login and logout functionality

Author: mmiqball

backend/app/middleware/auth.py

@@ -0,0 +1,51 @@
+import logging
+from fastapi import Depends, HTTPException, Security
+from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
+import firebase_admin.auth
+from ..services.implementations.user_service import UserService
+from ..utilities.db_utils import get_db
+
+security = HTTPBearer()
+logger = logging.getLogger(__name__)
+
+async def get_current_user(
+    credentials: HTTPAuthorizationCredentials = Security(security),
+    db = Depends(get_db)
+):
+    """
+    Validates the authorization token and returns the current user
+    """
+    try:
+        # Remove 'Bearer ' prefix
+        token = credentials.credentials
+        logger.info(f"Attempting to verify token: {token[:20]}...")
+        
+        # Verify the token with Firebase
+        decoded_token = firebase_admin.auth.verify_id_token(token)
+        logger.info(f"Decoded token UID: {decoded_token.get('uid')}")
+        
+        # Get user from database using Firebase UID
+        user_service = UserService(db)
+        user = user_service.get_user_id_by_auth_id(decoded_token['uid'])
+        
+        if not user:
+            logger.error(f"No user found for auth_id: {decoded_token['uid']}")
+            raise HTTPException(
+                status_code=401,
+                detail="User not found in database"
+            )
+            
+        return user
+        
+    except firebase_admin.auth.InvalidIdTokenError as e:
+        logger.error(f"Invalid token: {str(e)}")
+        raise HTTPException(
+            status_code=401,
+            detail=f"Invalid token: {str(e)}"
+        )
+    except Exception as e:
+        logger.error(f"Authentication error: {str(e)}")
+        raise HTTPException(
+            status_code=401,
+            detail=str(e)
+        )

backend/app/routes/auth.py

@@ -4,6 +4,7 @@
 from ..services.implementations.auth_service import AuthService
 from ..services.implementations.user_service import UserService
 from ..utilities.db_utils import get_db
+from ..middleware.auth import get_current_user
 import logging
 
 router = APIRouter(prefix="/auth", tags=["auth"])
@@ -12,9 +13,23 @@ def get_auth_service(db: Session = Depends(get_db)):
     logger = logging.getLogger(__name__)
     return AuthService(logger=logger, user_service=UserService(db))
 
+
 @router.post("/login", response_model=AuthResponse)
 async def login(
     credentials: LoginRequest, 
     auth_service: AuthService = Depends(get_auth_service)
 ):
-    return auth_service.generate_token(credentials.email, credentials.password)
+    return auth_service.generate_token(credentials.email, credentials.password)
+
+
+@router.post("/logout")
+async def logout(
+    current_user = Depends(get_current_user),
+    auth_service: AuthService = Depends(get_auth_service)
+):
+    try:
+        auth_service.revoke_tokens(current_user.id)
+        return {"message": "Successfully logged out"}
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=str(e))
+

backend/app/utilities/firebase_rest_client.py

@@ -63,7 +63,10 @@ def sign_in_with_password(self, email, password):
 
             raise Exception("Failed to sign-in via Firebase REST API")
 
-        return Token(response_json["idToken"], response_json["refreshToken"])
+        return Token(
+            access_token=response_json["idToken"],
+            refresh_token=response_json["refreshToken"]
+        )
 
     # docs: https://firebase.google.com/docs/reference/rest/auth/#section-sign-in-with-oauth-credential
     def sign_in_with_google(self, id_token):