(id=str(user.id), userRole=user.role), |
| 101 | + token=access_token, |
| 102 | + ) |
| 103 | + ) |
| 104 | + |
| 105 | + |
| 106 | +@router.delete("/user/session", response_model=SuccessResponse[None]) |
| 107 | +async def logout( |
| 108 | + response: Response, |
| 109 | + _user_id: str = Depends(require_login), |
| 110 | +) -> SuccessResponse[None]: |
| 111 | + response.delete_cookie(key="refresh_token", httponly=True, samesite="lax") |
| 112 | + return SuccessResponse(data=None) |
| 113 | + |
| 114 | + |
| 115 | +@router.patch("/password", response_model=SuccessResponse[None]) |
| 116 | +async def change_password( |
| 117 | + body: ChangePasswordReq, |
| 118 | + db: AsyncSession = Depends(get_db), |
| 119 | + user_id: str = Depends(require_login), |
| 120 | +) -> SuccessResponse[None]: |
| 121 | + await auth_service.change_password(db, user_id, body.oldPassword, body.newPassword) |
| 122 | + return SuccessResponse(data=None) |
| 123 | + |
| 124 | + |
| 125 | +@router.post("/password", response_model=SuccessResponse[None]) |
| 126 | +async def reset_password( |
| 127 | + body: ResetPasswordReq, |
| 128 | + db: AsyncSession = Depends(get_db), |
| 129 | +) -> SuccessResponse[None]: |
| 130 | + await auth_service.reset_password(db, body) |
| 131 | + return SuccessResponse(data=None) |
0 commit comments